Jump to content
Not connected, Your IP: 34.200.218.187
Believer_01

VPN problems under Archlinux

Recommended Posts

Hello users,

I run Archlinux 64 bit over a LAN connection.

If I use openvpn by terminal with the command sudo openvpn --config ["path to file .ovpn"] it works correctly.

ALso in the .ovpn file I added the script to change the resolvconf file on the fly.

But after time that the connection is established, appears other messages in the terminal, like that openvpn is re-initalizing the procedure.

Sometimes also ipleak.net gives me DNS leak but it I try after some seconds, it does not. Instead by dnsleaktest I have never DNS leak.

If I use Eddie (portable)  it never works, it tries to connect then restarts and tries again indefinitely.

Here the report:

 

 

 

I 2014.08.12 00:14:48 - AirVPN client version: 2.3, System: Linux, Architecture: x64
. 2014.08.12 00:14:48 - Reading options from /home/slogx/Downloads/airvpn_linux_x64_portable/AirVPN.xml
. 2014.08.12 00:14:49 - Data Path: /home/slogx/Downloads/airvpn_linux_x64_portable
. 2014.08.12 00:14:49 - App Path: /home/slogx/Downloads/airvpn_linux_x64_portable
. 2014.08.12 00:14:49 - Executable Path: /home/slogx/Downloads/airvpn_linux_x64_portable/airvpn
. 2014.08.12 00:14:49 - Command line arguments:
. 2014.08.12 00:14:49 - Operating System: Unix 3.15.8.1 - Linux dhcppc1 3.15.8-1-ARCH #1 SMP PREEMPT Fri Aug 1 08:51:42 CEST 2014 x86_64 GNU/Linux
I 2014.08.12 00:14:49 - OpenVPN Driver - Found
I 2014.08.12 00:14:49 - OpenVPN - Version: OpenVPN 2.3.4 (/home/slogx/Downloads/airvpn_linux_x64_portable/openvpn)
W 2014.08.12 00:14:49 - SSH - Not available
I 2014.08.12 00:14:49 - SSL - Version: stunnel 5.01 (/home/slogx/Downloads/airvpn_linux_x64_portable/stunnel)
I 2014.08.12 00:14:49 - IPV6: Available
! 2014.08.12 00:14:49 - Ready
I 2014.08.12 00:14:53 - Session starting.
! 2014.08.12 00:14:53 - Checking environment
! 2014.08.12 00:14:53 - Waiting for latency tests
! 2014.08.12 00:15:02 - Checking authorization
I 2014.08.12 00:15:03 - DNS of the system will be updated to VPN DNS (ResolvConf method)
! 2014.08.12 00:15:03 - Connecting to Keid (Netherlands, Amsterdam)
. 2014.08.12 00:15:03 - OpenVPN > OpenVPN 2.3.4 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Jun  9 2014
. 2014.08.12 00:15:03 - OpenVPN > library versions: OpenSSL 1.0.1g 7 Apr 2014, LZO 2.05
. 2014.08.12 00:15:03 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100
. 2014.08.12 00:15:03 - OpenVPN > NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
. 2014.08.12 00:15:03 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file
. 2014.08.12 00:15:03 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.12 00:15:03 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.12 00:15:03 - OpenVPN > Socket Buffers: R=[212992->131072] S=[212992->131072]
. 2014.08.12 00:15:03 - OpenVPN > UDPv4 link local: [undef]
. 2014.08.12 00:15:03 - OpenVPN > UDPv4 link remote: [AF_INET]95.211.138.7:443
. 2014.08.12 00:15:03 - OpenVPN > TLS: Initial packet from [AF_INET]95.211.138.7:443, sid=c2e12048 1f64ac91
. 2014.08.12 00:15:03 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
. 2014.08.12 00:15:03 - OpenVPN > Validating certificate key usage
. 2014.08.12 00:15:03 - OpenVPN > ++ Certificate has key usage  00a0, expects 00a0
. 2014.08.12 00:15:03 - OpenVPN > VERIFY KU OK
. 2014.08.12 00:15:03 - OpenVPN > Validating certificate extended key usage
. 2014.08.12 00:15:03 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
. 2014.08.12 00:15:03 - OpenVPN > VERIFY EKU OK
. 2014.08.12 00:15:03 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
. 2014.08.12 00:15:04 - OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2014.08.12 00:15:04 - OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.12 00:15:04 - OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2014.08.12 00:15:04 - OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.12 00:15:04 - OpenVPN > Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA
. 2014.08.12 00:15:04 - OpenVPN > [server] Peer Connection Initiated with [AF_INET]95.211.138.7:443
. 2014.08.12 00:15:06 - OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
. 2014.08.12 00:15:06 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.33.202 10.4.33.201'
. 2014.08.12 00:15:06 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified
. 2014.08.12 00:15:06 - OpenVPN > OPTIONS IMPORT: LZO parms modified
. 2014.08.12 00:15:06 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified
. 2014.08.12 00:15:06 - OpenVPN > OPTIONS IMPORT: route options modified
. 2014.08.12 00:15:06 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
. 2014.08.12 00:15:06 - OpenVPN > TUN/TAP device tun0 opened
. 2014.08.12 00:15:06 - OpenVPN > TUN/TAP TX queue length set to 100
. 2014.08.12 00:15:06 - OpenVPN > do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
. 2014.08.12 00:15:06 - OpenVPN > /sbin/ifconfig tun0 10.4.33.202 pointopoint 10.4.33.201 mtu 1500
. 2014.08.12 00:15:06 - OpenVPN > Linux ifconfig failed: could not execute external program
. 2014.08.12 00:15:06 - OpenVPN > Exiting due to fatal error
! 2014.08.12 00:15:06 - Disconnecting
. 2014.08.12 00:15:06 - Connection terminated.
! 2014.08.12 00:15:09 - Checking authorization
I 2014.08.12 00:15:10 - DNS of the system will be updated to VPN DNS (ResolvConf method)
! 2014.08.12 00:15:10 - Connecting to Keid (Netherlands, Amsterdam)
. 2014.08.12 00:15:10 - OpenVPN > OpenVPN 2.3.4 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Jun  9 2014
. 2014.08.12 00:15:10 - OpenVPN > library versions: OpenSSL 1.0.1g 7 Apr 2014, LZO 2.05
. 2014.08.12 00:15:10 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100
. 2014.08.12 00:15:10 - OpenVPN > NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
. 2014.08.12 00:15:10 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file
. 2014.08.12 00:15:10 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.12 00:15:10 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.12 00:15:10 - OpenVPN > Socket Buffers: R=[212992->131072] S=[212992->131072]
. 2014.08.12 00:15:10 - OpenVPN > UDPv4 link local: [undef]
. 2014.08.12 00:15:10 - OpenVPN > UDPv4 link remote: [AF_INET]95.211.138.7:443
. 2014.08.12 00:15:10 - OpenVPN > TLS: Initial packet from [AF_INET]95.211.138.7:443, sid=2a061df0 64aa0e81
. 2014.08.12 00:15:10 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
. 2014.08.12 00:15:10 - OpenVPN > Validating certificate key usage
. 2014.08.12 00:15:10 - OpenVPN > ++ Certificate has key usage  00a0, expects 00a0
. 2014.08.12 00:15:10 - OpenVPN > VERIFY KU OK
. 2014.08.12 00:15:10 - OpenVPN > Validating certificate extended key usage
. 2014.08.12 00:15:10 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
. 2014.08.12 00:15:10 - OpenVPN > VERIFY EKU OK
. 2014.08.12 00:15:10 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
. 2014.08.12 00:15:15 - OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2014.08.12 00:15:15 - OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.12 00:15:15 - OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2014.08.12 00:15:15 - OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.12 00:15:15 - OpenVPN > Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA
. 2014.08.12 00:15:15 - OpenVPN > [server] Peer Connection Initiated with [AF_INET]95.211.138.7:443
. 2014.08.12 00:15:18 - OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
. 2014.08.12 00:15:18 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.33.202 10.4.33.201'
. 2014.08.12 00:15:18 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified
. 2014.08.12 00:15:18 - OpenVPN > OPTIONS IMPORT: LZO parms modified
. 2014.08.12 00:15:18 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified
. 2014.08.12 00:15:18 - OpenVPN > OPTIONS IMPORT: route options modified
. 2014.08.12 00:15:18 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
. 2014.08.12 00:15:18 - OpenVPN > TUN/TAP device tun0 opened
. 2014.08.12 00:15:18 - OpenVPN > TUN/TAP TX queue length set to 100
. 2014.08.12 00:15:18 - OpenVPN > do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
. 2014.08.12 00:15:18 - OpenVPN > /sbin/ifconfig tun0 10.4.33.202 pointopoint 10.4.33.201 mtu 1500
. 2014.08.12 00:15:18 - OpenVPN > Linux ifconfig failed: could not execute external program
. 2014.08.12 00:15:18 - OpenVPN > Exiting due to fatal error
! 2014.08.12 00:15:18 - Disconnecting
. 2014.08.12 00:15:18 - Connection terminated.
! 2014.08.12 00:15:21 - Checking authorization
I 2014.08.12 00:15:21 - DNS of the system will be updated to VPN DNS (ResolvConf method)
! 2014.08.12 00:15:21 - Connecting to Keid (Netherlands, Amsterdam)
. 2014.08.12 00:15:21 - OpenVPN > OpenVPN 2.3.4 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Jun  9 2014
. 2014.08.12 00:15:21 - OpenVPN > library versions: OpenSSL 1.0.1g 7 Apr 2014, LZO 2.05
. 2014.08.12 00:15:21 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100
. 2014.08.12 00:15:21 - OpenVPN > NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
. 2014.08.12 00:15:21 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file
. 2014.08.12 00:15:21 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.12 00:15:21 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.12 00:15:21 - OpenVPN > Socket Buffers: R=[212992->131072] S=[212992->131072]
. 2014.08.12 00:15:21 - OpenVPN > UDPv4 link local: [undef]
. 2014.08.12 00:15:21 - OpenVPN > UDPv4 link remote: [AF_INET]95.211.138.7:443
. 2014.08.12 00:15:21 - OpenVPN > TLS: Initial packet from [AF_INET]95.211.138.7:443, sid=95deeabc 3051d88f
. 2014.08.12 00:15:22 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
. 2014.08.12 00:15:22 - OpenVPN > Validating certificate key usage
. 2014.08.12 00:15:22 - OpenVPN > ++ Certificate has key usage  00a0, expects 00a0
. 2014.08.12 00:15:22 - OpenVPN > VERIFY KU OK
. 2014.08.12 00:15:22 - OpenVPN > Validating certificate extended key usage
. 2014.08.12 00:15:22 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
. 2014.08.12 00:15:22 - OpenVPN > VERIFY EKU OK
. 2014.08.12 00:15:22 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
. 2014.08.12 00:15:26 - OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2014.08.12 00:15:26 - OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.12 00:15:26 - OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2014.08.12 00:15:26 - OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.08.12 00:15:26 - OpenVPN > Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA
. 2014.08.12 00:15:26 - OpenVPN > [server] Peer Connection Initiated with [AF_INET]95.211.138.7:443
. 2014.08.12 00:15:28 - OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
. 2014.08.12 00:15:28 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.33.202 10.4.33.201'
. 2014.08.12 00:15:28 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified
. 2014.08.12 00:15:28 - OpenVPN > OPTIONS IMPORT: LZO parms modified
. 2014.08.12 00:15:28 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified
. 2014.08.12 00:15:28 - OpenVPN > OPTIONS IMPORT: route options modified
. 2014.08.12 00:15:28 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
. 2014.08.12 00:15:28 - OpenVPN > TUN/TAP device tun0 opened
. 2014.08.12 00:15:28 - OpenVPN > TUN/TAP TX queue length set to 100
. 2014.08.12 00:15:28 - OpenVPN > do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
. 2014.08.12 00:15:28 - OpenVPN > /sbin/ifconfig tun0 10.4.33.202 pointopoint 10.4.33.201 mtu 1500
. 2014.08.12 00:15:28 - OpenVPN > Linux ifconfig failed: could not execute external program
. 2014.08.12 00:15:28 - OpenVPN > Exiting due to fatal error
! 2014.08.12 00:15:28 - Disconnecting
. 2014.08.12 00:15:28 - Connection terminated.
I 2014.08.12 00:15:28 - Cancel requested.
I 2014.08.12 00:15:28 - Session terminated.

 

What shall I do?

Do I really leak?

Share this post


Link to post

"Do I really leak?" -

If you don't use a firewall to rule out leaking (check AirVPN's howto/faq section), you probably are.

On Arch, I would use ufw.

 

"What shall I do?" -

Fix the problem (and configure a firewall).

 

OpenVPN > /sbin/ifconfig tun0 10.4.33.202 pointopoint 10.4.33.201 mtu 1500

OpenVPN > Linux ifconfig failed: could not execute external program

 

This means that openvpn was able to connect and now tries to use "ifconfig" to configure your VPN device (tun0).

It fails because "ifconfig" is part of "net-tools", a package that Arch has thrown out back in 2011:

https://www.archlinux.org/news/deprecation-of-net-tools/

 

You have two options:

The easier, but deprecated way: Install the "net-tools" package from the Arch repos.

 

The harder, but true-to-Arch way: Configure openvpn to use iproute2 instead of ifconfig. This bug report should point you in the right direction:

https://bugs.archlinux.org/task/24797


all of my content is released under CC-BY-SA 2.0

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...