allanmills 0 Posted ... Hello . . . Yesterday I activated a trial account to test service. I am a very networking-ignorant Kubuntu Linux (KDE based Ubuntu variant) user. I was unable to get the Kubuntu networking applet to configure properly, so I manually downloaded the zip file and successfully ran the VPN using the terminal command. Yesterday, I was connected to my wired cable connection at home. Everything seemed to work perfectly, I am very pleased with the performance (I tested it several hours with intensive downloading). Today, I am on the road (which is where I'm at most of the time), so I'm using an open public wi-fi. Tried the same thing from the terminal and the connection looks like it's established okay. However, I can't connect to anything in my web browser until I stop VPN process. Then I have regular (non-VPN) connectivity. I thought it might be an issue with the server, or the protocol or port number, so I downloaded other configurations based on different servers, protocols, ports, with the same results. I also tried a different connection using my mobile broadband card. Same results. I apologize if there's not enough detailed info so it's too vague, but I don't know what details would be helpful for troubleshooting even. I will provide anything that might help if I can understand how to do so. Thanks for your indulgence of my ignorance (although I will learn through this, which is a primary motivation), and for any help you may provide. Allan Quote Share this post Link to post
Staff 9972 Posted ... @allanmills Hello! Can you please send us the OpenVPN connection logs when you try the connection on the open WiFi network and on your mobile broadband card? Have you tried to connect to port 53 too? Kind regards AirVPN admins Quote Share this post Link to post
allanmills 0 Posted ... I am pasting the log from my latest connection attempt from a few minutes ago. Again, it looks like the connection is successful, but I'm unable to connect to anything until I shut down the OpenVPN process (which you can see at the end of the log session). Thanks for any help, Sat Nov 19 18:41:33 2011 OpenVPN 2.1.3 i686-pc-linux-gnu [sSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Mar 11 2011 Sat Nov 19 18:41:33 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Sat Nov 19 18:41:34 2011 WARNING: file 'user.key' is group or others accessible Sat Nov 19 18:41:34 2011 /usr/bin/openssl-vulnkey -q -b 2048 -m <modulus omitted> Sat Nov 19 18:41:34 2011 LZO compression initialized Sat Nov 19 18:41:34 2011 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ] Sat Nov 19 18:41:34 2011 Socket Buffers: R=[87380->131072] S=[16384->131072] Sat Nov 19 18:41:34 2011 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ] Sat Nov 19 18:41:34 2011 Local Options hash (VER=V4): '958c5492' Sat Nov 19 18:41:34 2011 Expected Remote Options hash (VER=V4): '79ef4284' Sat Nov 19 18:41:34 2011 Attempting to establish TCP connection with [AF_INET]174.140.166.91:80 [nonblock] Sat Nov 19 18:41:35 2011 TCP connection established with [AF_INET]174.140.166.91:80 Sat Nov 19 18:41:35 2011 TCPv4_CLIENT link local: [undef] Sat Nov 19 18:41:35 2011 TCPv4_CLIENT link remote: [AF_INET]174.140.166.91:80 Sat Nov 19 18:41:35 2011 TLS: Initial packet from [AF_INET]174.140.166.91:80, sid=98901240 84cb904b Sat Nov 19 18:41:43 2011 VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org Sat Nov 19 18:41:43 2011 VERIFY OK: nsCertType=SERVER Sat Nov 19 18:41:43 2011 VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org Sat Nov 19 18:42:07 2011 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Sat Nov 19 18:42:07 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Nov 19 18:42:07 2011 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Sat Nov 19 18:42:07 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Nov 19 18:42:07 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA Sat Nov 19 18:42:07 2011 [server] Peer Connection Initiated with [AF_INET]174.140.166.91:80 Sat Nov 19 18:42:09 2011 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Sat Nov 19 18:42:10 2011 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.7.0.1,comp-lzo no,route 10.7.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.7.1.18 10.7.1.17' Sat Nov 19 18:42:10 2011 OPTIONS IMPORT: timers and/or timeouts modified Sat Nov 19 18:42:10 2011 OPTIONS IMPORT: LZO parms modified Sat Nov 19 18:42:10 2011 OPTIONS IMPORT: --ifconfig/up options modified Sat Nov 19 18:42:10 2011 OPTIONS IMPORT: route options modified Sat Nov 19 18:42:10 2011 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Sat Nov 19 18:42:10 2011 ROUTE default_gateway=66.174.216.161 Sat Nov 19 18:42:10 2011 TUN/TAP device tun0 opened Sat Nov 19 18:42:10 2011 TUN/TAP TX queue length set to 100 Sat Nov 19 18:42:10 2011 /sbin/ifconfig tun0 10.7.1.18 pointopoint 10.7.1.17 mtu 1500 Sat Nov 19 18:42:10 2011 /sbin/route add -net 174.140.166.91 netmask 255.255.255.255 gw 66.174.216.161 Sat Nov 19 18:42:10 2011 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.7.1.17 Sat Nov 19 18:42:10 2011 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.7.1.17 Sat Nov 19 18:42:10 2011 /sbin/route add -net 10.7.0.1 netmask 255.255.255.255 gw 10.7.1.17 Sat Nov 19 18:42:10 2011 Initialization Sequence Completed Sat Nov 19 18:49:04 2011 event_wait : Interrupted system call (code=4) Sat Nov 19 18:49:04 2011 TCP/UDP: Closing socket Sat Nov 19 18:49:04 2011 /sbin/route del -net 10.7.0.1 netmask 255.255.255.255 Sat Nov 19 18:49:04 2011 /sbin/route del -net 174.140.166.91 netmask 255.255.255.255 Sat Nov 19 18:49:04 2011 /sbin/route del -net 0.0.0.0 netmask 128.0.0.0 Sat Nov 19 18:49:04 2011 /sbin/route del -net 128.0.0.0 netmask 128.0.0.0 Sat Nov 19 18:49:04 2011 Closing TUN/TAP interface Sat Nov 19 18:49:04 2011 /sbin/ifconfig tun0 0.0.0.0 Sat Nov 19 18:49:05 2011 SIGTERM[hard,] received, process exiting Quote Share this post Link to post
Staff 9972 Posted ... @allanmillsHello!The logs seem ok.Please, can you send us the outpout of the following commands, before and after a VPN connection?netstat -nr route -n ifconfig tap0 ifconfig wlan0 ifconfig eth0 cat /etc/resolv.conf While you are connected to the VPN server, can you send any packet out? Does DNS resolution work? Try:ping 72.14.203.106 ping google.com and let us know.Also, does anything change if you try the connection directly with OpenVPN (assuming you haven't already done so), for example:sudo openvpn air.ovpnLooking forward to hearing from you.Kind regardsAirVPN admins Quote Share this post Link to post
allanmills 0 Posted ... Thanks again for your help. I am once again on my cable connection at home, and once more have a good connection to/through the VPN. The problems I'm having evidently have to do with the way OpenVPN or Linux recognizes a wireless connection or my mobile connection using a Verizon wireless USB modem. For me, the main time I will utilize the VPN service is when connected to my cable connection at home, so I think my original query can be considered solved, even if it would be a learning experience to troubleshoot and resolve it. Quote Share this post Link to post
Staff 9972 Posted ... allanmills wrote:Thanks again for your help. I am once again on my cable connection at home, and once more have a good connection to/through the VPN. The problems I'm having evidently have to do with the way OpenVPN or Linux recognizes a wireless connection or my mobile connection using a Verizon wireless USB modem. For me, the main time I will utilize the VPN service is when connected to my cable connection at home, so I think my original query can be considered solved, even if it would be a learning experience to troubleshoot and resolve it.Hello!Ok and thank you. Please feel free to send us the requested information if you wish a deeper investigation on the issue.Kind regards Quote Share this post Link to post
allanmills 0 Posted ... Hello. I am replying to this topic some months later to see if that will re-open it without having to start a new topic. I have just moved and I am having to use my wireless connection instead of the direct cable connection as before. As when I originally posted about this problem, the VPN functions perfectly with the direct eth0 connection, but not with a wireless or broadband card. As before, the log indicates that a connection of some kind was made, but I can't send anything out or receive anything. In a previous message, I was instructed to send the output of several commands before and after the VPN connection. I also did the PING command, and when VPN is connected, it says "operation not permitted". I will paste that at the end. Here's the output of the commands before the VPN connection: allan@Area51:~/Downloads/air$ netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlan0 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0 allan@Area51:~/Downloads/air$ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0 allan@Area51:~/Downloads/air$ ifconfig tap0 tap0: error fetching interface information: Device not found allan@Area51:~/Downloads/air$ ifconfig wlan0 wlan0 Link encap:Ethernet HWaddr 40:25:c2:2a:2e:14 inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::4225:c2ff:fe2a:2e14/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:899990 errors:0 dropped:0 overruns:0 frame:0 TX packets:507626 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1284376995 (1.2 GB) TX bytes:41816079 (41.8 MB) allan@Area51:~/Downloads/air$ ifconfig eth0 eth0 Link encap:Ethernet HWaddr 2c:27:d7:a9:d4:7d UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 TX bytes:0 (0.0 Interrupt:41 Base address:0x8000 allan@Area51:~/Downloads/air$ cat /etc/resolv.conf # Generated by NetworkManager nameserver 192.168.1.1 ************************************************************************************************** After the VPN connection: allan@Area51:~/Downloads/air$ netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 10.7.0.77 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 69.163.36.66 192.168.1.1 255.255.255.255 UGH 0 0 0 wlan0 10.7.0.1 10.7.0.77 255.255.255.255 UGH 0 0 0 tun0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlan0 0.0.0.0 10.7.0.77 128.0.0.0 UG 0 0 0 tun0 128.0.0.0 10.7.0.77 128.0.0.0 UG 0 0 0 tun0 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0 allan@Area51:~/Downloads/air$ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.7.0.77 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 69.163.36.66 192.168.1.1 255.255.255.255 UGH 0 0 0 wlan0 10.7.0.1 10.7.0.77 255.255.255.255 UGH 0 0 0 tun0 192.168.1.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0 0.0.0.0 10.7.0.77 128.0.0.0 UG 0 0 0 tun0 128.0.0.0 10.7.0.77 128.0.0.0 UG 0 0 0 tun0 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0 allan@Area51:~/Downloads/air$ ifconfig tap0 tap0: error fetching interface information: Device not found allan@Area51:~/Downloads/air$ ifconfig wlan0 wlan0 Link encap:Ethernet HWaddr 40:25:c2:2a:2e:14 inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::4225:c2ff:fe2a:2e14/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:901073 errors:0 dropped:0 overruns:0 frame:0 TX packets:508528 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1285494115 (1.2 GB) TX bytes:41908358 (41.9 MB) allan@Area51:~/Downloads/air$ ifconfig eth0 eth0 Link encap:Ethernet HWaddr 2c:27:d7:a9:d4:7d UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 TX bytes:0 (0.0 Interrupt:41 Base address:0x8000 allan@Area51:~/Downloads/air$ cat /etc/resolv.conf # Generated by NetworkManager nameserver 192.168.1.1 ******************************************************************************************* Ping command output with no VPN connection: allan@Area51:~/Downloads/air$ ping 72.14.203.106 PING 72.14.203.106 (72.14.203.106) 56(84) bytes of data. 64 bytes from 72.14.203.106: icmp_req=1 ttl=51 time=204 ms 64 bytes from 72.14.203.106: icmp_req=2 ttl=51 time=196 ms 64 bytes from 72.14.203.106: icmp_req=3 ttl=51 time=229 ms 64 bytes from 72.14.203.106: icmp_req=4 ttl=51 time=204 ms 64 bytes from 72.14.203.106: icmp_req=5 ttl=51 time=201 ms 64 bytes from 72.14.203.106: icmp_req=6 ttl=51 time=197 ms 64 bytes from 72.14.203.106: icmp_req=7 ttl=51 time=196 ms 64 bytes from 72.14.203.106: icmp_req=8 ttl=51 time=198 ms 64 bytes from 72.14.203.106: icmp_req=9 ttl=51 time=198 ms 64 bytes from 72.14.203.106: icmp_req=10 ttl=51 time=197 ms 64 bytes from 72.14.203.106: icmp_req=11 ttl=51 time=191 ms 64 bytes from 72.14.203.106: icmp_req=12 ttl=51 time=199 ms 64 bytes from 72.14.203.106: icmp_req=13 ttl=51 time=207 ms 64 bytes from 72.14.203.106: icmp_req=14 ttl=51 time=200 ms 64 bytes from 72.14.203.106: icmp_req=15 ttl=51 time=199 ms 64 bytes from 72.14.203.106: icmp_req=16 ttl=51 time=205 ms 64 bytes from 72.14.203.106: icmp_req=17 ttl=51 time=201 ms 64 bytes from 72.14.203.106: icmp_req=18 ttl=51 time=196 ms 64 bytes from 72.14.203.106: icmp_req=19 ttl=51 time=193 ms 64 bytes from 72.14.203.106: icmp_req=20 ttl=51 time=191 ms 64 bytes from 72.14.203.106: icmp_req=21 ttl=51 time=199 ms 64 bytes from 72.14.203.106: icmp_req=22 ttl=51 time=195 ms 64 bytes from 72.14.203.106: icmp_req=23 ttl=51 time=196 ms 64 bytes from 72.14.203.106: icmp_req=24 ttl=51 time=190 ms 64 bytes from 72.14.203.106: icmp_req=25 ttl=51 time=203 ms 64 bytes from 72.14.203.106: icmp_req=26 ttl=51 time=251 ms 64 bytes from 72.14.203.106: icmp_req=27 ttl=51 time=192 ms 64 bytes from 72.14.203.106: icmp_req=28 ttl=51 time=200 ms Terminated ******************************************************************************* Ping command with VPN apparently connected: allan@Area51:~/Downloads/air$ ping 72.14.203.106 PING 72.14.203.106 (72.14.203.106) 56(84) bytes of data. ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted Terminated ****************************************************************** Please let me know if I need to open a new topic, and thanks so much for any insight into this problem. Allan Quote Share this post Link to post
Staff 9972 Posted ... @allanmills Hello! The error issued by ifconfig is normal, you have no tap interface, our setup use the tun interface. About the core of your issue, it is likely that since your interface changed from eth0 to wlan0, your script/config may still be using the old interface. There are several articles that can point you to the right direction: https://duckduckgo.com/?q=ping%3A+sendmsg%3A+operation+not+permitted Please do not hesitate to contact us for any further information and support. Kind regards Quote Share this post Link to post
allanmills 0 Posted ... Thanks so much for your help in resolving this issue. After doing some digging around the links you provided, and then searching some more on the Ubuntu forum, I realized that the problem might be something related to the firewall. I turned the firewall off and the connection worked fine. So I changed the device in the firewall setup program I use (Firestarter in Linux), and turned it back on, and it is currently working. I appreciate your patience and the speed of your responses in helping me troubleshoot this issue. Quote Share this post Link to post
Not connected, Your IP: 18.191.200.223
Online: 26597 users - 324035 Mbit/s total BW