What does the Wireless ISP (WISP) "see" when I'm using VPN from home?

What on earth are you talking about? "aim your mail program to go to the VPN"? What does that mean? This is the strangest description of a VPN that I've ever heard. You may be describing some specific VPN implementation that I am not familiar with, or you may be terribly confused, I am not sure. My experiences with VPNs tally more closely with what Yaroslav Sadowski is describing.

"...at your end", in the vast majority of cases will mean, NATed back to the same public IP address on the same router on the same internet connection, so if you think that using a proxy at your end will make any difference, you're wrong.

In the route -n output that Yaroslav posted, you can see he has a static route to the VPN provider's public IP via his router, then a default [covering everything else] via a private IP, presumably inside the VPN tunnel [or, it's the IP of VPN tunnel interface created on his machine by the VPN client software].

If you connected to the VPN only those programs that go through your browser are connected to the VPN, but they can't go or do anything else. All VPNs that I have connected to have buttons to click on to connect you to the programs that you are allowed to use or places you are allowed to go. Your browser goes no further than the page right after the login. Which is the page that has the programs or places that you are allowed to use/go. No further. You can't use your own programs inside the VPN even if they are the same program. You are usually not allowed to use the companies browser so you can't go anywhere else.

All VPN's are that way. How else is an outside browser to become part of the the VPN? If you are "inside" of the VPN you only have it's protection for places that are part of that VPN. A browser tab, which is You, are not part of the VPN until you login. Remember the VPN is to protect it's own network, no other network. The VPN could careless what goes on outside of it's own network.

Being that you downloaded and installed 1clicks software you are running a proxy not connecting to one, so you will get those results. They just want you to pay to get to better servers. All 1click does is redirects your browser to those servers. I was wrong in the other post when I said that you are part of 1click's VPN as they are not one. Do you login to

1click when you go some where on the internet? All 1click is doing is connecting you to different servers. If you are a paid subscriber 1click supplies more and faster servers that you can connect to. You still don't have any protection when you go to sites on the internet as you are using a proxy not a VPN. You can go anywhere. The only protection you have is the built in browser protection or from browser addons that you are using. All the proxy does is showing a different IP than one that identifies you. If you request information or down load something the proxy has to remember your real IP so that you receive what you asked for. There is no encryption. Unless you encrypted on your end. Then how would the site you are going to know what you want? How do you encrypt an IP so no one knows where yo are going? The only way you can get the protection you want is to use TOR. Even then once you leave one of the exit points to get to where you are going you no longer have TOR's protection, then anyone can see your real IP because it was never hidden, nothing is encrypted. There are browser addons that give you a fake IP and they are free.

Normally you can't get out of the VPN as a connected part of that VPN and not a part that originates from within.

'Iface' is the interface on which IP address in the 'gateway' column can be reached.

This covers a destination of 0.0.0.0 to 127.255.255.254.

This is your original default route.

Unsure what the significance of this is.

This means that 10.43.0.209 can be reached by just throwing the packet out of tun0.

These two are static routes added by the VPN client software. This should mean that the only traffic that doesn't traverse tun0 is traffic to these two IP addresses

This covers a destination of 128.0.0.0.1 to 255.255.255.254.

This is a route to your LAN out of wlan0.

Just try decoding them when they were wrapped. I have added an ID column and deleted the ones with just zeroes in.

So, I haven't seen a routing table like this before. It looks like your VPN provider splits the entire internet into two halves, one dealt with by route A, one with route G. This means that A&G have a netmask that is more specific than B, so routes A&G always get used in preference to B, ie all your internet traffic goes out of tun0 [which is really a software process]. Why doesn't the software client just delete route B, and reinstate it once you're done with the client? I don't know.

That would appear to be the intention of it.

I am guessing this is a backup server IP, or maybe there's some load balancing. To investigate this further, 'iftop -n -i wlan0', then watch which IP address is hit more when you do a large download.

I've just noticed that lo0 doesn't appear in the routing table. That will account for 127.0.0.0 - 127.255.255.255.

Yaroslav Sadowski is wrong. Remember he wanted to use his company's VPN. If you don't aim/connect your email program, or any other program, at the VPN so it can connect how else is it going to know where to go? Same thing as aiming a rifle if you don't the bullet doesn't go where you want it to go. What's hard to understand about that? :) Besides your email program can't use their VPN as the VPN's smtp sever is most likely different from yours. You can't even use your browser in their network. You use your browser only to connect. If that VPN would even allow you to get out. Also private VPNs wont let you use your programs, you have to use theirs. We are talking about private VPNs not public as they are a whole different bag. Public VPNs are setup totally differently. All the do is let you out and change your IP. The public VPNs cannot encrypt anything as the internet is not part of that VPN. A VPN only encrypts traffic for those people/places that are part of VPN network. You get the same service with public proxies they change your IP. Browser plugins can do the same thing.

No if you are using a proxy that changes your IP before you connect, or maybe as, to the internet nobody "see's" the correct one. I imagine if you are using your own proxy your IP is changed before you connect as you go through the proxy first to connect and the proxy is only used for the internet. Your real IP has to be hidden, I would think, so that what you request gets back to you. If you connect to a remote proxy your IP isn't changed until you reach that proxy. When you request something the remote proxy has to let the real IP be seen so what you requested gets back to you.

You're talking about something completely different. That's not what we're discussing here, AFAIK.

Again, you're talking about something completely different.

The clues will be in your routing table, primarily. If you're paranoid, monitor the traffic leaving your PC with tcpdump or windump, then filter out everything that goes to your VPN provider. See what's left in your capture, if anything. You may have to monitor the traffic upstream (from the next connected device) if your VPN tunnel is inserted into the stack after the tcpdump filter.

A proxy doesn't imply anything, or help anything. You're describing a VPN.

None of that applies here.

He's asking about a full tunnel VPN, so none of that applies.

That doesn't apply to his scenario, so it's only going to confuse him.

It is from most specific to least. The match is address AND genmask fits the Destination. Thus adest of 0.0.0.o with a genmask 0f 0.0.0.0 matches all address, is the least specific and is thedefault. This says that wlan0 is the default.Any address with a 1 bit inthe most significant bit of the address will be sent to tun0. So if 10.43.0.209 it is sent directly on tun0 (the tunnel) If 10.43.0.1 it is sent to 10.43.0.209 on tun0 if 128.x.x.x it is sent to 10.43.0.209 on tun0 if 1bbbbbb.x.x.x it is sent to 10.43.0.209 on tun0 if 192.168.1.x it is sent directly to wlan0 if 108.178.54.10 it is sent to 192.168.1.1on wlan0 if 192.143.153.42 it is sent to 192.168.1.1 on wlan0 anything else is sent on wlan0.

108.178.54.10 is probably the vpn serverto which the encrypted packets are sent

Thus if you go to 56.23.44.8 it will go on wlan0(NOt vpn) If you go to 142.103.234.23 it will go via ton0 (vpn)

*Without* a VPN, that's the correct behavior above. *With* a full tunnel VPN, the behavior is as you described below.

No. The ISP will see 3 bursts of traffic to a single destination IP:port, but they will not see what the final destination is, (google, yahoo, apple).