Jump to content
Not connected, Your IP: 18.117.107.78
Staff

Eddie 2.3beta available

Recommended Posts

Hello again,

 

another question if I may,

 

yesterday I noticed that after I had connected to the initial server of my choice the client would automatically connect to different and various servers by itself,can you tell me a little about why this behaviour occurs please?

 

Thanks

Share this post


Link to post

 

I am having an issue with the AirVPN client on OSX. Upon disconnection, I am not able to use my internet connection unless I am connected to an AirVPN server. To fix this problem I have to uninstall the AirVPN client and then reset my WiFi settings on my Mac to get my internet working again. 

I had this issue too, after I disconnected and closed the AirVPN client on my Macbook I was unable to connect to the internet.  I was also able to fix it without having to uninstall the client.  

 

What I did was:

1.  Go to System Preferences -> Network

2.  Then select Wi-Fi (or whatever method you use to connect to the internet such as USB 10/100/1000 LAN for example)

3.  Then select "Advanced" and go to the "DNS" tab

4.  At this point delete the DNS server listed, for me there was only one and it was 10.4.x.x

5.  After I deleted that DNS server my regular DNS servers reappeared, if yours do not, just click the little plus sign down by "IPv4 or IPv6 address" and add your DNS servers manually.

6.  Make sure you click "Apply" (it seems really obvious, but I have forgotten to do this so many I though I should just add this step)

 

I should add that although this fixed my connection, I am not sure if it will fix yours.  But it is somewhere to start and if you have any questions just ask and ill see if I can help.  Also don't delete this DNS server (10.4.x.x) and use your ISP's DNS servers while using AirVPN, I believe this causes leaks.

 

Also if anyone has any suggestions that are better than mine or I am just completely wrong, feel free to post them and I will use my post to direct people to your solution to avoid confusion.

 

 

 

I am having an issue with the AirVPN client on OSX. Upon disconnection, I am not able to use my internet connection unless I am connected to an AirVPN server. To fix this problem I have to uninstall the AirVPN client and then reset my WiFi settings on my Mac to get my internet working again. 

 

I am having an issue with the AirVPN client on OSX. Upon disconnection, I am not able to use my internet connection unless I am connected to an AirVPN server. To fix this problem I have to uninstall the AirVPN client and then reset my WiFi settings on my Mac to get my internet working again. 

I had this issue too, after I disconnected and closed the AirVPN client on my Macbook I was unable to connect to the internet.  I was also able to fix it without having to uninstall the client.  

 

What I did was:

1.  Go to System Preferences -> Network

2.  Then select Wi-Fi (or whatever method you use to connect to the internet such as USB 10/100/1000 LAN for example)

3.  Then select "Advanced" and go to the "DNS" tab

4.  At this point delete the DNS server listed, for me there was only one and it was 10.4.x.x

5.  After I deleted that DNS server my regular DNS servers reappeared, if yours do not, just click the little plus sign down by "IPv4 or IPv6 address" and add your DNS servers manually.

6.  Make sure you click "Apply" (it seems really obvious, but I have forgotten to do this so many I though I should just add this step)

 

I should add that although this fixed my connection, I am not sure if it will fix yours.  But it is somewhere to start and if you have any questions just ask and ill see if I can help.  Also don't delete this DNS server (10.4.x.x) and use your ISP's DNS servers while using AirVPN, I believe this causes leaks.

 

Also if anyone has any suggestions that are better than mine or I am just completely wrong, feel free to post them and I will use my post to direct people to your solution to avoid confusion.

 

I'm not an OS X expert but I think doing this from the command line is faster.

sudo networksetup -setdnsservers [Interface] [DNS_server_IP]

where Interface is an element from the list shown by

networksetup listallnetworkservices

 

This was an issue for me as well. Thanks to both of you for the help! I was going crazy trying to figure this out on my own, haha. 

Share this post


Link to post

I am very pleased with the development of the Eddie Linux Client v. 2.3 beta.  Linux users have needed to be fairly geeky up until now to use AIRVPN.

I do have a couple of issues, but they may have to do with my limited understanding on how to pair the client with UFW to prevent leaks if openvpn fails.

I prefer to connect to Leseth from my laptop via the wlan interface which (apparently) works beautifully if I establish the connection before I enable my ufw firewall.

See the connection log here:

=============
I 2014.08.15 20:12:55 - AirVPN client version: 2.3, System: Linux, Architecture: x64
. 2014.08.15 20:12:55 - Reading options from /home/*****/.airvpn/AirVPN.xml
. 2014.08.15 20:12:56 - Data Path: /home/*****/.airvpn
. 2014.08.15 20:12:56 - App Path: /usr/lib/AirVPN
. 2014.08.15 20:12:56 - Executable Path: /usr/lib/AirVPN/AirVPN.exe
. 2014.08.15 20:12:56 - Command line arguments: path="/home/*****/.airvpn"
. 2014.08.15 20:12:57 - Operating System: Unix 3.13.0.24 - Linux *****LOCAL ID OBSCURED********* 3.13.0-24-generic #47-Ubuntu SMP Fri May 2 23:30:00 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
I 2014.08.15 20:12:57 - OpenVPN Driver - Found
I 2014.08.15 20:12:57 - OpenVPN - Version: OpenVPN 2.3.2 (/usr/sbin/openvpn)
I 2014.08.15 20:12:57 - SSH - Version: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2, OpenSSL 1.0.1f 6 Jan 2014 (/usr/bin/ssh)
I 2014.08.15 20:12:57 - SSL - Version: stunnel 4.53 (/usr/bin/stunnel4)
I 2014.08.15 20:12:57 - IPV6: Available
! 2014.08.15 20:12:57 - Ready
I 2014.08.15 20:14:13 - Session starting.
! 2014.08.15 20:14:13 - Checking environment
! 2014.08.15 20:14:13 - Checking authorization
I 2014.08.15 20:14:14 - DNS of the system will be updated to VPN DNS (ResolvConf method)
! 2014.08.15 20:14:14 - Connecting to Lesath (Canada, Toronto, Ontario)
. 2014.08.15 20:14:14 - OpenVPN > OpenVPN 2.3.2 x86_64-pc-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [iPv6] built on Feb  4 2014
. 2014.08.15 20:14:14 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100
. 2014.08.15 20:14:14 - OpenVPN > NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
. 2014.08.15 20:14:14 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file
. 2014.08.15 20:14:14 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.15 20:14:14 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.15 20:14:14 - OpenVPN > Socket Buffers: R=[212992->131072] S=[212992->131072]
. 2014.08.15 20:14:14 - OpenVPN > UDPv4 link local: [undef]
. 2014.08.15 20:14:14 - OpenVPN > UDPv4 link remote: [AF_INET]184.75.221.2:443
. 2014.08.15 20:14:14 - OpenVPN > TLS: Initial packet from [AF_INET]184.75.221.2:443, sid=10750a28 47d19f52
. 2014.08.15 20:14:15 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
. 2014.08.15 20:14:15 - OpenVPN > Validating certificate key usage
. 2014.08.15 20:14:15 - OpenVPN > ++ Certificate has key usage  00a0, expects 00a0
. 2014.08.15 20:14:15 - OpenVPN > VERIFY KU OK
. 2014.08.15 20:14:15 - OpenVPN > Validating certificate extended key usage
. 2014.08.15 20:14:15 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
. 2014.08.15 20:14:15 - OpenVPN > VERIFY EKU OK
. 2014.08.15 20:14:15 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
. 2014.08.15 20:14:28 - OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2014.08.15 20:14:28 - OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.15 20:14:28 - OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2014.08.15 20:14:28 - OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.15 20:14:28 - OpenVPN > Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA
. 2014.08.15 20:14:28 - OpenVPN > [server] Peer Connection Initiated with [AF_INET]184.75.221.2:443
. 2014.08.15 20:14:30 - OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
. 2014.08.15 20:14:30 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.88.210 10.4.88.209'
. 2014.08.15 20:14:30 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified
. 2014.08.15 20:14:30 - OpenVPN > OPTIONS IMPORT: LZO parms modified
. 2014.08.15 20:14:30 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified
. 2014.08.15 20:14:30 - OpenVPN > OPTIONS IMPORT: route options modified
. 2014.08.15 20:14:30 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
. 2014.08.15 20:14:30 - OpenVPN > ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlan0 HWADDR=00:23:4d:c3:ab:e4
. 2014.08.15 20:14:30 - OpenVPN > TUN/TAP device tun0 opened
. 2014.08.15 20:14:31 - OpenVPN > TUN/TAP TX queue length set to 100
. 2014.08.15 20:14:31 - OpenVPN > do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
. 2014.08.15 20:14:31 - OpenVPN > /sbin/ip link set dev tun0 up mtu 1500
. 2014.08.15 20:14:31 - OpenVPN > /sbin/ip addr add dev tun0 local 10.4.88.210 peer 10.4.88.209
. 2014.08.15 20:14:31 - OpenVPN > /usr/lib/AirVPN/update-resolv-conf tun0 1500 1558 10.4.88.210 10.4.88.209 init
. 2014.08.15 20:14:31 - OpenVPN > dhcp-option DNS 10.4.0.1
. 2014.08.15 20:14:32 - OpenVPN > /sbin/ip route add 184.75.221.2/32 via 192.168.1.1
. 2014.08.15 20:14:32 - OpenVPN > /sbin/ip route add 0.0.0.0/1 via 10.4.88.209
. 2014.08.15 20:14:32 - OpenVPN > /sbin/ip route add 128.0.0.0/1 via 10.4.88.209
. 2014.08.15 20:14:32 - OpenVPN > /sbin/ip route add 10.4.0.1/32 via 10.4.88.209
. 2014.08.15 20:14:32 - Starting Management Interface
. 2014.08.15 20:14:32 - OpenVPN > Initialization Sequence Completed
! 2014.08.15 20:14:32 - Flushing DNS
! 2014.08.15 20:14:32 - Checking route
! 2014.08.15 20:14:33 - Connected.
. 2014.08.15 20:14:33 - OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3100
. 2014.08.15 20:14:33 - OpenVpn Management > >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info


=============


I then bring us UFW configured as indicated in the status message below:
This is my achilles heel, because I never met a firewall I couldn't misconfigure.

> sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), deny (outgoing), disabled (routed)
New profiles: skip


     To                         Action      From
     --                         ------      ----
[ 1] 192.168.1.0/24             ALLOW OUT   Anywhere on wlan0 (out)
[ 2] Anywhere on wlan0          ALLOW IN    192.168.1.0/24
[ 3] 184.75.221.2 443/udp       ALLOW OUT   Anywhere (out)
[ 4] Anywhere                   ALLOW OUT   Anywhere on tun0 (out)
[ 5] Anywhere (v6)              ALLOW OUT   Anywhere (v6) on tun0 (out)
[ 6] 24855 (v6) on tun0         ALLOW IN    Anywhere (v6)



If I establish the connection and then bring up the firewall, all seems hunky dory.  

Trouble starts if I bring up UFW first which is, I think, the point of rule # 3 above -- to allow the connection to the Leseth server, correct?

Here is an example of what I mean when I say trouble starts:

Having enabled UFW,

at 18:15 I launched the 2.3 Eddy client

at 18.18 tried to connect to lesath

client gets stuck while issuing the message: "Retrieving Manifest"

Client is unresponsive and will not exit via any user input

at 18:22 I forced the client session to close with the command > sudo killall mono


The following is the truncated and slightly modified (I manually resolved a couple of IP addresses) concurrent output from /var/log/syslog


Aug 15 18:18:27 randy-eMachines-E620 kernel: [172008.724149] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=255.255.255.255 LEN=142 TOS=0x00 PREC=0x00 TTL=64 ID=64016 DF PROTO=UDP SPT=17500 DPT=17500 LEN=122
Aug 15 18:18:48 randy-eMachines-E620 kernel: [172030.240100] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2
Aug 15 18:19:07 randy-eMachines-E620 kernel: [172048.992130] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=--DROPBOX-- LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=21553 DF PROTO=TCP SPT=43503 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Aug 15 18:19:27 randy-eMachines-E620 kernel: [172068.980667] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=255.255.255.255 LEN=142 TOS=0x00 PREC=0x00 TTL=64 ID=64018 DF PROTO=UDP SPT=17500 DPT=17500 LEN=122
Aug 15 18:19:47 randy-eMachines-E620 kernel: [172088.592102] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2
Aug 15 18:20:07 randy-eMachines-E620 kernel: [172109.004148] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=54.246.124.152 = AMAZON LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=923 PROTO=TCP SPT=46466 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0
Aug 15 18:20:27 randy-eMachines-E620 kernel: [172129.269530] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=255.255.255.255 LEN=142 TOS=0x00 PREC=0x00 TTL=64 ID=64020 DF PROTO=UDP SPT=17500 DPT=17500 LEN=122
Aug 15 18:20:50 randy-eMachines-E620 kernel: [172152.000115] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2
Aug 15 18:21:07 randy-eMachines-E620 kernel: [172169.120144] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=54.246.124.152 = AMAZON LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=927 PROTO=TCP SPT=46466 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0
Aug 15 18:21:28 randy-eMachines-E620 kernel: [172189.477364] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=255.255.255.255 LEN=142 TOS=0x00 PREC=0x00 TTL=64 ID=64022 DF PROTO=UDP SPT=17500 DPT=17500 LEN=122
Aug 15 18:21:47 randy-eMachines-E620 kernel: [172209.048124] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=95.211.138.143 = LEASEWEB LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=58297 PROTO=TCP SPT=50257 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0

 

You will note some odd connection attempts occuring at:

18:20:07
and
18:21:07

That seem to be attempts to make a connection to port 80 at; Amazon EC2 Network Operations (amazon cloud services)

According to this discussion:

https://airvpn.org/topic/10277-dns-leak-to-amazon-technologies/
 
Airvpn runs a backup DNS server on Amazon's EC2 Cloud, but why an attempt to connect on port 80?  Is this a security risk?

The other strange connection attempt occurs at 18:21:47 and appears to be a port 80 attempt to connect to a leaseweb server in Amsterdam.

Do these connections have to be allowed in order for the client to function?  What are they for?

Any suggestions on how I might adjust my UFW config to properly allow a connection to Leseth is welcome.

Issues aside, I am really encouraged by this new client. 

 
I will continue to watch developments and am, in particular interested in integraton of firewalling with the client.

I have had OPENVPN drop on me in the past leaving my activities open to surveillance and now feel that a combination of VPN and firewall is required.

Thanks again.
 

 

Share this post


Link to post
Guest

Eddie is still in beta. I keep getting disconnected and was wondering if i could get the old, simple client somewhere?

Never had that problem with the old one.

 

thanks

Share this post


Link to post

Eddie is still in beta. I keep getting disconnected and was wondering if i could get the old, simple client somewhere?

Never had that problem with the old one.

 

thanks

 

Hello!

 

Could you post the logs?

 

Kind regards

Share this post


Link to post

I am very pleased with the development of the Eddie Linux Client v. 2.3 beta.  Linux users have needed to be fairly geeky up until now to use AIRVPN.

 

I do have a couple of issues, but they may have to do with my limited understanding on how to pair the client with UFW to prevent leaks if openvpn fails.

 

I prefer to connect to Leseth from my laptop via the wlan interface which (apparently) works beautifully if I establish the connection before I enable my ufw firewall.

 

See the connection log here:

 

=============

I 2014.08.15 20:12:55 - AirVPN client version: 2.3, System: Linux, Architecture: x64

. 2014.08.15 20:12:55 - Reading options from /home/*****/.airvpn/AirVPN.xml

. 2014.08.15 20:12:56 - Data Path: /home/*****/.airvpn

. 2014.08.15 20:12:56 - App Path: /usr/lib/AirVPN

. 2014.08.15 20:12:56 - Executable Path: /usr/lib/AirVPN/AirVPN.exe

. 2014.08.15 20:12:56 - Command line arguments: path="/home/*****/.airvpn"

. 2014.08.15 20:12:57 - Operating System: Unix 3.13.0.24 - Linux *****LOCAL ID OBSCURED********* 3.13.0-24-generic #47-Ubuntu SMP Fri May 2 23:30:00 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

I 2014.08.15 20:12:57 - OpenVPN Driver - Found

I 2014.08.15 20:12:57 - OpenVPN - Version: OpenVPN 2.3.2 (/usr/sbin/openvpn)

I 2014.08.15 20:12:57 - SSH - Version: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2, OpenSSL 1.0.1f 6 Jan 2014 (/usr/bin/ssh)

I 2014.08.15 20:12:57 - SSL - Version: stunnel 4.53 (/usr/bin/stunnel4)

I 2014.08.15 20:12:57 - IPV6: Available

! 2014.08.15 20:12:57 - Ready

I 2014.08.15 20:14:13 - Session starting.

! 2014.08.15 20:14:13 - Checking environment

! 2014.08.15 20:14:13 - Checking authorization

I 2014.08.15 20:14:14 - DNS of the system will be updated to VPN DNS (ResolvConf method)

! 2014.08.15 20:14:14 - Connecting to Lesath (Canada, Toronto, Ontario)

. 2014.08.15 20:14:14 - OpenVPN > OpenVPN 2.3.2 x86_64-pc-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [iPv6] built on Feb  4 2014

. 2014.08.15 20:14:14 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100

. 2014.08.15 20:14:14 - OpenVPN > NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

. 2014.08.15 20:14:14 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file

. 2014.08.15 20:14:14 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

. 2014.08.15 20:14:14 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

. 2014.08.15 20:14:14 - OpenVPN > Socket Buffers: R=[212992->131072] S=[212992->131072]

. 2014.08.15 20:14:14 - OpenVPN > UDPv4 link local: [undef]

. 2014.08.15 20:14:14 - OpenVPN > UDPv4 link remote: [AF_INET]184.75.221.2:443

. 2014.08.15 20:14:14 - OpenVPN > TLS: Initial packet from [AF_INET]184.75.221.2:443, sid=10750a28 47d19f52

. 2014.08.15 20:14:15 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org

. 2014.08.15 20:14:15 - OpenVPN > Validating certificate key usage

. 2014.08.15 20:14:15 - OpenVPN > ++ Certificate has key usage  00a0, expects 00a0

. 2014.08.15 20:14:15 - OpenVPN > VERIFY KU OK

. 2014.08.15 20:14:15 - OpenVPN > Validating certificate extended key usage

. 2014.08.15 20:14:15 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication

. 2014.08.15 20:14:15 - OpenVPN > VERIFY EKU OK

. 2014.08.15 20:14:15 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org

. 2014.08.15 20:14:28 - OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

. 2014.08.15 20:14:28 - OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

. 2014.08.15 20:14:28 - OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

. 2014.08.15 20:14:28 - OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

. 2014.08.15 20:14:28 - OpenVPN > Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA

. 2014.08.15 20:14:28 - OpenVPN > [server] Peer Connection Initiated with [AF_INET]184.75.221.2:443

. 2014.08.15 20:14:30 - OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

. 2014.08.15 20:14:30 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.88.210 10.4.88.209'

. 2014.08.15 20:14:30 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified

. 2014.08.15 20:14:30 - OpenVPN > OPTIONS IMPORT: LZO parms modified

. 2014.08.15 20:14:30 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified

. 2014.08.15 20:14:30 - OpenVPN > OPTIONS IMPORT: route options modified

. 2014.08.15 20:14:30 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

. 2014.08.15 20:14:30 - OpenVPN > ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlan0 HWADDR=00:23:4d:c3:ab:e4

. 2014.08.15 20:14:30 - OpenVPN > TUN/TAP device tun0 opened

. 2014.08.15 20:14:31 - OpenVPN > TUN/TAP TX queue length set to 100

. 2014.08.15 20:14:31 - OpenVPN > do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0

. 2014.08.15 20:14:31 - OpenVPN > /sbin/ip link set dev tun0 up mtu 1500

. 2014.08.15 20:14:31 - OpenVPN > /sbin/ip addr add dev tun0 local 10.4.88.210 peer 10.4.88.209

. 2014.08.15 20:14:31 - OpenVPN > /usr/lib/AirVPN/update-resolv-conf tun0 1500 1558 10.4.88.210 10.4.88.209 init

. 2014.08.15 20:14:31 - OpenVPN > dhcp-option DNS 10.4.0.1

. 2014.08.15 20:14:32 - OpenVPN > /sbin/ip route add 184.75.221.2/32 via 192.168.1.1

. 2014.08.15 20:14:32 - OpenVPN > /sbin/ip route add 0.0.0.0/1 via 10.4.88.209

. 2014.08.15 20:14:32 - OpenVPN > /sbin/ip route add 128.0.0.0/1 via 10.4.88.209

. 2014.08.15 20:14:32 - OpenVPN > /sbin/ip route add 10.4.0.1/32 via 10.4.88.209

. 2014.08.15 20:14:32 - Starting Management Interface

. 2014.08.15 20:14:32 - OpenVPN > Initialization Sequence Completed

! 2014.08.15 20:14:32 - Flushing DNS

! 2014.08.15 20:14:32 - Checking route

! 2014.08.15 20:14:33 - Connected.

. 2014.08.15 20:14:33 - OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3100

. 2014.08.15 20:14:33 - OpenVpn Management > >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info

 

=============

 

I then bring us UFW configured as indicated in the status message below:

This is my achilles heel, because I never met a firewall I couldn't misconfigure.

 

> sudo ufw status verbose

Status: active

Logging: on (low)

Default: deny (incoming), deny (outgoing), disabled (routed)

New profiles: skip

 

     To                         Action      From

     --                         ------      ----

[ 1] 192.168.1.0/24             ALLOW OUT   Anywhere on wlan0 (out)

[ 2] Anywhere on wlan0          ALLOW IN    192.168.1.0/24

[ 3] 184.75.221.2 443/udp       ALLOW OUT   Anywhere (out)

[ 4] Anywhere                   ALLOW OUT   Anywhere on tun0 (out)

[ 5] Anywhere (v6)              ALLOW OUT   Anywhere (v6) on tun0 (out)

[ 6] 24855 (v6) on tun0         ALLOW IN    Anywhere (v6)

 

 

If I establish the connection and then bring up the firewall, all seems hunky dory.  

 

Trouble starts if I bring up UFW first which is, I think, the point of rule # 3 above -- to allow the connection to the Leseth server, correct?

 

Here is an example of what I mean when I say trouble starts:

 

Having enabled UFW,

 

at 18:15 I launched the 2.3 Eddy client

 

at 18.18 tried to connect to lesath

 

client gets stuck while issuing the message: "Retrieving Manifest"

 

Client is unresponsive and will not exit via any user input

 

at 18:22 I forced the client session to close with the command > sudo killall mono

 

The following is the truncated and slightly modified (I manually resolved a couple of IP addresses) concurrent output from /var/log/syslog

 

 

Aug 15 18:18:27 randy-eMachines-E620 kernel: [172008.724149] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=255.255.255.255 LEN=142 TOS=0x00 PREC=0x00 TTL=64 ID=64016 DF PROTO=UDP SPT=17500 DPT=17500 LEN=122

Aug 15 18:18:48 randy-eMachines-E620 kernel: [172030.240100] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2

Aug 15 18:19:07 randy-eMachines-E620 kernel: [172048.992130] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=--DROPBOX-- LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=21553 DF PROTO=TCP SPT=43503 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0

Aug 15 18:19:27 randy-eMachines-E620 kernel: [172068.980667] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=255.255.255.255 LEN=142 TOS=0x00 PREC=0x00 TTL=64 ID=64018 DF PROTO=UDP SPT=17500 DPT=17500 LEN=122

Aug 15 18:19:47 randy-eMachines-E620 kernel: [172088.592102] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2

Aug 15 18:20:07 randy-eMachines-E620 kernel: [172109.004148] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=54.246.124.152 = AMAZON LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=923 PROTO=TCP SPT=46466 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0

Aug 15 18:20:27 randy-eMachines-E620 kernel: [172129.269530] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=255.255.255.255 LEN=142 TOS=0x00 PREC=0x00 TTL=64 ID=64020 DF PROTO=UDP SPT=17500 DPT=17500 LEN=122

Aug 15 18:20:50 randy-eMachines-E620 kernel: [172152.000115] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2

Aug 15 18:21:07 randy-eMachines-E620 kernel: [172169.120144] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=54.246.124.152 = AMAZON LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=927 PROTO=TCP SPT=46466 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0

Aug 15 18:21:28 randy-eMachines-E620 kernel: [172189.477364] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=255.255.255.255 LEN=142 TOS=0x00 PREC=0x00 TTL=64 ID=64022 DF PROTO=UDP SPT=17500 DPT=17500 LEN=122

Aug 15 18:21:47 randy-eMachines-E620 kernel: [172209.048124] [uFW BLOCK] IN= OUT=wlan0 SRC=192.168.1.12 DST=95.211.138.143 = LEASEWEB LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=58297 PROTO=TCP SPT=50257 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0

 

You will note some odd connection attempts occuring at:

 

18:20:07

and

18:21:07

 

That seem to be attempts to make a connection to port 80 at; Amazon EC2 Network Operations (amazon cloud services)

 

According to this discussion:

 

https://airvpn.org/topic/10277-dns-leak-to-amazon-technologies/

 

Airvpn runs a backup DNS server on Amazon's EC2 Cloud, but why an attempt to connect on port 80?  Is this a security risk?

 

The other strange connection attempt occurs at 18:21:47 and appears to be a port 80 attempt to connect to a leaseweb server in Amsterdam.

 

Do these connections have to be allowed in order for the client to function?  What are they for?

 

Any suggestions on how I might adjust my UFW config to properly allow a connection to Leseth is welcome.

 

Issues aside, I am really encouraged by this new client. 

 

I will continue to watch developments and am, in particular interested in integraton of firewalling with the client.

I have had OPENVPN drop on me in the past leaving my activities open to surveillance and now feel that a combination of VPN and firewall is required.

 

Thanks again.

 

 

 

I tried asking a few questions about using UFW with the client too.  I finally just resigned that I would connect with the 2.3 client and then bring up UFW for any potential connection loss.  The intial connection/handshake via the client is not too strong of a security risk and once the connection is made UFW locks it all down to the tun0.  I have totally tested this method and the combo of UFW (properly configured) plus the client is rock solid.

 

ps - by risk I mean allowing my computer to access anything outside of the tunnel at any time.  I am only outside of the tunnel during the client connect.

Share this post


Link to post
Guest
 

Eddie is still in beta. I keep getting disconnected and was wondering if i could get the old, simple client somewhere?

Never had that problem with the old one.

 

thanks

 

I 2014.08.16 20:26:11 - AirVPN client version: 2.3, System: Windows, Architecture: x64

Hello!

 

Could you post the logs?

 

Kind regards

 

. 2014.08.16 20:26:11 - Reading options from C:\Program Files\AirVPN\AirVPN.xml
. 2014.08.16 20:26:11 - Data Path: C:\Program Files\AirVPN
. 2014.08.16 20:26:11 - App Path: C:\Program Files\AirVPN
. 2014.08.16 20:26:11 - Executable Path: C:\Program Files\AirVPN\AirVPN.exe
. 2014.08.16 20:26:11 - Command line arguments:
. 2014.08.16 20:26:11 - Operating System: Microsoft Windows NT 6.2.9200.0
I 2014.08.16 20:26:11 - OpenVPN Driver - TAP-Windows Adapter V9
I 2014.08.16 20:26:11 - OpenVPN - Version: OpenVPN 2.3.4 (C:\Program Files\AirVPN\openvpn.exe)
I 2014.08.16 20:26:11 - SSH - Version: plink 0.63 (C:\Program Files\AirVPN\plink.exe)
I 2014.08.16 20:26:11 - SSL - Version: stunnel 4.56 (C:\Program Files\AirVPN\stunnel.exe)
I 2014.08.16 20:26:11 - IPV6: Available
! 2014.08.16 20:26:11 - Ready
I 2014.08.16 20:26:19 - Session starting.
! 2014.08.16 20:26:19 - Checking environment
! 2014.08.16 20:26:19 - Retrieving manifest
! 2014.08.16 20:26:24 - Checking authorization
! 2014.08.16 20:26:37 - Connecting to Canopus (Netherlands, Amsterdam)
. 2014.08.16 20:26:37 - OpenVPN > OpenVPN 2.3.4 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [iPv6] built on Jun  9 2014
. 2014.08.16 20:26:37 - OpenVPN > library versions: OpenSSL 1.0.1g 7 Apr 2014, LZO 2.05
. 2014.08.16 20:26:37 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3101
. 2014.08.16 20:26:37 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file
. 2014.08.16 20:26:37 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.16 20:26:37 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.16 20:26:37 - OpenVPN > Socket Buffers: R=[65536->65536] S=[65536->65536]
. 2014.08.16 20:26:37 - OpenVPN > UDPv4 link local: [undef]
. 2014.08.16 20:26:37 - OpenVPN > UDPv4 link remote: [AF_INET]37.48.81.11:443
. 2014.08.16 20:26:37 - OpenVPN > TLS: Initial packet from [AF_INET]37.48.81.11:443, sid=4dbddf7a 2fb99fcc
. 2014.08.16 20:26:38 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
. 2014.08.16 20:26:38 - OpenVPN > Validating certificate key usage
. 2014.08.16 20:26:38 - OpenVPN > ++ Certificate has key usage  00a0, expects 00a0
. 2014.08.16 20:26:38 - OpenVPN > VERIFY KU OK
. 2014.08.16 20:26:38 - OpenVPN > Validating certificate extended key usage
. 2014.08.16 20:26:38 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
. 2014.08.16 20:26:38 - OpenVPN > VERIFY EKU OK
. 2014.08.16 20:26:38 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
. 2014.08.16 20:26:41 - OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2014.08.16 20:26:41 - OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.16 20:26:41 - OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2014.08.16 20:26:41 - OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.16 20:26:41 - OpenVPN > Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA
. 2014.08.16 20:26:41 - OpenVPN > [server] Peer Connection Initiated with [AF_INET]37.48.81.11:443
. 2014.08.16 20:26:43 - OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
. 2014.08.16 20:26:43 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.0.14 10.4.0.13'
. 2014.08.16 20:26:43 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified
. 2014.08.16 20:26:43 - OpenVPN > OPTIONS IMPORT: LZO parms modified
. 2014.08.16 20:26:43 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified
. 2014.08.16 20:26:43 - OpenVPN > OPTIONS IMPORT: route options modified
. 2014.08.16 20:26:43 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
. 2014.08.16 20:26:43 - OpenVPN > do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
. 2014.08.16 20:26:43 - OpenVPN > open_tun, tt->ipv6=0
. 2014.08.16 20:26:43 - OpenVPN > TAP-WIN32 device [Lokal tilkobling] opened: \\.\Global\{CB7DE4EB-2A96-4F89-A5E4-117F77BCF4C5}.tap
. 2014.08.16 20:26:43 - OpenVPN > TAP-Windows Driver Version 9.9
. 2014.08.16 20:26:43 - OpenVPN > Notified TAP-Windows driver to set a DHCP IP/netmask of 10.4.0.14/255.255.255.252 on interface {CB7DE4EB-2A96-4F89-A5E4-117F77BCF4C5} [DHCP-serv: 10.4.0.13, lease-time: 31536000]
. 2014.08.16 20:26:43 - OpenVPN > Successful ARP Flush on interface [11] {CB7DE4EB-2A96-4F89-A5E4-117F77BCF4C5}
. 2014.08.16 20:26:43 - OpenVPN > write UDPv4: No Route to Host (WSAEHOSTUNREACH) (code=10065)
. 2014.08.16 20:26:43 - OpenVPN > write UDPv4: No Route to Host (WSAEHOSTUNREACH) (code=10065)
. 2014.08.16 20:26:43 - OpenVPN > write UDPv4: No Route to Host (WSAEHOSTUNREACH) (code=10065)
. 2014.08.16 20:26:48 - OpenVPN > TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
. 2014.08.16 20:26:48 - OpenVPN > C:\windows\system32\route.exe ADD 37.48.81.11 MASK 255.255.255.255 192.168.1.1
. 2014.08.16 20:26:48 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
. 2014.08.16 20:26:48 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2014.08.16 20:26:48 - OpenVPN > C:\windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.4.0.13
. 2014.08.16 20:26:48 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
. 2014.08.16 20:26:48 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2014.08.16 20:26:48 - OpenVPN > C:\windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.4.0.13
. 2014.08.16 20:26:48 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
. 2014.08.16 20:26:48 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2014.08.16 20:26:48 - OpenVPN > C:\windows\system32\route.exe ADD 10.4.0.1 MASK 255.255.255.255 10.4.0.13
. 2014.08.16 20:26:48 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
. 2014.08.16 20:26:48 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2014.08.16 20:26:48 - Starting Management Interface
. 2014.08.16 20:26:48 - OpenVPN > Initialization Sequence Completed
! 2014.08.16 20:26:48 - Flushing DNS
! 2014.08.16 20:26:48 - Checking route
! 2014.08.16 20:26:49 - Connected.
. 2014.08.16 20:26:49 - OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3101
. 2014.08.16 20:26:49 - OpenVpn Management > >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info
. 2014.08.16 20:32:46 - OpenVPN > [server] Inactivity timeout (--ping-restart), restarting
. 2014.08.16 20:32:46 - OpenVPN > SIGUSR1[soft,ping-restart] received, process restarting
. 2014.08.16 20:32:46 - OpenVPN > Restart pause, 2 second(s)
! 2014.08.16 20:32:46 - Disconnecting
. 2014.08.16 20:32:46 - Management - Send 'signal SIGTERM'
. 2014.08.16 20:32:46 - OpenVPN > MANAGEMENT: CMD 'signal SIGTERM'
. 2014.08.16 20:32:46 - OpenVPN > MANAGEMENT: Client disconnected
. 2014.08.16 20:32:46 - OpenVPN > Assertion failed at misc.c:785
. 2014.08.16 20:32:46 - OpenVPN > Exiting due to fatal error
. 2014.08.16 20:32:46 - Connection terminated.
! 2014.08.16 20:32:49 - Waiting for latency tests
! 2014.08.16 20:32:51 - Checking authorization
! 2014.08.16 20:33:04 - Connecting to Velorum (Germany, Frankfurt)
. 2014.08.16 20:33:04 - OpenVPN > OpenVPN 2.3.4 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [iPv6] built on Jun  9 2014
. 2014.08.16 20:33:04 - OpenVPN > library versions: OpenSSL 1.0.1g 7 Apr 2014, LZO 2.05
. 2014.08.16 20:33:04 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3101
. 2014.08.16 20:33:04 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file
. 2014.08.16 20:33:04 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.16 20:33:04 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.16 20:33:04 - OpenVPN > Socket Buffers: R=[65536->65536] S=[65536->65536]
. 2014.08.16 20:33:04 - OpenVPN > UDPv4 link local: [undef]
. 2014.08.16 20:33:04 - OpenVPN > UDPv4 link remote: [AF_INET]46.165.208.69:443
. 2014.08.16 20:33:04 - OpenVPN > TLS: Initial packet from [AF_INET]46.165.208.69:443, sid=ae155290 d5f57832
. 2014.08.16 20:33:04 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
. 2014.08.16 20:33:04 - OpenVPN > Validating certificate key usage
. 2014.08.16 20:33:04 - OpenVPN > ++ Certificate has key usage  00a0, expects 00a0
. 2014.08.16 20:33:04 - OpenVPN > VERIFY KU OK
. 2014.08.16 20:33:04 - OpenVPN > Validating certificate extended key usage
. 2014.08.16 20:33:04 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
. 2014.08.16 20:33:04 - OpenVPN > VERIFY EKU OK
. 2014.08.16 20:33:04 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
. 2014.08.16 20:33:08 - OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2014.08.16 20:33:08 - OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.16 20:33:08 - OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2014.08.16 20:33:08 - OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.16 20:33:08 - OpenVPN > Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA
. 2014.08.16 20:33:08 - OpenVPN > [server] Peer Connection Initiated with [AF_INET]46.165.208.69:443
. 2014.08.16 20:33:10 - OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
. 2014.08.16 20:33:10 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.100.154 10.4.100.153'
. 2014.08.16 20:33:10 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified
. 2014.08.16 20:33:10 - OpenVPN > OPTIONS IMPORT: LZO parms modified
. 2014.08.16 20:33:10 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified
. 2014.08.16 20:33:10 - OpenVPN > OPTIONS IMPORT: route options modified
. 2014.08.16 20:33:10 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
. 2014.08.16 20:33:10 - OpenVPN > do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
. 2014.08.16 20:33:10 - OpenVPN > open_tun, tt->ipv6=0
. 2014.08.16 20:33:11 - OpenVPN > TAP-WIN32 device [Lokal tilkobling] opened: \\.\Global\{CB7DE4EB-2A96-4F89-A5E4-117F77BCF4C5}.tap
. 2014.08.16 20:33:11 - OpenVPN > TAP-Windows Driver Version 9.9
. 2014.08.16 20:33:11 - OpenVPN > Notified TAP-Windows driver to set a DHCP IP/netmask of 10.4.100.154/255.255.255.252 on interface {CB7DE4EB-2A96-4F89-A5E4-117F77BCF4C5} [DHCP-serv: 10.4.100.153, lease-time: 31536000]
. 2014.08.16 20:33:11 - OpenVPN > Successful ARP Flush on interface [11] {CB7DE4EB-2A96-4F89-A5E4-117F77BCF4C5}
. 2014.08.16 20:33:16 - OpenVPN > TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
. 2014.08.16 20:33:16 - OpenVPN > C:\windows\system32\route.exe ADD 46.165.208.69 MASK 255.255.255.255 192.168.1.1
. 2014.08.16 20:33:16 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
. 2014.08.16 20:33:16 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2014.08.16 20:33:16 - OpenVPN > C:\windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.4.100.153
. 2014.08.16 20:33:16 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
. 2014.08.16 20:33:16 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2014.08.16 20:33:16 - OpenVPN > C:\windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.4.100.153
. 2014.08.16 20:33:16 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
. 2014.08.16 20:33:16 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2014.08.16 20:33:16 - OpenVPN > C:\windows\system32\route.exe ADD 10.4.0.1 MASK 255.255.255.255 10.4.100.153
. 2014.08.16 20:33:16 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
. 2014.08.16 20:33:16 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2014.08.16 20:33:16 - Starting Management Interface
. 2014.08.16 20:33:16 - OpenVPN > Initialization Sequence Completed
! 2014.08.16 20:33:16 - Flushing DNS
! 2014.08.16 20:33:16 - Checking route
! 2014.08.16 20:33:17 - Connected.
. 2014.08.16 20:33:17 - OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3101
. 2014.08.16 20:33:17 - OpenVpn Management > >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info
 
 
I'm browsing and suddenly internet seems to stop working. Then it says "checking route" or something and tries to connect again. 
Tried posting this 3 times now, got disconnected all 3 times   
 
Very annoying, never had any problem with the old client. Could you put the good old win 8 Airclient back on the site until eddie is finished? That would be nice, thank you
 

2014.08.16 20:32:46 - OpenVPN > MANAGEMENT: Client disconnected
. 2014.08.16 20:32:46 - OpenVPN > Assertion failed at misc.c:785
. 2014.08.16 20:32:46 - OpenVPN > Exiting due to fatal error
. 2014.08.16 20:32:46 - Connection terminated.

Share this post


Link to post

Eddie is still in beta. I keep getting disconnected and was wondering if i could get the old, simple client somewhere?

Never had that problem with the old one.

 

thanks

Hello,

 

you can find it here:

https://airvpn.org/repository/1.8/air_windows_x86_64.zip

https://airvpn.org/repository/1.8/air_windows_i686.zip

https://airvpn.org/repository/1.8/air_windows8_x86_64.zip

https://airvpn.org/repository/1.8/air_windows8_i686.zip

 

Pick the correct one for your Windows version. Beware: the bundles include older OpenVPN versions.

 

It will be interesting to see whether the old client solves the problem, feel free to keep us posted, thanks in advance.

 

Kind regards

Share this post


Link to post

Hello,

 

When is Eddie 2.4 supposed to be coming out? It sounds like there will be some big improvements and features added to it.

Share this post


Link to post
Guest

 

Eddie is still in beta. I keep getting disconnected and was wondering if i could get the old, simple client somewhere?

Never had that problem with the old one.

 

thanks

Hello,

 

you can find it here:

https://airvpn.org/repository/1.8/air_windows_x86_64.zip

https://airvpn.org/repository/1.8/air_windows_i686.zip

https://airvpn.org/repository/1.8/air_windows8_x86_64.zip

https://airvpn.org/repository/1.8/air_windows8_i686.zip

 

Pick the correct one for your Windows version. Beware: the bundles include older OpenVPN versions.

 

It will be interesting to see whether the old client solves the problem, feel free to keep us posted, thanks in advance.

 

Kind regards

 

 

It seems to be wroking fine now  Been connected for more than an hour now with no trouble.

Using the old Win 8 64bit client. 

 

Thank you!

Share this post


Link to post
Posted ... (edited)

I have been getting this error on the Mac client for a few days now. I wake the laptop from sleep, if AirVPN client was connected before going to sleep it tries to reconnect automatically. The error happens at this stage. Even if AirVPN client doesn't autoreconnect (maybe because it was diconnected before sleeping), the client has trouble connecting again. I have tried quitting and restarting the client, I have tried turning wifi on/off. The only thing that resolves the issue is - Changing the port/protocol and connecting to a different server. That works properly. If I now revert the port/protocol and connect to the original server, even that works... The issue started a few days ago.

 

EDIT: The struck through description seems to be for some other issue and may not match the log file below. The description for the log file below - Unable to connect to Hadar on any port/protocol combination. Even the Tunnelblick client doesn't work when connecting to Hadar. The status page at the moment doesn't display a ping time for Hadar, is it down?

 

Log statements -

 

I 2014.08.19 15:57:56 - Session starting.
! 2014.08.19 15:57:56 - Checking environment
! 2014.08.19 15:57:56 - Checking authorization
! 2014.08.19 15:57:57 - Connecting to Hadar (Hong Kong, Hong Kong)
. 2014.08.19 15:57:57 - OpenVPN > OpenVPN 2.3.4 x86_64-apple-darwin13.2.0 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Jun  9 2014
. 2014.08.19 15:57:57 - OpenVPN > library versions: OpenSSL 1.0.1g 7 Apr 2014, LZO 2.05
. 2014.08.19 15:57:57 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100
. 2014.08.19 15:57:57 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file
. 2014.08.19 15:57:57 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.19 15:57:57 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.19 15:57:57 - OpenVPN > Socket Buffers: R=[196724->65536] S=[9216->65536]
. 2014.08.19 15:57:57 - OpenVPN > UDPv4 link local: [undef]
. 2014.08.19 15:57:57 - OpenVPN > UDPv4 link remote: [AF_INET]103.10.197.186:443
. 2014.08.19 15:57:57 - OpenVPN > write UDPv4: Can't assign requested address (code=49)
. 2014.08.19 15:57:59 - OpenVPN > write UDPv4: Can't assign requested address (code=49)
. 2014.08.19 15:58:03 - OpenVPN > write UDPv4: Can't assign requested address (code=49)
. 2014.08.19 15:58:11 - OpenVPN > write UDPv4: Can't assign requested address (code=49)
. 2014.08.19 15:58:27 - OpenVPN > write UDPv4: Can't assign requested address (code=49)
. 2014.08.19 15:58:29 - OpenVPN > [UNDEF] Inactivity timeout (--ping-exit), exiting
. 2014.08.19 15:58:29 - OpenVPN > SIGTERM received, sending exit notification to peer
. 2014.08.19 15:58:34 - OpenVPN > SIGTERM[soft,exit-with-notification] received, process exiting
! 2014.08.19 15:58:34 - Disconnecting
. 2014.08.19 15:58:35 - Connection terminated.
 

 

 

EDIT: I sometimes have a parallel connection active from my desktop. But the desktop always connects on UDP 53 and the laptop always on UDP 443. Also they both have different servers in their whitelist. So, I don't think this error is due to connections going to the same server/port/protocol.

Edited ... by strideram

Share this post


Link to post

Hello!

 

Hadar is working fine but if you don't see the "latency" time on the Status page maybe your system can't reach it. That time is calculated by your browser, it's the time your browser needs to connect via https to the VPN server and download a 1 byte file (so it's not a latency time, but it is very useful to perform a relative comparison between servers).

 

Kind regards

Share this post


Link to post

Almost like clockwork (on random tuesdays and fridays) Eddie v2.4 is released today according to the changelog, but is it just the earlier and unannounced bug fix version from mid-July rebadged or re-dated?

 

Version 2.4 (Tue, 19 Aug 2014 13:03:41 +0000)

  • [bugfix] Preferences error when saving with autostart
  • [change] Confirmation on exit

  • [change] Windows Installer save data in local user data path

  • [change] OSX save data in local user data path

  • [change] Latest Manifest Update time glitch

  • [change] OSX Speed Chart improvements

  • [bugfix] Login fatal error message

  • [bugfix] Route list in Generate System Report

 

 

In any case the client with foolproof built-in firewall and anti-leak powers is still some ways away?

Share this post


Link to post

Hello!

 

Eddie will never have a built-in firewall, this option has never been announced and not even wildly speculated.

 

The leaks prevention is our highest priority but it could not be delivered as announced in the first half of August, it has been postponed to the beginning of September, with version 2.5.

 

Eddie 2.4 has never been released on our web site, but it will be very soon.

 

Kind regards

Share this post


Link to post

My bad, I really meant the protection against dropped connections (where firewall can be useful too).

 

Take your time to get it right. Both security and summer holidays deserve to be observed with maniacal thoroughness.   

Share this post


Link to post

My bad, I really meant the protection against dropped connections (where firewall can be useful too).

 

Take your time to get it right. Both security and summer holidays deserve to be observed with maniacal thoroughness. 

I second this thinking.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...