Hi,

not sure where else to post this. For a while now, I’ve unsuccessfully been trying to get WireGuard to work with Crunchyroll.

Setup is as follows:

  • dedicated server hosts a wg-quick instance in [neighboring country]
  • OPNSense acts as peer on a single IP
  • I have a rule for routing the entire traffic of some source device via that IP

This works just fine. Handshake successful, traffic is routed via the server. traceroute shows the server as the hop immediately after my device’s local gateway. The connection is stable, and fast.

…except for Crunchyroll. The site / app itself is fine, but I can not, for the life of me, get a video to play. It just keeps loading forever.

I don’t think this is an issue with CR recognizing that I’m not where I say I am - looking online, it seems pretty easy to use CR with a VPN. I’ve also tried from multiple other devices, all with the same symptom.

If anyone has suggestions, I’d love to hear them 😅

EDIT: It was MTU. Had to manually set it to 1500 on both devices.

Nope, still the same issues. I was using the fallback interface there briefly.

EDIT: It WAS MTU related, I had to enable MSS clamping on the OPNSense.

  • Prison Mike@links.hackliberty.org
    link
    fedilink
    English
    arrow-up
    1
    ·
    6 months ago

    Are you familiar with web development by chance? Can you see anything in your browser’s developer tools like failed XHR/fetch requests? I’m kind of wondering if they’re doing something specific since you said traffic is flowing as expected on other websites.

    If your VPN exits from a datacenter (common with VPN and cloud providers) it could be that while their website wasn’t smart enough to block you, the server the content streams from is and is refusing to stream the content. This would probably show up as a failure in the developer tools (HTTP 401 Unauthorized, some JSON with an error, etc).

    • smiletolerantly@awful.systemsOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      6 months ago

      Good idea. I get a number of CORS errors - but I also get them without the VPN, so I don’t think that’s it.

      The idea that CR doesn’t block me, their content hipster does though - that might have merit. Hm. I have noticed that some sites require me to solve the Cloudflare Captcha. So maybe that happens when requesting the page/stream, and then since I don’t (can’t) solve it, nothing happens?

      Do you have an idea how I could verify this? 😅

      • Prison Mike@links.hackliberty.org
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        6 months ago

        Those websites (and tons of others) will tell you who your ISP appears to be. Whether or not a service considers it a datacenter isn’t set in stone, but usually it’s easy to tell based on what’s shown there.

        Edit: If you’re getting the captchas it’s probably because you appear to be on a VPN.