Jump to content
Not connected, Your IP: 3.236.118.225
Sign in to follow this  
allanmills

Connection problems

Recommended Posts

Hello . . .

Yesterday I activated a trial account to test service. I am a very networking-ignorant Kubuntu Linux (KDE based Ubuntu variant) user. I was unable to get the Kubuntu networking applet to configure properly, so I manually downloaded the zip file and successfully ran the VPN using the terminal command.

Yesterday, I was connected to my wired cable connection at home. Everything seemed to work perfectly, I am very pleased with the performance (I tested it several hours with intensive downloading).

Today, I am on the road (which is where I'm at most of the time), so I'm using an open public wi-fi. Tried the same thing from the terminal and the connection looks like it's established okay. However, I can't connect to anything in my web browser until I stop VPN process. Then I have regular (non-VPN) connectivity.

I thought it might be an issue with the server, or the protocol or port number, so I downloaded other configurations based on different servers, protocols, ports, with the same results.

I also tried a different connection using my mobile broadband card. Same results.

I apologize if there's not enough detailed info so it's too vague, but I don't know what details would be helpful for troubleshooting even. I will provide anything that might help if I can understand how to do so.

Thanks for your indulgence of my ignorance (although I will learn through this, which is a primary motivation), and for any help you may provide.

Allan

Share this post


Link to post

@allanmills

Hello!

Can you please send us the OpenVPN connection logs when you try the connection on the open WiFi network and on your mobile broadband card? Have you tried to connect to port 53 too?

Kind regards

AirVPN admins

Share this post


Link to post

I am pasting the log from my latest connection attempt from a few minutes ago. Again, it looks like the connection is successful, but I'm unable to connect to anything until I shut down the OpenVPN process (which you can see at the end of the log session). Thanks for any help,

Sat Nov 19 18:41:33 2011 OpenVPN 2.1.3 i686-pc-linux-gnu [sSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Mar 11 2011

Sat Nov 19 18:41:33 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

Sat Nov 19 18:41:34 2011 WARNING: file 'user.key' is group or others accessible

Sat Nov 19 18:41:34 2011 /usr/bin/openssl-vulnkey -q -b 2048 -m <modulus omitted>

Sat Nov 19 18:41:34 2011 LZO compression initialized

Sat Nov 19 18:41:34 2011 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]

Sat Nov 19 18:41:34 2011 Socket Buffers: R=[87380->131072] S=[16384->131072]

Sat Nov 19 18:41:34 2011 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]

Sat Nov 19 18:41:34 2011 Local Options hash (VER=V4): '958c5492'

Sat Nov 19 18:41:34 2011 Expected Remote Options hash (VER=V4): '79ef4284'

Sat Nov 19 18:41:34 2011 Attempting to establish TCP connection with [AF_INET]174.140.166.91:80 [nonblock]

Sat Nov 19 18:41:35 2011 TCP connection established with [AF_INET]174.140.166.91:80

Sat Nov 19 18:41:35 2011 TCPv4_CLIENT link local: [undef]

Sat Nov 19 18:41:35 2011 TCPv4_CLIENT link remote: [AF_INET]174.140.166.91:80

Sat Nov 19 18:41:35 2011 TLS: Initial packet from [AF_INET]174.140.166.91:80, sid=98901240 84cb904b

Sat Nov 19 18:41:43 2011 VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

Sat Nov 19 18:41:43 2011 VERIFY OK: nsCertType=SERVER

Sat Nov 19 18:41:43 2011 VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

Sat Nov 19 18:42:07 2011 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Sat Nov 19 18:42:07 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Sat Nov 19 18:42:07 2011 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Sat Nov 19 18:42:07 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Sat Nov 19 18:42:07 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

Sat Nov 19 18:42:07 2011 [server] Peer Connection Initiated with [AF_INET]174.140.166.91:80

Sat Nov 19 18:42:09 2011 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

Sat Nov 19 18:42:10 2011 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.7.0.1,comp-lzo no,route 10.7.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.7.1.18 10.7.1.17'

Sat Nov 19 18:42:10 2011 OPTIONS IMPORT: timers and/or timeouts modified

Sat Nov 19 18:42:10 2011 OPTIONS IMPORT: LZO parms modified

Sat Nov 19 18:42:10 2011 OPTIONS IMPORT: --ifconfig/up options modified

Sat Nov 19 18:42:10 2011 OPTIONS IMPORT: route options modified

Sat Nov 19 18:42:10 2011 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

Sat Nov 19 18:42:10 2011 ROUTE default_gateway=66.174.216.161

Sat Nov 19 18:42:10 2011 TUN/TAP device tun0 opened

Sat Nov 19 18:42:10 2011 TUN/TAP TX queue length set to 100

Sat Nov 19 18:42:10 2011 /sbin/ifconfig tun0 10.7.1.18 pointopoint 10.7.1.17 mtu 1500

Sat Nov 19 18:42:10 2011 /sbin/route add -net 174.140.166.91 netmask 255.255.255.255 gw 66.174.216.161

Sat Nov 19 18:42:10 2011 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.7.1.17

Sat Nov 19 18:42:10 2011 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.7.1.17

Sat Nov 19 18:42:10 2011 /sbin/route add -net 10.7.0.1 netmask 255.255.255.255 gw 10.7.1.17

Sat Nov 19 18:42:10 2011 Initialization Sequence Completed

Sat Nov 19 18:49:04 2011 event_wait : Interrupted system call (code=4)

Sat Nov 19 18:49:04 2011 TCP/UDP: Closing socket

Sat Nov 19 18:49:04 2011 /sbin/route del -net 10.7.0.1 netmask 255.255.255.255

Sat Nov 19 18:49:04 2011 /sbin/route del -net 174.140.166.91 netmask 255.255.255.255

Sat Nov 19 18:49:04 2011 /sbin/route del -net 0.0.0.0 netmask 128.0.0.0

Sat Nov 19 18:49:04 2011 /sbin/route del -net 128.0.0.0 netmask 128.0.0.0

Sat Nov 19 18:49:04 2011 Closing TUN/TAP interface

Sat Nov 19 18:49:04 2011 /sbin/ifconfig tun0 0.0.0.0

Sat Nov 19 18:49:05 2011 SIGTERM[hard,] received, process exiting

 

Share this post


Link to post

@allanmills

Hello!

The logs seem ok.

Please, can you send us the outpout of the following commands, before and after a VPN connection?

netstat -nr
route -n
ifconfig tap0
ifconfig wlan0
ifconfig eth0
cat /etc/resolv.conf

While you are connected to the VPN server, can you send any packet out? Does DNS resolution work? Try:

ping 72.14.203.106
ping google.com

and let us know.

Also, does anything change if you try the connection directly with OpenVPN (assuming you haven't already done so), for example:

sudo openvpn air.ovpn

Looking forward to hearing from you.

Kind regards

AirVPN admins

Share this post


Link to post

Thanks again for your help. I am once again on my cable connection at home, and once more have a good connection to/through the VPN. The problems I'm having evidently have to do with the way OpenVPN or Linux recognizes a wireless connection or my mobile connection using a Verizon wireless USB modem.

For me, the main time I will utilize the VPN service is when connected to my cable connection at home, so I think my original query can be considered solved, even if it would be a learning experience to troubleshoot and resolve it.

Share this post


Link to post

allanmills wrote:

Thanks again for your help. I am once again on my cable connection at home, and once more have a good connection to/through the VPN. The problems I'm having evidently have to do with the way OpenVPN or Linux recognizes a wireless connection or my mobile connection using a Verizon wireless USB modem.

For me, the main time I will utilize the VPN service is when connected to my cable connection at home, so I think my original query can be considered solved, even if it would be a learning experience to troubleshoot and resolve it.

Hello!

Ok and thank you. Please feel free to send us the requested information if you wish a deeper investigation on the issue.

Kind regards

Share this post


Link to post

Hello. I am replying to this topic some months later to see if that will re-open it without having to start a new topic.

I have just moved and I am having to use my wireless connection instead of the direct cable connection as before. As when I originally posted about this problem, the VPN functions perfectly with the direct eth0 connection, but not with a wireless or broadband card.

As before, the log indicates that a connection of some kind was made, but I can't send anything out or receive anything. In a previous message, I was instructed to send the output of several commands before and after the VPN connection. I also did the PING command, and when VPN is connected, it says "operation not permitted". I will paste that at the end.

Here's the output of the commands before the VPN connection:

allan@Area51:~/Downloads/air$ netstat -nr

Kernel IP routing table

Destination Gateway Genmask Flags MSS Window irtt Iface

192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0

169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlan0

0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0

allan@Area51:~/Downloads/air$ route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

192.168.1.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0

169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0

0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0

allan@Area51:~/Downloads/air$ ifconfig tap0

tap0: error fetching interface information: Device not found

allan@Area51:~/Downloads/air$ ifconfig wlan0

wlan0 Link encap:Ethernet HWaddr 40:25:c2:2a:2e:14

inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0

inet6 addr: fe80::4225:c2ff:fe2a:2e14/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:899990 errors:0 dropped:0 overruns:0 frame:0

TX packets:507626 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:1284376995 (1.2 GB) TX bytes:41816079 (41.8 MB)

allan@Area51:~/Downloads/air$ ifconfig eth0

eth0 Link encap:Ethernet HWaddr 2c:27:d7:a9:d4:7d

UP BROADCAST MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:0 (0.0 TX bytes:0 (0.0

Interrupt:41 Base address:0x8000

allan@Area51:~/Downloads/air$ cat /etc/resolv.conf

# Generated by NetworkManager

nameserver 192.168.1.1

**************************************************************************************************

After the VPN connection:

allan@Area51:~/Downloads/air$ netstat -nr

Kernel IP routing table

Destination Gateway Genmask Flags MSS Window irtt Iface

10.7.0.77 0.0.0.0 255.255.255.255 UH 0 0 0 tun0

69.163.36.66 192.168.1.1 255.255.255.255 UGH 0 0 0 wlan0

10.7.0.1 10.7.0.77 255.255.255.255 UGH 0 0 0 tun0

192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0

169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlan0

0.0.0.0 10.7.0.77 128.0.0.0 UG 0 0 0 tun0

128.0.0.0 10.7.0.77 128.0.0.0 UG 0 0 0 tun0

0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0

allan@Area51:~/Downloads/air$ route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

10.7.0.77 0.0.0.0 255.255.255.255 UH 0 0 0 tun0

69.163.36.66 192.168.1.1 255.255.255.255 UGH 0 0 0 wlan0

10.7.0.1 10.7.0.77 255.255.255.255 UGH 0 0 0 tun0

192.168.1.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0

169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0

0.0.0.0 10.7.0.77 128.0.0.0 UG 0 0 0 tun0

128.0.0.0 10.7.0.77 128.0.0.0 UG 0 0 0 tun0

0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0

allan@Area51:~/Downloads/air$ ifconfig tap0

tap0: error fetching interface information: Device not found

allan@Area51:~/Downloads/air$ ifconfig wlan0

wlan0 Link encap:Ethernet HWaddr 40:25:c2:2a:2e:14

inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0

inet6 addr: fe80::4225:c2ff:fe2a:2e14/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:901073 errors:0 dropped:0 overruns:0 frame:0

TX packets:508528 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:1285494115 (1.2 GB) TX bytes:41908358 (41.9 MB)

allan@Area51:~/Downloads/air$ ifconfig eth0

eth0 Link encap:Ethernet HWaddr 2c:27:d7:a9:d4:7d

UP BROADCAST MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:0 (0.0 TX bytes:0 (0.0

Interrupt:41 Base address:0x8000

allan@Area51:~/Downloads/air$ cat /etc/resolv.conf

# Generated by NetworkManager

nameserver 192.168.1.1

*******************************************************************************************

Ping command output with no VPN connection:

allan@Area51:~/Downloads/air$ ping 72.14.203.106

PING 72.14.203.106 (72.14.203.106) 56(84) bytes of data.

64 bytes from 72.14.203.106: icmp_req=1 ttl=51 time=204 ms

64 bytes from 72.14.203.106: icmp_req=2 ttl=51 time=196 ms

64 bytes from 72.14.203.106: icmp_req=3 ttl=51 time=229 ms

64 bytes from 72.14.203.106: icmp_req=4 ttl=51 time=204 ms

64 bytes from 72.14.203.106: icmp_req=5 ttl=51 time=201 ms

64 bytes from 72.14.203.106: icmp_req=6 ttl=51 time=197 ms

64 bytes from 72.14.203.106: icmp_req=7 ttl=51 time=196 ms

64 bytes from 72.14.203.106: icmp_req=8 ttl=51 time=198 ms

64 bytes from 72.14.203.106: icmp_req=9 ttl=51 time=198 ms

64 bytes from 72.14.203.106: icmp_req=10 ttl=51 time=197 ms

64 bytes from 72.14.203.106: icmp_req=11 ttl=51 time=191 ms

64 bytes from 72.14.203.106: icmp_req=12 ttl=51 time=199 ms

64 bytes from 72.14.203.106: icmp_req=13 ttl=51 time=207 ms

64 bytes from 72.14.203.106: icmp_req=14 ttl=51 time=200 ms

64 bytes from 72.14.203.106: icmp_req=15 ttl=51 time=199 ms

64 bytes from 72.14.203.106: icmp_req=16 ttl=51 time=205 ms

64 bytes from 72.14.203.106: icmp_req=17 ttl=51 time=201 ms

64 bytes from 72.14.203.106: icmp_req=18 ttl=51 time=196 ms

64 bytes from 72.14.203.106: icmp_req=19 ttl=51 time=193 ms

64 bytes from 72.14.203.106: icmp_req=20 ttl=51 time=191 ms

64 bytes from 72.14.203.106: icmp_req=21 ttl=51 time=199 ms

64 bytes from 72.14.203.106: icmp_req=22 ttl=51 time=195 ms

64 bytes from 72.14.203.106: icmp_req=23 ttl=51 time=196 ms

64 bytes from 72.14.203.106: icmp_req=24 ttl=51 time=190 ms

64 bytes from 72.14.203.106: icmp_req=25 ttl=51 time=203 ms

64 bytes from 72.14.203.106: icmp_req=26 ttl=51 time=251 ms

64 bytes from 72.14.203.106: icmp_req=27 ttl=51 time=192 ms

64 bytes from 72.14.203.106: icmp_req=28 ttl=51 time=200 ms

Terminated

*******************************************************************************

Ping command with VPN apparently connected:

allan@Area51:~/Downloads/air$ ping 72.14.203.106

PING 72.14.203.106 (72.14.203.106) 56(84) bytes of data.

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

Terminated

******************************************************************

Please let me know if I need to open a new topic, and thanks so much for any insight into this problem.

Allan

Share this post


Link to post

@allanmills

Hello!

The error issued by ifconfig is normal, you have no tap interface, our setup use the tun interface.

About the core of your issue, it is likely that since your interface changed from eth0 to wlan0, your script/config may still be using the old interface. There are several articles that can point you to the right direction:

https://duckduckgo.com/?q=ping%3A+sendmsg%3A+operation+not+permitted

Please do not hesitate to contact us for any further information and support.

Kind regards

Share this post


Link to post

Thanks so much for your help in resolving this issue. After doing some digging around the links you provided, and then searching some more on the Ubuntu forum, I realized that the problem might be something related to the firewall. I turned the firewall off and the connection worked fine. So I changed the device in the firewall setup program I use (Firestarter in Linux), and turned it back on, and it is currently working.

I appreciate your patience and the speed of your responses in helping me troubleshoot this issue.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...