I started a reddit thread
earlier about this because I thought about it. Basically, I am able to reach other devices on the same VPN server over their local IP address. For my tests, I've been using two different cryptostorm tokens, one on my MacBook and one on my iPhone, used my wifi connection on the MacBook and the 3G connection on the iPhone (wifi completely disabled) and connected them both to the cryptostorm Icelandic VPN server.
- connect to linux-iceland.cstorm.pw over 3G
- got IP 10.44.0.19
- connect to same server
- got IP 10.44.0.11
Then I tried to reach the iPhone from the MacBook. Port 22 (actually a different one but it doesn't matter) is open for SSH (iPhone is jailbroken).
$ ping 10.44.0.19
PING 10.44.0.19 (10.44.0.19): 56 data bytes
64 bytes from 10.44.0.19: icmp_seq=0 ttl=63 time=437.577 ms
64 bytes from 10.44.0.19: icmp_seq=1 ttl=63 time=458.660 ms
64 bytes from 10.44.0.19: icmp_seq=2 ttl=63 time=374.658 ms
64 bytes from 10.44.0.19: icmp_seq=3 ttl=63 time=455.317 ms
64 bytes from 10.44.0.19: icmp_seq=4 ttl=63 time=355.765 ms
64 bytes from 10.44.0.19: icmp_seq=5 ttl=63 time=425.049 ms
--- 10.44.0.19 ping statistics ---
6 packets transmitted, 6 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 355.765/417.838/458.660/39.222 ms
$ telnet 10.44.0.19 22
Connected to 10.44.0.19.
Escape character is '^]'.
$ traceroute 10.44.0.19
traceroute to 10.44.0.19 (10.44.0.19), 64 hops max, 52 byte packets
1 10.44.0.1 (10.44.0.1) 82.613 ms 92.740 ms 87.477 ms
2 10.44.0.19 (10.44.0.19) 1763.211 ms 540.878 ms 478.136 ms
I can also at least ping other IPs on the same subnet, though I did not try more because it might look like I have something bad in mind.
This should not be possible, right? I mean, it would be a major security risk if other people were able to access my devices like they were in the same local network. Or is my thought process flawed somewhere?
By the way, vpnDarknet answered on reddit earlier and he said he wasn't able to recreate the issue.
Edit: More information, if you need it.
Mac - using Tunnelblick 3.5beta08 (build 4236) and the official cryptostorm Mac config file for the server(s) in Iceland (OS X 10.10.2)
iPhone - using OpenVPN 1.0.5 build 177 app and the official cryptostorm iOS config file (iOS 8.1.1)