Jump to content
Not connected, Your IP: 3.145.41.108
st4r

Windows firewall not reactivated after closing Eddie

Recommended Posts

Hi,

I am bit confused. so here is what happens. note: I am using Eddie 2.10.3 on win7 with windows firewall only.

 

firewall rules are set to standard.

I start eddie and network lock automatically goes on and replaces the firewall rules (i check it in the fw settings). so far so good.

when I disconnect from any airvpn server and deactivate the network lock I assumed that eddie restores the original windows firewall settings (as it was before activating the lock) and leaves it on, but instead the firewall rules just stay the same (as in network lock) and the fw is off. naturally, I don't want the fw to be off when close eddie (with network lock disabled).

 

what is wrong? why does it not restore original fw settings and status?

Share this post


Link to post

That's odd. Can you post logs into spoiler tags, please? (How-To in my siganture).


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

here is my eddie log.

I 2016.04.13 22:59:22 - AirVPN client version: 2.10.3 / x64, System: Windows, Name: Microsoft Windows NT 6.1.7601 Service Pack 1 / x64
. 2016.04.13 22:59:22 - Reading options from C:\Users\Xi-Allround\AppData\Local\AirVPN\AirVPN.xml
. 2016.04.13 22:59:22 - Data Path: C:\Users\Xi-Allround\AppData\Local\AirVPN
. 2016.04.13 22:59:22 - App Path: C:\Program Files\AirVPN
. 2016.04.13 22:59:22 - Executable Path: C:\Program Files\AirVPN\AirVPN.exe
. 2016.04.13 22:59:22 - Command line arguments (1): path="home"
. 2016.04.13 22:59:22 - Operating System: Microsoft Windows NT 6.1.7601 Service Pack 1
. 2016.04.13 22:59:22 - Updating systems & servers data ...
I 2016.04.13 22:59:22 - OpenVPN Driver - TAP-Windows Adapter V9, version 9.21.1
I 2016.04.13 22:59:22 - OpenVPN - Version: OpenVPN 2.3.8 (C:\Program Files\AirVPN\openvpn.exe)
I 2016.04.13 22:59:22 - SSH - Version: plink 0.63 (C:\Program Files\AirVPN\plink.exe)
I 2016.04.13 22:59:22 - SSL - Version: stunnel 5.17 (C:\Program Files\AirVPN\stunnel.exe)
! 2016.04.13 22:59:22 - Activation of Network Lock - Windows Firewall
. 2016.04.13 22:59:22 - Systems & servers data update completed
I 2016.04.13 22:59:27 - Session starting.
I 2016.04.13 22:59:27 - IPv6 disabled.
I 2016.04.13 22:59:33 - Checking authorization ...
! 2016.04.13 22:59:34 - Connecting to Sheliak (Netherlands, Alblasserdam)
. 2016.04.13 22:59:34 - OpenVPN > OpenVPN 2.3.8 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [iPv6] built on Aug 13 2015
. 2016.04.13 22:59:34 - OpenVPN > library versions: OpenSSL 1.0.2d 9 Jul 2015, LZO 2.08
. 2016.04.13 22:59:34 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100
. 2016.04.13 22:59:34 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file
. 2016.04.13 22:59:34 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2016.04.13 22:59:34 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2016.04.13 22:59:34 - OpenVPN > Socket Buffers: R=[8192->131072] S=[8192->131072]
. 2016.04.13 22:59:34 - OpenVPN > UDPv4 link local: [undef]
. 2016.04.13 22:59:34 - OpenVPN > UDPv4 link remote: [AF_INET]213.152.162.113:443
. 2016.04.13 22:59:34 - OpenVPN > TLS: Initial packet from [AF_INET]213.152.162.113:443, sid=21613adf 728aebb2
. 2016.04.13 22:59:34 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
. 2016.04.13 22:59:34 - OpenVPN > Validating certificate key usage
. 2016.04.13 22:59:34 - OpenVPN > ++ Certificate has key usage  00a0, expects 00a0
. 2016.04.13 22:59:34 - OpenVPN > VERIFY KU OK
. 2016.04.13 22:59:34 - OpenVPN > Validating certificate extended key usage
. 2016.04.13 22:59:34 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
. 2016.04.13 22:59:34 - OpenVPN > VERIFY EKU OK
. 2016.04.13 22:59:34 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
. 2016.04.13 22:59:34 - OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2016.04.13 22:59:34 - OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2016.04.13 22:59:34 - OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2016.04.13 22:59:34 - OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2016.04.13 22:59:34 - OpenVPN > Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
. 2016.04.13 22:59:34 - OpenVPN > [server] Peer Connection Initiated with [AF_INET]213.152.162.113:443
. 2016.04.13 22:59:36 - OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
. 2016.04.13 22:59:36 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.4.0.1,comp-lzo no,route-gateway 10.4.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.4.8.160 255.255.0.0'
. 2016.04.13 22:59:36 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified
. 2016.04.13 22:59:36 - OpenVPN > OPTIONS IMPORT: LZO parms modified
. 2016.04.13 22:59:36 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified
. 2016.04.13 22:59:36 - OpenVPN > OPTIONS IMPORT: route options modified
. 2016.04.13 22:59:36 - OpenVPN > OPTIONS IMPORT: route-related options modified
. 2016.04.13 22:59:36 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
. 2016.04.13 22:59:36 - OpenVPN > do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
. 2016.04.13 22:59:36 - OpenVPN > open_tun, tt->ipv6=0
. 2016.04.13 22:59:36 - OpenVPN > TAP-WIN32 device [LAN-Verbindung 2] opened: \\.\Global\{DBF12791-D4E4-49D3-88F0-98A758EE797A}.tap
. 2016.04.13 22:59:36 - OpenVPN > TAP-Windows Driver Version 9.21
. 2016.04.13 22:59:36 - OpenVPN > Set TAP-Windows TUN subnet mode network/local/netmask = 10.4.0.0/10.4.8.160/255.255.0.0 [sUCCEEDED]
. 2016.04.13 22:59:36 - OpenVPN > Notified TAP-Windows driver to set a DHCP IP/netmask of 10.4.8.160/255.255.0.0 on interface {DBF12791-D4E4-49D3-88F0-98A758EE797A} [DHCP-serv: 10.4.255.254, lease-time: 31536000]
. 2016.04.13 22:59:36 - OpenVPN > Successful ARP Flush on interface [16] {DBF12791-D4E4-49D3-88F0-98A758EE797A}
. 2016.04.13 22:59:41 - OpenVPN > TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
. 2016.04.13 22:59:41 - OpenVPN > C:\Windows\system32\route.exe ADD 213.152.162.113 MASK 255.255.255.255 192.168.1.1
. 2016.04.13 22:59:41 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
. 2016.04.13 22:59:41 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2016.04.13 22:59:41 - OpenVPN > C:\Windows\system32\route.exe ADD 192.168.1.1 MASK 255.255.255.255 192.168.1.1 IF 11
. 2016.04.13 22:59:41 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
. 2016.04.13 22:59:41 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2016.04.13 22:59:41 - OpenVPN > C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.4.0.1
. 2016.04.13 22:59:41 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
. 2016.04.13 22:59:41 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2016.04.13 22:59:41 - OpenVPN > C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.4.0.1
. 2016.04.13 22:59:41 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
. 2016.04.13 22:59:41 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2016.04.13 22:59:41 - Starting Management Interface
. 2016.04.13 22:59:41 - OpenVPN > Initialization Sequence Completed
I 2016.04.13 22:59:41 - DNS of a network adapter forced (Qualcomm Atheros AR946x Wireless Network Adapter)
I 2016.04.13 22:59:41 - DNS of a network adapter forced (TAP-Windows Adapter V9)
I 2016.04.13 22:59:41 - Flushing DNS
I 2016.04.13 22:59:41 - Checking route
I 2016.04.13 22:59:42 - Checking DNS
! 2016.04.13 22:59:42 - Connected.
. 2016.04.13 22:59:42 - OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3100
. 2016.04.13 22:59:42 - OpenVpn Management > >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info
! 2016.04.13 22:59:54 - Disconnecting
. 2016.04.13 22:59:54 - Management - Send 'signal SIGTERM'
. 2016.04.13 22:59:54 - OpenVPN > MANAGEMENT: CMD 'signal SIGTERM'
. 2016.04.13 22:59:54 - OpenVPN > SIGTERM received, sending exit notification to peer
. 2016.04.13 22:59:59 - OpenVPN > C:\Windows\system32\route.exe DELETE 213.152.162.113 MASK 255.255.255.255 192.168.1.1
. 2016.04.13 22:59:59 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]
. 2016.04.13 22:59:59 - OpenVPN > C:\Windows\system32\route.exe DELETE 192.168.1.1 MASK 255.255.255.255 192.168.1.1
. 2016.04.13 22:59:59 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]
. 2016.04.13 22:59:59 - OpenVPN > C:\Windows\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 10.4.0.1
. 2016.04.13 22:59:59 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]
. 2016.04.13 22:59:59 - OpenVPN > C:\Windows\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 10.4.0.1
. 2016.04.13 22:59:59 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]
. 2016.04.13 22:59:59 - OpenVPN > Closing TUN/TAP interface
. 2016.04.13 22:59:59 - OpenVPN > SIGTERM[soft,exit-with-notification] received, process exiting
. 2016.04.13 22:59:59 - Connection terminated.
I 2016.04.13 22:59:59 - DNS of a network adapter restored to original settings (Qualcomm Atheros AR946x Wireless Network Adapter)
I 2016.04.13 23:00:00 - DNS of a network adapter restored to original settings (TAP-Windows Adapter V9)
I 2016.04.13 23:00:00 - IPv6 restored.
! 2016.04.13 23:00:00 - Session terminated.
! 2016.04.13 23:00:03 - Deactivation of Network Lock

Share this post


Link to post

No errors when restoring things and deactivation was clearly logged. No quick ideas here, but then again, it's night here. wait for others to suggest something.

 

(Sent via Tapatalk - this generally means I'm not sitting in front of my PC)


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

sorry, not quite exact on my part. the firewall rules ARE restored however the firewall stays disabled.

Share this post


Link to post

The Windows Firewall cannot be disabled if you use Network Lock, since this is how the lock is implemented.

Can you enable the Windows Firewall and make sure it is working (from Control Panel) and then retry all the

steps you mentioned, while checking that the Network Lock is working (when not connected to VPN) ?


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

ok. again, my eddie logs in spoiler.

did all the steps 1 by 1 checking. here they are:

 

1. win firewall on, standard rules, eddie off

2. eddie on, win firewall on, standard rules

3. activate network lock, win firewall on, airvpn rules

4. connected to airvpn server, network lock on, win firewall on, airvpn rules

5. disconnected, network lock on, win firewall on, airvpn rules

6. deactivate network lock, win firewall off, standard rules

 

it seems that for whatever reason deactivating the network lock causes the win firewall to be deactivated also instead of leaving it on with standard rules...

ideas?

 

! 2016.04.15 18:03:13 - Activation of Network Lock - Windows Firewall
I 2016.04.15 18:03:23 - Session starting.
I 2016.04.15 18:03:23 - IPv6 disabled.
I 2016.04.15 18:03:23 - Checking authorization ...
! 2016.04.15 18:03:23 - Connecting to Gianfar (Netherlands, Alblasserdam)
. 2016.04.15 18:03:23 - OpenVPN > OpenVPN 2.3.8 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [iPv6] built on Aug 13 2015
. 2016.04.15 18:03:23 - OpenVPN > library versions: OpenSSL 1.0.2d 9 Jul 2015, LZO 2.08
. 2016.04.15 18:03:23 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100
. 2016.04.15 18:03:23 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file
. 2016.04.15 18:03:23 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2016.04.15 18:03:23 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2016.04.15 18:03:23 - OpenVPN > Socket Buffers: R=[8192->131072] S=[8192->131072]
. 2016.04.15 18:03:23 - OpenVPN > UDPv4 link local: [undef]
. 2016.04.15 18:03:23 - OpenVPN > UDPv4 link remote: [AF_INET]213.152.161.100:443
. 2016.04.15 18:03:23 - OpenVPN > TLS: Initial packet from [AF_INET]213.152.161.100:443, sid=a6b85f7a a5a7b7f3
. 2016.04.15 18:03:23 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
. 2016.04.15 18:03:23 - OpenVPN > Validating certificate key usage
. 2016.04.15 18:03:23 - OpenVPN > ++ Certificate has key usage  00a0, expects 00a0
. 2016.04.15 18:03:23 - OpenVPN > VERIFY KU OK
. 2016.04.15 18:03:23 - OpenVPN > Validating certificate extended key usage
. 2016.04.15 18:03:23 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
. 2016.04.15 18:03:23 - OpenVPN > VERIFY EKU OK
. 2016.04.15 18:03:23 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
. 2016.04.15 18:03:29 - OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2016.04.15 18:03:29 - OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2016.04.15 18:03:29 - OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2016.04.15 18:03:29 - OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2016.04.15 18:03:29 - OpenVPN > Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
. 2016.04.15 18:03:29 - OpenVPN > [server] Peer Connection Initiated with [AF_INET]213.152.161.100:443
. 2016.04.15 18:03:31 - OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
. 2016.04.15 18:03:31 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.4.0.1,comp-lzo no,route-gateway 10.4.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.4.19.111 255.255.0.0'
. 2016.04.15 18:03:31 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified
. 2016.04.15 18:03:31 - OpenVPN > OPTIONS IMPORT: LZO parms modified
. 2016.04.15 18:03:31 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified
. 2016.04.15 18:03:31 - OpenVPN > OPTIONS IMPORT: route options modified
. 2016.04.15 18:03:31 - OpenVPN > OPTIONS IMPORT: route-related options modified
. 2016.04.15 18:03:31 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
. 2016.04.15 18:03:31 - OpenVPN > do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
. 2016.04.15 18:03:31 - OpenVPN > open_tun, tt->ipv6=0
. 2016.04.15 18:03:32 - OpenVPN > TAP-WIN32 device [LAN-Verbindung 2] opened: \\.\Global\{DBF12791-D4E4-49D3-88F0-98A758EE797A}.tap
. 2016.04.15 18:03:32 - OpenVPN > TAP-Windows Driver Version 9.21
. 2016.04.15 18:03:32 - OpenVPN > Set TAP-Windows TUN subnet mode network/local/netmask = 10.4.0.0/10.4.19.111/255.255.0.0 [sUCCEEDED]
. 2016.04.15 18:03:32 - OpenVPN > Notified TAP-Windows driver to set a DHCP IP/netmask of 10.4.19.111/255.255.0.0 on interface {DBF12791-D4E4-49D3-88F0-98A758EE797A} [DHCP-serv: 10.4.255.254, lease-time: 31536000]
. 2016.04.15 18:03:32 - OpenVPN > Successful ARP Flush on interface [16] {DBF12791-D4E4-49D3-88F0-98A758EE797A}
. 2016.04.15 18:03:36 - OpenVPN > TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
. 2016.04.15 18:03:36 - OpenVPN > C:\Windows\system32\route.exe ADD 213.152.161.100 MASK 255.255.255.255 192.168.1.1
. 2016.04.15 18:03:36 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
. 2016.04.15 18:03:36 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2016.04.15 18:03:36 - OpenVPN > C:\Windows\system32\route.exe ADD 192.168.1.1 MASK 255.255.255.255 192.168.1.1 IF 11
. 2016.04.15 18:03:36 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
. 2016.04.15 18:03:36 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2016.04.15 18:03:36 - OpenVPN > C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.4.0.1
. 2016.04.15 18:03:36 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
. 2016.04.15 18:03:36 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2016.04.15 18:03:36 - OpenVPN > C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.4.0.1
. 2016.04.15 18:03:36 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
. 2016.04.15 18:03:36 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2016.04.15 18:03:36 - Starting Management Interface
. 2016.04.15 18:03:36 - OpenVPN > Initialization Sequence Completed
I 2016.04.15 18:03:36 - DNS of a network adapter forced (Qualcomm Atheros AR946x Wireless Network Adapter)
I 2016.04.15 18:03:36 - DNS of a network adapter forced (TAP-Windows Adapter V9)
I 2016.04.15 18:03:36 - Flushing DNS
I 2016.04.15 18:03:36 - Checking route
I 2016.04.15 18:03:36 - Checking DNS
! 2016.04.15 18:03:36 - Connected.
. 2016.04.15 18:03:36 - OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3100
. 2016.04.15 18:03:36 - OpenVpn Management > >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info
! 2016.04.15 18:04:01 - Disconnecting
. 2016.04.15 18:04:01 - Management - Send 'signal SIGTERM'
. 2016.04.15 18:04:01 - OpenVPN > MANAGEMENT: CMD 'signal SIGTERM'
. 2016.04.15 18:04:01 - OpenVPN > SIGTERM received, sending exit notification to peer
. 2016.04.15 18:04:06 - OpenVPN > C:\Windows\system32\route.exe DELETE 213.152.161.100 MASK 255.255.255.255 192.168.1.1
. 2016.04.15 18:04:06 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]
. 2016.04.15 18:04:06 - OpenVPN > C:\Windows\system32\route.exe DELETE 192.168.1.1 MASK 255.255.255.255 192.168.1.1
. 2016.04.15 18:04:06 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]
. 2016.04.15 18:04:06 - OpenVPN > C:\Windows\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 10.4.0.1
. 2016.04.15 18:04:06 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]
. 2016.04.15 18:04:06 - OpenVPN > C:\Windows\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 10.4.0.1
. 2016.04.15 18:04:06 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]
. 2016.04.15 18:04:06 - OpenVPN > Closing TUN/TAP interface
. 2016.04.15 18:04:06 - OpenVPN > SIGTERM[soft,exit-with-notification] received, process exiting
. 2016.04.15 18:04:06 - Connection terminated.
I 2016.04.15 18:04:06 - DNS of a network adapter restored to original settings (Qualcomm Atheros AR946x Wireless Network Adapter)
I 2016.04.15 18:04:06 - DNS of a network adapter restored to original settings (TAP-Windows Adapter V9)
I 2016.04.15 18:04:06 - IPv6 restored.
! 2016.04.15 18:04:06 - Session terminated.
! 2016.04.15 18:04:28 - Deactivation of Network Lock

Share this post


Link to post

I once had this problem too and made a post in the forum about this. I wasn't able to fix it though. All i found out that it probably has something to do with the "Recovery.xml" file created in the Airvpn directory. Here is the post i made:

 

-----------------------

 

Hi everyone,

 

i got a weird problem with my WIN 7 machine, running Win 7 x32 and the latest version of Eddie.

 

When i close Eddie with Network lock enabled, it doesn't re-enable my firewall again, i have to do this manually after i closed Eddie.

 

I figured that upon activation of the network lock, a file named "Recovery.xml" is created in the AirVPN directory, that obviously stores the firewall settings before the network lock gets activated.

 

Mine looks like this:

 

<netlock mode="windows_firewall" service="1">
    <domain state="0" inbound="" outbound="" />
    <private state="0" inbound="" outbound="" />
    <public state="0" inbound="" outbound="" />
  </netlock>
</Recovery>

 

I don't feel that these values are right, so it's no wonder why the firewall keeps being deactivated.

 

Does anyone happen to have an idea why this is happening ?

 

I made sure that the FW was activated before i started Eddie. I also tried resetting the FW to its default state beforehand, with no effect.

 

Best Regards,

 

Fox

Share this post


Link to post
Guest

ok. again, my eddie logs in spoiler.

did all the steps 1 by 1 checking. here they are:

 

1. win firewall on, standard rules, eddie off

2. eddie on, win firewall on, standard rules

3. activate network lock, win firewall on, airvpn rules

4. connected to airvpn server, network lock on, win firewall on, airvpn rules

5. disconnected, network lock on, win firewall on, airvpn rules

6. deactivate network lock, win firewall off, standard rules

 

it seems that for whatever reason deactivating the network lock causes the win firewall to be deactivated also instead of leaving it on with standard rules...

ideas?

 

! 2016.04.15 18:03:13 - Activation of Network Lock - Windows Firewall

I 2016.04.15 18:03:23 - Session starting.

I 2016.04.15 18:03:23 - IPv6 disabled.

I 2016.04.15 18:03:23 - Checking authorization ...

! 2016.04.15 18:03:23 - Connecting to Gianfar (Netherlands, Alblasserdam)

. 2016.04.15 18:03:23 - OpenVPN > OpenVPN 2.3.8 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [iPv6] built on Aug 13 2015

. 2016.04.15 18:03:23 - OpenVPN > library versions: OpenSSL 1.0.2d 9 Jul 2015, LZO 2.08

. 2016.04.15 18:03:23 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100

. 2016.04.15 18:03:23 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file

. 2016.04.15 18:03:23 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

. 2016.04.15 18:03:23 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

. 2016.04.15 18:03:23 - OpenVPN > Socket Buffers: R=[8192->131072] S=[8192->131072]

. 2016.04.15 18:03:23 - OpenVPN > UDPv4 link local: [undef]

. 2016.04.15 18:03:23 - OpenVPN > UDPv4 link remote: [AF_INET]213.152.161.100:443

. 2016.04.15 18:03:23 - OpenVPN > TLS: Initial packet from [AF_INET]213.152.161.100:443, sid=a6b85f7a a5a7b7f3

. 2016.04.15 18:03:23 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org

. 2016.04.15 18:03:23 - OpenVPN > Validating certificate key usage

. 2016.04.15 18:03:23 - OpenVPN > ++ Certificate has key usage  00a0, expects 00a0

. 2016.04.15 18:03:23 - OpenVPN > VERIFY KU OK

. 2016.04.15 18:03:23 - OpenVPN > Validating certificate extended key usage

. 2016.04.15 18:03:23 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication

. 2016.04.15 18:03:23 - OpenVPN > VERIFY EKU OK

. 2016.04.15 18:03:23 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org

. 2016.04.15 18:03:29 - OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

. 2016.04.15 18:03:29 - OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

. 2016.04.15 18:03:29 - OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

. 2016.04.15 18:03:29 - OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

. 2016.04.15 18:03:29 - OpenVPN > Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA

. 2016.04.15 18:03:29 - OpenVPN > [server] Peer Connection Initiated with [AF_INET]213.152.161.100:443

. 2016.04.15 18:03:31 - OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

. 2016.04.15 18:03:31 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.4.0.1,comp-lzo no,route-gateway 10.4.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.4.19.111 255.255.0.0'

. 2016.04.15 18:03:31 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified

. 2016.04.15 18:03:31 - OpenVPN > OPTIONS IMPORT: LZO parms modified

. 2016.04.15 18:03:31 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified

. 2016.04.15 18:03:31 - OpenVPN > OPTIONS IMPORT: route options modified

. 2016.04.15 18:03:31 - OpenVPN > OPTIONS IMPORT: route-related options modified

. 2016.04.15 18:03:31 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

. 2016.04.15 18:03:31 - OpenVPN > do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0

. 2016.04.15 18:03:31 - OpenVPN > open_tun, tt->ipv6=0

. 2016.04.15 18:03:32 - OpenVPN > TAP-WIN32 device [LAN-Verbindung 2] opened: \\.\Global\{DBF12791-D4E4-49D3-88F0-98A758EE797A}.tap

. 2016.04.15 18:03:32 - OpenVPN > TAP-Windows Driver Version 9.21

. 2016.04.15 18:03:32 - OpenVPN > Set TAP-Windows TUN subnet mode network/local/netmask = 10.4.0.0/10.4.19.111/255.255.0.0 [sUCCEEDED]

. 2016.04.15 18:03:32 - OpenVPN > Notified TAP-Windows driver to set a DHCP IP/netmask of 10.4.19.111/255.255.0.0 on interface {DBF12791-D4E4-49D3-88F0-98A758EE797A} [DHCP-serv: 10.4.255.254, lease-time: 31536000]

. 2016.04.15 18:03:32 - OpenVPN > Successful ARP Flush on interface [16] {DBF12791-D4E4-49D3-88F0-98A758EE797A}

. 2016.04.15 18:03:36 - OpenVPN > TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up

. 2016.04.15 18:03:36 - OpenVPN > C:\Windows\system32\route.exe ADD 213.152.161.100 MASK 255.255.255.255 192.168.1.1

. 2016.04.15 18:03:36 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4

. 2016.04.15 18:03:36 - OpenVPN > Route addition via IPAPI succeeded [adaptive]

. 2016.04.15 18:03:36 - OpenVPN > C:\Windows\system32\route.exe ADD 192.168.1.1 MASK 255.255.255.255 192.168.1.1 IF 11

. 2016.04.15 18:03:36 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4

. 2016.04.15 18:03:36 - OpenVPN > Route addition via IPAPI succeeded [adaptive]

. 2016.04.15 18:03:36 - OpenVPN > C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.4.0.1

. 2016.04.15 18:03:36 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4

. 2016.04.15 18:03:36 - OpenVPN > Route addition via IPAPI succeeded [adaptive]

. 2016.04.15 18:03:36 - OpenVPN > C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.4.0.1

. 2016.04.15 18:03:36 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4

. 2016.04.15 18:03:36 - OpenVPN > Route addition via IPAPI succeeded [adaptive]

. 2016.04.15 18:03:36 - Starting Management Interface

. 2016.04.15 18:03:36 - OpenVPN > Initialization Sequence Completed

I 2016.04.15 18:03:36 - DNS of a network adapter forced (Qualcomm Atheros AR946x Wireless Network Adapter)

I 2016.04.15 18:03:36 - DNS of a network adapter forced (TAP-Windows Adapter V9)

I 2016.04.15 18:03:36 - Flushing DNS

I 2016.04.15 18:03:36 - Checking route

I 2016.04.15 18:03:36 - Checking DNS

! 2016.04.15 18:03:36 - Connected.

. 2016.04.15 18:03:36 - OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3100

. 2016.04.15 18:03:36 - OpenVpn Management > >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info

! 2016.04.15 18:04:01 - Disconnecting

. 2016.04.15 18:04:01 - Management - Send 'signal SIGTERM'

. 2016.04.15 18:04:01 - OpenVPN > MANAGEMENT: CMD 'signal SIGTERM'

. 2016.04.15 18:04:01 - OpenVPN > SIGTERM received, sending exit notification to peer

. 2016.04.15 18:04:06 - OpenVPN > C:\Windows\system32\route.exe DELETE 213.152.161.100 MASK 255.255.255.255 192.168.1.1

. 2016.04.15 18:04:06 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]

. 2016.04.15 18:04:06 - OpenVPN > C:\Windows\system32\route.exe DELETE 192.168.1.1 MASK 255.255.255.255 192.168.1.1

. 2016.04.15 18:04:06 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]

. 2016.04.15 18:04:06 - OpenVPN > C:\Windows\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 10.4.0.1

. 2016.04.15 18:04:06 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]

. 2016.04.15 18:04:06 - OpenVPN > C:\Windows\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 10.4.0.1

. 2016.04.15 18:04:06 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]

. 2016.04.15 18:04:06 - OpenVPN > Closing TUN/TAP interface

. 2016.04.15 18:04:06 - OpenVPN > SIGTERM[soft,exit-with-notification] received, process exiting

. 2016.04.15 18:04:06 - Connection terminated.

I 2016.04.15 18:04:06 - DNS of a network adapter restored to original settings (Qualcomm Atheros AR946x Wireless Network Adapter)

I 2016.04.15 18:04:06 - DNS of a network adapter restored to original settings (TAP-Windows Adapter V9)

I 2016.04.15 18:04:06 - IPv6 restored.

! 2016.04.15 18:04:06 - Session terminated.

! 2016.04.15 18:04:28 - Deactivation of Network Lock

 

Alright now st4r I haven't encountered this exact issue myself, but the network lock saves the windows firewall settings and restores them when disconnected, my best suggestion to try is completely uninstall airVPN eddie, I recommend Revo uninstaller for it and then reboot and install it again, then before you start the eddie for the first time(second time lol) make sure your firewall is as you want it after closing the eddie, let me know how it goes.

Share this post


Link to post

@edensspire: uninstalling and reinstalling with win firewall checked on before running eddie did not solve the problem.

@fox: well, so it seems it's not only me. btw, I experience this behavior also on my laptop with win8 on it.

 

maybe staff can provide some support then?

maybe the client thinks it activated the fw in the first place and feels obliged to deactivate it again...?!

 

also my recovery.xml:

<Recovery IpV6="0">
  <DnsSwitch>
    <entry description="Qualcomm Atheros AR946x Wireless Network Adapter" dns="192.168.1.1" guid="{AD331ED5-3EE7-4DA3-B308-0B4CB8F00FFC}" auto_dns="true" />
    <entry description="TAP-Windows Adapter V9" dns="10.4.0.1" guid="{DBF12791-D4E4-49D3-88F0-98A758EE797A}" auto_dns="false" />
  </DnsSwitch>
  <netlock mode="windows_firewall" service="1">
    <domain state="0" inbound="" outbound="" />
    <private state="0" inbound="" outbound="" />
    <public state="0" inbound="" outbound="" />
  </netlock>
</Recovery>

not sure how to interpret it, but it looks like the domain or private state should be "1"?

Share this post


Link to post

not sure how to interpret it, but it looks like the domain or private state should be "1"?

Yes, i think that's the problem.  But i don't know why this happens.

 

It seems like something is messed up in the Windows registry, so Eddie creates a broken xml - File.

Share this post


Link to post

https://airvpn.org/faq/software_lock/

 

Read this article.

 

I have a different interpretation.

 

Preference 3: Windows Firewall

The Eddie client is in control of the Windows Firewall.

You turn off the Eddie Client; the Windows Firewall is turned off until the Eddie client is turned on.

 

Before you turn off the Eddie Client; go back to preference and change either to none or automatic.

 

See what happens.

Share this post


Link to post
Guest

@edensspire: uninstalling and reinstalling with win firewall checked on before running eddie did not solve the problem.

@fox: well, so it seems it's not only me. btw, I experience this behavior also on my laptop with win8 on it.

 

maybe staff can provide some support then?

maybe the client thinks it activated the fw in the first place and feels obliged to deactivate it again...?!

 

also my recovery.xml:

<Recovery IpV6="0">

  <DnsSwitch>

    <entry description="Qualcomm Atheros AR946x Wireless Network Adapter" dns="192.168.1.1" guid="{AD331ED5-3EE7-4DA3-B308-0B4CB8F00FFC}" auto_dns="true" />

    <entry description="TAP-Windows Adapter V9" dns="10.4.0.1" guid="{DBF12791-D4E4-49D3-88F0-98A758EE797A}" auto_dns="false" />

  </DnsSwitch>

  <netlock mode="windows_firewall" service="1">

    <domain state="0" inbound="" outbound="" />

    <private state="0" inbound="" outbound="" />

    <public state="0" inbound="" outbound="" />

  </netlock>

</Recovery>

not sure how to interpret it, but it looks like the domain or private state should be "1"?

 

Well the common denominator between you and foxmulder is the state being at "0"

 

<Recovery>

  <netlock mode="windows_firewall" service="1">

    <domain state="1" inbound="BlockInbound" outbound="BlockOutbound" />

    <private state="1" inbound="BlockInbound" outbound="BlockOutbound" />

    <public state="1" inbound="BlockInbound" outbound="BlockOutbound" />

  </netlock>

</Recovery>

this is mine however I use manual network lock since I multihop through my own server to airvpn, anyway try to put open your windows firewall settings click restore default policy then start the Eddie and copy paste this into it however since mine is set to block connections still try to put this one in instead:
<Recovery>

  <netlock mode="windows_firewall" service="1">

    <domain state="1" inbound="AllowInbound" outbound="AllowOutbound" />

    <private state="1" inbound="AllowInbound" outbound="AllowOutbound" />

    <public state="1" inbound="AllowInbound" outbound="AllowOutbound" />

  </netlock>

</Recovery>

Share this post


Link to post

well, I have tried both the options "automatic" and "windows firewall" (which seem to be the same). Naturally, the firewall was on before I tried anything. With "none" the network lock is obviously not available.

this is getting really annoying.

any other approaches?

Share this post


Link to post
Guest

well, I have tried both the options "automatic" and "windows firewall" (which seem to be the same). Naturally, the firewall was on before I tried anything. With "none" the network lock is obviously not available.

this is getting really annoying.

any other approaches?

 

You didn't quite specify whether you tried my last suggestion.

Share this post


Link to post

I have tried pasting your entries into recovery.xml but the system seems to overwrite it with the original "0"s everytime I connect or disconnect...

Share this post


Link to post

cannot quite believe only 3 people have this problem...

@staff: any comment?

Share this post


Link to post

cannot quite believe only 3 people have this problem...

@staff: any comment?

 

 

If it is a bug, it was never detected before, and it could be extremely difficult to troubleshoot because we can't reproduce it (unless we run a concurrent firewall, but it's clearly not your case, right?) and because, as you correctly note, only a few persons reported it (while Eddie is used every day in about 10000 systems, and every week in many more). Anyway, it's the Eddie developer the competent person to look into the issue.

 

Kind regards

Share this post


Link to post

 

cannot quite believe only 3 people have this problem...

@staff: any comment?

 

 

If it is a bug, it was never detected before, and it could be extremely difficult to troubleshoot because we can't reproduce it (unless we run a concurrent firewall, but it's clearly not your case, right?) and because, as you correctly note, only a few persons reported it (while Eddie is used every day in about 10000 systems, and every week in many more). Anyway, it's the Eddie developer the competent person to look into the issue.

 

Kind regards

got the same problem .....firewall stays offline and doesnt revert settings .....

 

Share this post


Link to post

same problem here. windows 10 64bit. customer for 6 months and windows firewall is shutting down when shutting down eddie. 

and i think there are much more customers with this error.

Share this post


Link to post

same problem here. windows 10 64bit. customer for 6 months and windows firewall is shutting down when shutting down eddie. 

and i think there are much more customers with this error.

 

Please upgrade to 2.11.3 beta.

 

Kind regards

Share this post


Link to post
Guest
This topic is now closed to further replies.

×
×
  • Create New...