cancel
Showing results for 
Search instead for 
Did you mean: 

VPN works "sometimes" but it's not latency related. HELP!

Boywhocouldfly
Freshman

VPN works "sometimes" but it's not latency related. HELP!

So I bought this service through DISH, the sales rep should be selling used cars covered in snake-oil, he told me the only thing it wouldn't do was online gaming and said VPNs would work, but just have latency or be slow. my issue is that Hughes Net appears to be an unsecured connection. there's something called "TLS 1.1" that Hughes uses that no other ISPs seem to use, it's not secured and my VPNS and occasional websights get blocked because of it. I can't turn on TLS 1.1 in my browser becasue my company blocks it as it's not secure. any tips or work arounds? like I said, latency isn't the issue, it's the unsecured connection that this ISP provides but it does not seem to happen with DSL, Cable, cell-teathering, etc.

Tags (2)
8 REPLIES 8
MarkJFine
Associate Professor

Re: VPN works "sometimes" but it's not latency related. HELP!

a. TLS 1.1 is as secure as it is essentially the new term for openssl. Should be updated to 1.2, but I won't quabble.

b. Every blessed thing on the internet uses TLS now. When you go to a website using https, it's using TLS over port 8080. When you log into something, it's using TLS. I don't understand the statement that nobody uses TLS.

c. VPNs over HughesNet have worked excellent in the past. I've used it when I had to access my work account. Are you sure that your VPN software (is it Cisco?) is correctly configured?


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
Boywhocouldfly
Freshman

Re: VPN works "sometimes" but it's not latency related. HELP!

Sorry, what I meant was nothing uses TLS 1.1, all of my computers have the TLS 1.1 box unchecked and everything has always worked. But now on hughesnet, it wants me to check the box allowing TLS 1.1 and that is forbidden by my IT policy and my virus/firewall software as it is seen as "not secure". Yes, we are using Cisco VPN
MarkJFine
Associate Professor

Re: VPN works "sometimes" but it's not latency related. HELP!

I don't understand "it wants me to check the box allowing TLS 1.1". TLS is just a potential security transport layer. You don't have to use it. Either there's some other setting that needs to be set. Take a look under transport. Should be something that says "Enable transparent tunelling", and "IPSec over UDP (NAT/PAT)".


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
MarkJFine
Associate Professor

Re: VPN works "sometimes" but it's not latency related. HELP!

And then I just realised...

 

Wait... Your IT guys says TLS is insecure, but running wide open with no encrytion is secure?
<needs that image of Jackie Chan with hands waving, saying... wut?>


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
Boywhocouldfly
Freshman

Re: VPN works "sometimes" but it's not latency related. HELP!

Ok, now I might be getting somewhere. It's just TLS 1.1 that I can't enable. 1.2, 1.3, etc are enabled and ok. But it appears that Hughes net uses TLs 1.1. I'll see if I can find "transport" , is that in browser settings?
GabeU
Distinguished Professor IV

Re: VPN works "sometimes" but it's not latency related. HELP!

@Boywhocouldfly

 

I don't use a VPN, and wouldn't even know how if I needed to, but I can tell you that from reading posts on here, both from customers and reps, and talking about this a while back with someone who has a LOT more knowledge than I about computer systems, a VPN may work with HughesNet, but if it does it will most likely be considerably slower than normal, and that's if it works at all.  Basically there's no guarantee that it will even work.  

 

Again, this is what I've read on here from both customers and reps, not my own experience.  

 

Edit:  I also forgot to say that what the sales rep said about online gaming was only partially correct.  Fast paced games, like an FPS, will have too much lag, if they even work, but turn based games are normally fine.  The latency is the issue.  

 

2nd Edit:  From Hughesnet themselves...  https://support.hughesnet.com/support-articles/can-i-run-vpn-over-hughesnet

   


Ryzen 5 3400G | MSI B450M Pro-M2 MAX | 16GB Corsair Vengeance DDR4 3000 | XPG SX8200 Pro 512GB NVMe | Windows 10 Pro
Boywhocouldfly
Freshman

Re: VPN works "sometimes" but it's not latency related. HELP!

OK, so here's the actual message I'm getting, I probably should have led with this;

 

Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting  again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4 (link for the details), which is not considered secure. Please contact your site administrator

 

and I DID get it working by dissabling web accelleration in the Hughesnet control at the request of Hughes tech support. but it only worked for the day then stopped working. so, any ideas anyone? if someone can make this thing work, I will send you cash.

MarkJFine
Associate Professor

Re: VPN works "sometimes" but it's not latency related. HELP!

Edit the connection you're trying to establish in Cisco. There should be a Transport tab. That Transport tab should have the options I mentioned - IPSec via UDP (NAT/PAT).

 

If your IT guy says TLS 1.2 or nothing, please disable 1.0 and 1.1, and leave 1.2 on. You should know that these are modules that are part of the Cisco app and HughesNet has nothing to do with this. If you were able to operate without them before, your Cisco application may or may not have all of the appropriate TLS versions properly installed. Cisco executes the transmission layer on your computer and does a handshake with the server on the other end - not Hughes.

 

If disabling web acceleration works. I would recommend leaving it off. The extra proxy is probably not helping you.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.