Comment on Tailscale blocked on hotel wifi
r00ty@kbin.life 2 months ago
I mean, while they can block most things, to give people a usable experience they're going to allow http and https traffic through, and they can't really proxy https because of the TLS layer.
So for universal chance of success, running openvpn tcp over port 443 is the most likely to get past this level of bad. I guess they could block suspicious traffic in the session before TLS is established (in order to block certain domains). OpenVPN does support traversing a proxy, but it might only work if you specify it. If their network sets a proxy via DHCP, maybe you could see that and work around it.
I did have fun working around an ex gf's university network many years ago to get a VPN running over it. They were very, very serious about blocking non-standard services. A similar "through" the proxy method was the last resort they didn't seem to bother trying to stop.
sem@lemmy.blahaj.zone 2 months ago
What can you do if the school has a whitelist of domains they accept HTTPS (443) connections for?
r00ty@kbin.life 2 months ago
That's got to be extremely rare. Not much you can do in that case. But they will hit many problems with that approach.
sem@lemmy.blahaj.zone 2 months ago
I will try to investigate further, but for instance if you go to ducksuckgo.com, it says something like “this website is not on our whitelist, let us know if you think you need access.” It’s very annoying, so I avoid the WiFi when I can.