FIbre Support

Get expert support with your Fibre connection.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

VPN split tunneling issue on Sagecom FAST5364

bartosim
Popular Poster
Message 6 of 6

Hi - new to TalkTalk and so far impressed with speed and service.  I have one issue - for the support team to look into when they have some time.  My VPN services (OpenVPN and ZenMate) connect point to point correctly but will not then connect to any internet site or service.  After much testing, resetting and researching I believe this is a common issue and due to TalkTalk's use of Barefruit DNS interception/ error replacement software that causes issues with split tunnel VPNs (ones that route all traffic through the vpn).  I am now on FAST5364 router firmware SG4K10002816t, with google DNS servers specified, factory reset and rebooted many times.  I have also tried the error replacement service opt out link https://www.talktalk.co.uk/optout/  with no luck.  Methinks this needs new router firmware or a different router.  Any help much appreciated.

0 Likes
5 REPLIES 5

Message 1 of 6

Hi bartosim,

 

Thanks for the update, glad to hear it's working now


Chris

Message 2 of 6

UPDATE - I did some testing with different routers yesterday and the problem persisted which suggests it is not a specific FAST5364 router software problem.  This morning I retried opting out of the TalkTalk/Barefruit error replacement service again using the link   http://www.talktalk.co.uk/optout  while logged into my TalkTalk account and the VPN started working again in split tunneling mode on the FAST5364 router.   Maybe a coincidence but it looks like it is an issue with the TalkTalk error replacement service interfering with DNS requests and the optout may not always work.  Will  monitor to see if this stays in place if I start a new session.  

0 Likes

Message 3 of 6

Hi bartosim,

 

I'm not sure if you can do this or not so I'll ask our product team to take a look. I'll let you know when I get an update


Chris

0 Likes

Message 4 of 6

Thank you for looking into this.  I confirm that the issue is both with a wired connection and a wifi connection  (I always prefer wired connections). 

I have done some more testing today and can confirm that a simple point to point connection from my home out to a third party VPN provider does now work.  The problem is when I try to connect from outside my house back into my own VPN server running on my home network.   The VPN service connects OK (which shows the port forwarding rule in the router is set up correctly) and I am able to access devices on my home network (which shows there is not a hardware problem).  However with the VPN link established, I cannot then access anything outside my home network on the internet (VPN split tunneling) and receive a site cannot be reached or page timeout error.  I have tried this on two different OpenVPN servers (a DD-WRT one and a Raspberry Pi one) and both exhibit the same behaviour.  In both cases I used VPN options to Redirect Default Gateway (to enable split tunneling) and have tried with firewall and IPtable rules both on and off.   

I suspect this is a router software/ network issue rather than a hardware issue as the same setup worked perfectly with previous ISPs before my switch to TalkTalk .  Possible causes are the router is not permitting outbound traffic on the same VPN connection as inbound traffic or the DNS servers are not responding correctly to a DNS request that comes from a source a further network step away from the router. 

The rest of the router functions and broadband link seem rock steady.  

0 Likes

Michelle-TalkTalk
Support Team
Message 5 of 6

Hi bartosim,

 

Sorry for the delay. This router and firmware should work ok with VPN. Could I just confirm, does this happen if you connect wired and wireless?

 

Thanks

 

0 Likes