I was on another country with my work laptop. I connected my Beryl via ethernet in foreign country. Then I activated VPN-Client on my Beryl, where the VPN was in my home country. I connected my laptop to Beryl Wi-Fi. I verified the VPN was working and my IP address was in my home country.
Network:
Foreign-Country-Modem --> Beryl ---> VPN-Client home country. Work laptop connected to Beryl.
I even selected the option to always route all traffic via VPN only, even if it's not working. (I forgot the exact name of the option).
Anyway, after all of this, I get an email from security that they tracked my IP address from a foreign country.
I still can't figure out how they know... The only explanation I can think of is Beryl leaked the IP address when VPN connection failed, during re-connect, or something.
Is this a known issue or anyone heard of something like this?
If it is a work supplied PC, it may have all sorts of tools loaded on it to track the device.
Are there any other WIFI access points that your work laptop could see? It is possible to find your location just by the looking at other nearby WIFI access points. See:
There are many ways to track the location of a laptop. The Beryl leaking is only one possibility. It is why I warn people that a VPN is not a perfect solution to hiding your location.
Hi @eric, thanks a lot for your reply. Yes, I did connect to a Wi-Fi and there were other local SSIDs. So yes, initially I thought that was the issue.
However, the email from security kept pointing out to my IP address being from outside my home country. So that makes me think they didn't go far enough to for Wi-Fi positioning.
And yes, this laptop has crazy amount of security software. Even so, I'm in tech, and I cannot see a single way any of these programs could find out I'm outside my home country given I've connected to Beryl with a "kill switch: VPN or nothing" enabled. My laptop has no other way of accessing the internet beside that single Wi-Fi SSID. And supposedly, that single Wi-Fi SSID has no way of accessing the internet besides going through the VPN.
So once again, I'm coming back to the only conclusion that makes sense, Beryl leaked the IP address even with that kill switch enabled.
@HalfLife Beryl was connected via Ethernet. My laptop conected to Beryl via Wi-Fi.
I have not seen what you are reporting. That said most of my experience with 3.x or generic OpenWRT firmware. In older GL iNet models, I have not been happy with my 4.x testing, so I don't run it in production. You may want to share what firmware you are running on the MT1300.
I think I know what happened. How is your ovpn server hosted? Is it via Beryl device also? Have you run a dns leak test to confirm your dns isn’t leaking?
What has your experience been? I'm still convinced it wasn't due to WiFi, Bluetooth, etc. I still think it was a DNS/VPN leak because they did mention Why is your laptop IP address pinging from xxx country?
So see, nowhere in your vpn server setup I see that you are pushing dns down to client. So, unless you added following lines in your ovpn client file, you were using your local isp dns in foreign country which got you flagged.
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 1.0.0.1"
push "redirect-gateway def1"
Are you still in foreign country or back in USA? Go to this website and run DNS Leak Test. Do you see servers in USA or Foreign country?
You need to get to WireGuard if you want to keep things simple as it does this by default. Unfortunately, I also have to use OpenVPN sometimes as I have inseego routers that have OpenVPN clients on them.
Ah gotcha, that makes sense! Back in USA now. My ovpn config did not have those options. So maybe that's exactly what happened. I did several tests and it seemed to have been working as expected. If I remember correctly, I even did a DNS leak test somewhere? I can't fully remember. My theory was during disconnect/reconnect, Beryl might have resorted to local internet, thus, leaking it.
Either way, I've placed an order for TP-Link AX55 just now. It has WireGuard server support, so from now on, I'll be using that. Thanks for the suggestion!
And also, I never said I was in USA prior but you're absolutely right to assume that. Sounds like something Americans would do lol.
There are a couple of things that might be going on. One is that OpenVPN appends the DNS server of the server to whatever is there already. You need to set it to use the OpenVPN server exclusively, or use it first and only if there is no response to fall back on what it has.
The other is how your laptop is connecting. For example, if you use your laptop to connect to the Beryl, you then instruct it to connect to the internet and then start the OpenVPN client, for a time your laptop is pulling the ISP DNS server. You have to at the least restart your laptop after the Beryl is up, and then still might have to flish the DNS caches up and down the chain.
For example, if you connect to a VPN server in France, and then go to Netflix, Netflix will show you the most popular movies in France, but it will still only show you content licensed in the US. They know.
Perfect! Now on your client Beryl, be sure to “block” any non-vpn traffic,
Also, be sure the file you export from WG server has DNS specified. Also, don’t use DNS like AdGuard that has servers in Canada also. Preferably use DNA of local ISP in USA.
