Milou13 0 Posted ... Hi there, Trying to connect openvpn via stunnel. First part works perfectly, meaning I can connect with stunnel. However, when trying to connect openvpn getting this error: Assertion failed at misc.c:785 (es), which loops non stop. Any suggestion? Thanks a lot Quote Share this post Link to post
Milou13 0 Posted ... Bump. Adding logs Sat Oct 1 16:01:22 2016 OpenVPN 2.3.10 x86_64-pc-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [iPv6] built on Feb 2 2016Sat Oct 1 16:01:22 2016 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08Sat Oct 1 16:01:22 2016 Control Channel Authentication: tls-auth using INLINE static key fileSat Oct 1 16:01:22 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authenticationSat Oct 1 16:01:22 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authenticationSat Oct 1 16:01:22 2016 Socket Buffers: R=[87380->87380] S=[16384->16384]Sat Oct 1 16:01:22 2016 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1413 [nonblock]Sat Oct 1 16:01:22 2016 TCP connection established with [AF_INET]127.0.0.1:1413Sat Oct 1 16:01:22 2016 TCPv4_CLIENT link local: [undef]Sat Oct 1 16:01:22 2016 TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:1413Sat Oct 1 16:01:23 2016 TLS: Initial packet from [AF_INET]127.0.0.1:1413, sid=cfadcc02 b995d086Sat Oct 1 16:01:23 2016 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.orgSat Oct 1 16:01:23 2016 Validating certificate key usageSat Oct 1 16:01:23 2016 ++ Certificate has key usage 00a0, expects 00a0Sat Oct 1 16:01:23 2016 VERIFY KU OKSat Oct 1 16:01:23 2016 Validating certificate extended key usageSat Oct 1 16:01:23 2016 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server AuthenticationSat Oct 1 16:01:23 2016 VERIFY EKU OKSat Oct 1 16:01:23 2016 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.orgSat Oct 1 16:01:25 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit keySat Oct 1 16:01:25 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authenticationSat Oct 1 16:01:25 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit keySat Oct 1 16:01:25 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authenticationSat Oct 1 16:01:25 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSASat Oct 1 16:01:25 2016 [server] Peer Connection Initiated with [AF_INET]127.0.0.1:1413Sat Oct 1 16:01:28 2016 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)Sat Oct 1 16:01:28 2016 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.50.0.1,comp-lzo no,route-gateway 10.50.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.50.0.40 255.255.0.0'Sat Oct 1 16:01:28 2016 OPTIONS IMPORT: timers and/or timeouts modifiedSat Oct 1 16:01:28 2016 OPTIONS IMPORT: LZO parms modifiedSat Oct 1 16:01:28 2016 OPTIONS IMPORT: --ifconfig/up options modifiedSat Oct 1 16:01:28 2016 OPTIONS IMPORT: route options modifiedSat Oct 1 16:01:28 2016 OPTIONS IMPORT: route-related options modifiedSat Oct 1 16:01:28 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modifiedSat Oct 1 16:01:28 2016 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 IFACE=wlx00c0ca84a75e HWADDR=00:c0:ca:84:a7:5eSat Oct 1 16:01:28 2016 TUN/TAP device tun1 openedSat Oct 1 16:01:28 2016 TUN/TAP TX queue length set to 100Sat Oct 1 16:01:28 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0Sat Oct 1 16:01:28 2016 /sbin/ip link set dev tun1 up mtu 1500Sat Oct 1 16:01:28 2016 /sbin/ip addr add dev tun1 10.50.0.40/16 broadcast 10.50.255.255Sat Oct 1 16:01:33 2016 /sbin/ip route add 127.0.0.1/32 via 192.168.0.1RTNETLINK answers: File existsSat Oct 1 16:01:33 2016 ERROR: Linux route add command failed: external program exited with error status: 2Sat Oct 1 16:01:33 2016 /sbin/ip route add 0.0.0.0/1 via 10.50.0.1RTNETLINK answers: File existsSat Oct 1 16:01:33 2016 ERROR: Linux route add command failed: external program exited with error status: 2Sat Oct 1 16:01:33 2016 /sbin/ip route add 128.0.0.0/1 via 10.50.0.1RTNETLINK answers: File existsSat Oct 1 16:01:33 2016 ERROR: Linux route add command failed: external program exited with error status: 2Sat Oct 1 16:01:33 2016 /sbin/ip route add 185.128.40.227/32 via 192.168.0.1RTNETLINK answers: File existsSat Oct 1 16:01:33 2016 ERROR: Linux route add command failed: external program exited with error status: 2Sat Oct 1 16:01:33 2016 Initialization Sequence CompletedSat Oct 1 16:01:36 2016 Connection reset, restarting [0]Sat Oct 1 16:01:36 2016 SIGUSR1[soft,connection-reset] received, process restartingSat Oct 1 16:01:36 2016 Restart pause, 5 second(s)Sat Oct 1 16:01:41 2016 Socket Buffers: R=[87380->87380] S=[16384->16384]Sat Oct 1 16:01:41 2016 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1413 [nonblock]Sat Oct 1 16:01:41 2016 TCP connection established with [AF_INET]127.0.0.1:1413Sat Oct 1 16:01:41 2016 TCPv4_CLIENT link local: [undef]Sat Oct 1 16:01:41 2016 TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:1413Sat Oct 1 16:01:41 2016 TLS: Initial packet from [AF_INET]127.0.0.1:1413, sid=25d7bd18 8c66240cSat Oct 1 16:01:41 2016 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.orgSat Oct 1 16:01:41 2016 Validating certificate key usageSat Oct 1 16:01:41 2016 ++ Certificate has key usage 00a0, expects 00a0Sat Oct 1 16:01:41 2016 VERIFY KU OKSat Oct 1 16:01:41 2016 Validating certificate extended key usageSat Oct 1 16:01:41 2016 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server AuthenticationSat Oct 1 16:01:41 2016 VERIFY EKU OKSat Oct 1 16:01:41 2016 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.orgSat Oct 1 16:01:41 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit keySat Oct 1 16:01:41 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authenticationSat Oct 1 16:01:41 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit keySat Oct 1 16:01:41 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authenticationSat Oct 1 16:01:41 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSASat Oct 1 16:01:41 2016 [server] Peer Connection Initiated with [AF_INET]127.0.0.1:1413Sat Oct 1 16:01:43 2016 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)Sat Oct 1 16:01:44 2016 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.50.0.1,comp-lzo no,route-gateway 10.50.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.50.0.40 255.255.0.0'Sat Oct 1 16:01:44 2016 OPTIONS IMPORT: timers and/or timeouts modifiedSat Oct 1 16:01:44 2016 OPTIONS IMPORT: LZO parms modifiedSat Oct 1 16:01:44 2016 OPTIONS IMPORT: --ifconfig/up options modifiedSat Oct 1 16:01:44 2016 OPTIONS IMPORT: route options modifiedSat Oct 1 16:01:44 2016 OPTIONS IMPORT: route-related options modifiedSat Oct 1 16:01:44 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modifiedSat Oct 1 16:01:44 2016 Preserving previous TUN/TAP instance: tun1Sat Oct 1 16:01:44 2016 Initialization Sequence CompletedSat Oct 1 16:01:49 2016 Connection reset, restarting [0]Sat Oct 1 16:01:49 2016 SIGUSR1[soft,connection-reset] received, process restartingSat Oct 1 16:01:49 2016 Restart pause, 5 second(s)^CSat Oct 1 16:01:52 2016 Assertion failed at misc.c:785 (es)Sat Oct 1 16:01:52 2016 Exiting due to fatal error Quote Share this post Link to post
Milou13 0 Posted ... Ok. It's been a while. However, I can't figure it out.It's looks like stunnel and openvpn just deosnt want to work together.As soon as you connecting openvpn - stunnel disconnects.Here're stunnel's logs: 2016.10.14 00:22:25 LOG5[1479]: stunnel 5.06 on x86_64-pc-linux-gnu platform 2016.10.14 00:22:25 LOG5[1479]: Compiled with OpenSSL 1.0.1k 8 Jan 2015 2016.10.14 00:22:25 LOG5[1479]: Running with OpenSSL 1.0.1t 3 May 2016 2016.10.14 00:22:25 LOG5[1479]: Update OpenSSL shared libraries or rebuild stunnel 2016.10.14 00:22:25 LOG5[1479]: Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD SSL:ENGINE,OCSP,FIPS Auth:LIBWRAP 2016.10.14 00:22:25 LOG5[1479]: Reading configuration from file /etc/stunnel/stunnel.conf 2016.10.14 00:22:25 LOG5[1479]: FIPS mode disabled 2016.10.14 00:22:25 LOG6[1479]: Initializing service [openvpn] 2016.10.14 00:22:25 LOG5[1479]: Configuration successful 2016.10.14 00:22:25 LOG5[1480]: Service [openvpn] accepted connection from 127.0.0.1:42640 2016.10.14 00:22:25 LOG6[1480]: s_connect: connecting 89.238.166.236:443 2016.10.14 00:22:26 LOG5[1480]: s_connect: connected 89.238.166.236:443 2016.10.14 00:22:26 LOG5[1480]: Service [openvpn] connected remote server from 192.168.0.9:57092 2016.10.14 00:22:26 LOG6[1480]: SNI: sending servername: 89.238.166.236 2016.10.14 00:22:27 LOG6[1480]: CERT: Locally installed certificate matched 2016.10.14 00:22:27 LOG5[1480]: Certificate accepted at depth=0: C=IT, ST=Italy, L=Perugia, O=AirVPN, OU=stunnel, CN=stunnel.airvpn.org, emailAddress=info@airvpn.org 2016.10.14 00:22:27 LOG6[1480]: SSL connected: new session negotiated 2016.10.14 00:22:27 LOG6[1480]: Negotiated TLSv1.2 ciphersuite ECDHE-RSA-AES256-GCM-SHA384 (256-bit encryption) 2016.10.14 00:22:27 LOG6[1480]: Compression: null, expansion: null ifconfig 2016.10.14 00:23:37 LOG5[1563]: Service [openvpn] accepted connection from 127.0.0.1:42642 2016.10.14 00:23:37 LOG6[1563]: s_connect: connecting 89.238.166.236:443 2016.10.14 00:23:37 LOG5[1563]: s_connect: connected 89.238.166.236:443 2016.10.14 00:23:37 LOG5[1563]: Service [openvpn] connected remote server from 192.168.0.9:57094 2016.10.14 00:23:37 LOG6[1563]: SNI: sending servername: 89.238.166.236 2016.10.14 00:23:37 LOG6[1563]: SSL connected: previous session reused 2016.10.14 00:23:38 LOG6[1480]: SSL closed (SSL_read) 2016.10.14 00:23:38 LOG6[1480]: Read socket closed (readsocket) 2016.10.14 00:23:38 LOG6[1480]: Read socket closed (hangup) 2016.10.14 00:23:38 LOG6[1480]: Write socket closed (hangup) 2016.10.14 00:23:38 LOG6[1480]: SSL_shutdown successfully sent close_notify alert 2016.10.14 00:23:38 LOG5[1480]: Connection closed: 5868 byte(s) sent to SSL, 6639 byte(s) sent to socket 2016.10.14 00:23:43 LOG5[1608]: Service [openvpn] accepted connection from 127.0.0.1:42644 2016.10.14 00:23:43 LOG6[1608]: s_connect: connecting 89.238.166.236:443 2016.10.14 00:23:43 LOG5[1608]: s_connect: connected 89.238.166.236:443 2016.10.14 00:23:43 LOG5[1608]: Service [openvpn] connected remote server from 192.168.0.9:57096 2016.10.14 00:23:43 LOG6[1608]: SNI: sending servername: 89.238.166.236 2016.10.14 00:23:44 LOG6[1608]: SSL connected: previous session reused 2016.10.14 00:23:45 LOG6[1563]: SSL closed (SSL_read) 2016.10.14 00:23:45 LOG6[1563]: Read socket closed (readsocket) 2016.10.14 00:23:45 LOG6[1563]: Read socket closed (hangup) 2016.10.14 00:23:45 LOG6[1563]: Write socket closed (hangup) 2016.10.14 00:23:45 LOG6[1563]: SSL_shutdown successfully sent close_notify alert 2016.10.14 00:23:45 LOG5[1563]: Connection closed: 5442 byte(s) sent to SSL, 6213 byte(s) sent to socket 2016.10.14 00:23:50 LOG5[1626]: Service [openvpn] accepted connection from 127.0.0.1:42646 2016.10.14 00:23:50 LOG6[1626]: s_connect: connecting 89.238.166.236:443 2016.10.14 00:23:50 LOG5[1626]: s_connect: connected 89.238.166.236:443 2016.10.14 00:23:50 LOG5[1626]: Service [openvpn] connected remote server from 192.168.0.9:57098 2016.10.14 00:23:50 LOG6[1626]: SNI: sending servername: 89.238.166.236 2016.10.14 00:23:50 LOG6[1626]: SSL connected: previous session reused 2016.10.14 00:23:51 LOG6[1608]: SSL closed (SSL_read) 2016.10.14 00:23:51 LOG6[1608]: Read socket closed (readsocket) 2016.10.14 00:23:51 LOG6[1608]: Read socket closed (hangup) 2016.10.14 00:23:51 LOG6[1608]: Write socket closed (hangup) 2016.10.14 00:23:51 LOG6[1608]: SSL_shutdown successfully sent close_notify alert 2016.10.14 00:23:51 LOG5[1608]: Connection closed: 5545 byte(s) sent to SSL, 6396 byte(s) sent to socket 2016.10.14 00:23:56 LOG5[1628]: Service [openvpn] accepted connection from 127.0.0.1:42648 2016.10.14 00:23:56 LOG6[1628]: s_connect: connecting 89.238.166.236:443 2016.10.14 00:23:56 LOG5[1628]: s_connect: connected 89.238.166.236:443 2016.10.14 00:23:56 LOG5[1628]: Service [openvpn] connected remote server from 192.168.0.9:57100 2016.10.14 00:23:56 LOG6[1628]: SNI: sending servername: 89.238.166.236 2016.10.14 00:23:56 LOG6[1628]: SSL connected: previous session reused 2016.10.14 00:23:57 LOG6[1626]: SSL closed (SSL_read) 2016.10.14 00:23:57 LOG6[1626]: Read socket closed (readsocket) 2016.10.14 00:23:57 LOG6[1626]: Read socket closed (hangup) 2016.10.14 00:23:57 LOG6[1626]: Write socket closed (hangup) 2016.10.14 00:23:57 LOG6[1626]: SSL_shutdown successfully sent close_notify alert 2016.10.14 00:23:57 LOG5[1626]: Connection closed: 5442 byte(s) sent to SSL, 6213 byte(s) sent to socket 2016.10.14 00:24:02 LOG5[1629]: Service [openvpn] accepted connection from 127.0.0.1:42650 2016.10.14 00:24:02 LOG6[1629]: s_connect: connecting 89.238.166.236:443 2016.10.14 00:24:02 LOG5[1629]: s_connect: connected 89.238.166.236:443 2016.10.14 00:24:02 LOG5[1629]: Service [openvpn] connected remote server from 192.168.0.9:57102 2016.10.14 00:24:02 LOG6[1629]: SNI: sending servername: 89.238.166.236 2016.10.14 00:24:02 LOG6[1629]: SSL connected: previous session reused 2016.10.14 00:24:03 LOG6[1628]: SSL closed (SSL_read) 2016.10.14 00:24:03 LOG6[1628]: Read socket closed (readsocket) 2016.10.14 00:24:03 LOG6[1628]: Read socket closed (hangup) 2016.10.14 00:24:03 LOG6[1628]: Write socket closed (hangup) 2016.10.14 00:24:03 LOG6[1628]: SSL_shutdown successfully sent close_notify alert 2016.10.14 00:24:03 LOG5[1628]: Connection closed: 5442 byte(s) sent to SSL, 6213 byte(s) sent to socket 2016.10.14 00:24:08 LOG5[1630]: Service [openvpn] accepted connection from 127.0.0.1:42652 2016.10.14 00:24:08 LOG6[1630]: s_connect: connecting 89.238.166.236:443 2016.10.14 00:24:08 LOG5[1630]: s_connect: connected 89.238.166.236:443 2016.10.14 00:24:08 LOG5[1630]: Service [openvpn] connected remote server from 192.168.0.9:57104 2016.10.14 00:24:08 LOG6[1630]: SNI: sending servername: 89.238.166.236 2016.10.14 00:24:08 LOG6[1630]: SSL connected: previous session reused 2016.10.14 00:24:09 LOG6[1629]: SSL closed (SSL_read) 2016.10.14 00:24:09 LOG6[1629]: Read socket closed (readsocket) 2016.10.14 00:24:09 LOG6[1629]: Read socket closed (hangup) 2016.10.14 00:24:09 LOG6[1629]: Write socket closed (hangup) 2016.10.14 00:24:09 LOG6[1629]: SSL_shutdown successfully sent close_notify alert 2016.10.14 00:24:09 LOG5[1629]: Connection closed: 5442 byte(s) sent to SSL, 6213 byte(s) sent to socket 2016.10.14 00:24:14 LOG5[1631]: Service [openvpn] accepted connection from 127.0.0.1:42654 2016.10.14 00:24:14 LOG6[1631]: s_connect: connecting 89.238.166.236:443 2016.10.14 00:24:14 LOG5[1631]: s_connect: connected 89.238.166.236:443 2016.10.14 00:24:14 LOG5[1631]: Service [openvpn] connected remote server from 192.168.0.9:57106 2016.10.14 00:24:14 LOG6[1631]: SNI: sending servername: 89.238.166.236 2016.10.14 00:24:14 LOG6[1631]: SSL connected: previous session reused 2016.10.14 00:24:15 LOG6[1630]: SSL closed (SSL_read) 2016.10.14 00:24:15 LOG6[1630]: Read socket closed (readsocket) 2016.10.14 00:24:15 LOG6[1630]: Read socket closed (hangup) 2016.10.14 00:24:15 LOG6[1630]: Write socket closed (hangup) 2016.10.14 00:24:15 LOG6[1630]: SSL_shutdown successfully sent close_notify alert 2016.10.14 00:24:15 LOG5[1630]: Connection closed: 5442 byte(s) sent to SSL, 6213 byte(s) sent to socket 2016.10.14 00:24:20 LOG5[1632]: Service [openvpn] accepted connection from 127.0.0.1:42656 2016.10.14 00:24:20 LOG6[1632]: s_connect: connecting 89.238.166.236:443 2016.10.14 00:24:20 LOG5[1632]: s_connect: connected 89.238.166.236:443 2016.10.14 00:24:20 LOG5[1632]: Service [openvpn] connected remote server from 192.168.0.9:57108 2016.10.14 00:24:20 LOG6[1632]: SNI: sending servername: 89.238.166.236 2016.10.14 00:24:20 LOG6[1632]: SSL connected: previous session reused 2016.10.14 00:24:21 LOG6[1631]: SSL closed (SSL_read) 2016.10.14 00:24:21 LOG6[1631]: Read socket closed (readsocket) 2016.10.14 00:24:21 LOG6[1631]: Read socket closed (hangup) 2016.10.14 00:24:21 LOG6[1631]: Write socket closed (hangup) 2016.10.14 00:24:21 LOG6[1631]: SSL_shutdown successfully sent close_notify alert 2016.10.14 00:24:21 LOG5[1631]: Connection closed: 5442 byte(s) sent to SSL, 6213 byte(s) sent to socket Just noticed another thing. I've got another tun1 created if you look at ifconfig lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:6840 errors:0 dropped:0 overruns:0 frame:0 TX packets:6840 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:4295809 (4.0 MiB) TX bytes:4295809 (4.0 MiB) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.50.1.190 P-t-P:10.50.1.190 Mask:255.255.0.0 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:3253 errors:0 dropped:0 overruns:0 frame:0 TX packets:2580 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:3110958 (2.9 MiB) TX bytes:373134 (364.3 KiB) tun1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.50.1.190 P-t-P:10.50.1.190 Mask:255.255.0.0 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 TX bytes:0 (0.0 wlan1 Link encap:Ethernet HWaddr 00:c0:ca:84:a7:5e inet addr:192.168.0.9 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::2c0:caff:fe84:a75e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:7227 errors:0 dropped:0 overruns:0 frame:0 TX packets:3899 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:3907711 (3.7 MiB) TX bytes:959388 (936.9 KiB) And as a result routing table looks like thisdefault 10.50.0.1 128.0.0.0 UG 0 0 0 tun0 default 192.168.0.1 0.0.0.0 UG 1024 0 0 wlan1 10.50.0.0 * 255.255.0.0 U 0 0 0 tun0 10.50.0.0 * 255.255.0.0 U 0 0 0 tun1 server3.etsende 192.168.0.1 255.255.255.255 UGH 0 0 0 wlan1 localhost 192.168.0.1 255.255.255.255 UGH 0 0 0 wlan1 128.0.0.0 10.50.0.1 128.0.0.0 UG 0 0 0 tun0 link-local * 255.255.0.0 U 1000 0 0 wlan1 192.168.0.0 * 255.255.255.0 U 0 0 0 wlan1 Any input really appreciated. Cause with my newbish speed I'll spend another year finding the problem Quote Share this post Link to post
Milou13 0 Posted ... Ok, It's looks like that I can't find a solution for this one. Tried other forums as well. Would anyone be willing to help me for monetary reward?Thanks Quote Share this post Link to post
OpenSourcerer 1441 Posted ... 10.50.0.0 * 255.255.0.0 U 0 0 0 tun0 10.50.0.0 * 255.255.0.0 U 0 0 0 tun1 These two routes are more or less contradictory, routing the same IP addresses via different tunnels. Determine if they are present when you are not connected with any of the programs. Also, do you use Eddie? Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
zhang888 1066 Posted ... This looks like you maxed out your 3 allowed sessions. There is no reason why you should have more than a single tun interface,you have one (tun0) that is apparently working and connected via SSL - IP assigned from 10.50/16 range,and some other ones that are inactive. Make sure to close Eddie gracefully and not via the kill/pkill or the task manager. Also, you can try the experimental 2.11.5 version which can handle some abrupt conditions better. Quote Hide zhang888's signature Hide all signatures Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees. Share this post Link to post
Milou13 0 Posted ... 10.50.0.0 * 255.255.0.0 U 0 0 0 tun0 10.50.0.0 * 255.255.0.0 U 0 0 0 tun1 These two routes are more or less contradictory, routing the same IP addresses via different tunnels. Determine if they are present when you are not connected with any of the programs. Also, do you use Eddie? I use stunnel + openvpn. However, everything looks in sequence like this: 1) Before starting anything Destination Gateway Genmask Flags Metric Ref Use Iface default 192.168.0.1 0.0.0.0 UG 1024 0 0 wlan1 link-local * 255.255.0.0 U 1000 0 0 wlan1 192.168.0.0 * 255.255.255.0 U 0 0 0 wlan1 2) Switching stunnel on default 10.50.0.1 128.0.0.0 UG 0 0 0 tun0 default 192.168.0.1 0.0.0.0 UG 1024 0 0 wlan1 10.50.0.0 * 255.255.0.0 U 0 0 0 tun0 server3.etsende 192.168.0.1 255.255.255.255 UGH 0 0 0 wlan1 localhost 192.168.0.1 255.255.255.255 UGH 0 0 0 wlan1 128.0.0.0 10.50.0.1 128.0.0.0 UG 0 0 0 tun0 link-local * 255.255.0.0 U 1000 0 0 wlan1 192.168.0.0 * 255.255.255.0 U 0 0 0 wlan1 3)Adding openvpn, which mess everything up Destination Gateway Genmask Flags Metric Ref Use Iface default 10.50.0.1 128.0.0.0 UG 0 0 0 tun0 default 192.168.0.1 0.0.0.0 UG 1024 0 0 wlan1 10.50.0.0 * 255.255.0.0 U 0 0 0 tun0 10.50.0.0 * 255.255.0.0 U 0 0 0 tun1 server3.etsende 192.168.0.1 255.255.255.255 UGH 0 0 0 wlan1 localhost 192.168.0.1 255.255.255.255 UGH 0 0 0 wlan1 128.0.0.0 10.50.0.1 128.0.0.0 UG 0 0 0 tun0 link-local * 255.255.0.0 U 1000 0 0 wlan1 192.168.0.0 * 255.255.255.0 U 0 0 0 wlan1 This looks like you maxed out your 3 allowed sessions. There is no reason why you should have more than a single tun interface,you have one (tun0) that is apparently working and connected via SSL - IP assigned from 10.50/16 range,and some other ones that are inactive. Make sure to close Eddie gracefully and not via the kill/pkill or the task manager. Also, you can try the experimental 2.11.5 version which can handle some abrupt conditions better.When I'm using openvpn+ssl combination ,is that counts as 2 allowed sessions? Quote Share this post Link to post
zhang888 1066 Posted ... If you are using the SSL option in Eddie, you don't have to manually start OpenVPN after that.You just have to choose the SSL option in the protocols, everything else will be done automatically. Your step 3 is not needed - after step 2 you have OpenVPN over SSL running and ready as default route. Quote Hide zhang888's signature Hide all signatures Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees. Share this post Link to post
Milou13 0 Posted ... I don't use Eddie. In step #2 just starting stunnel via terminal with conf file from airvpn. Is thats enough?Cause https://airvpn.org/ssl/ states differently? Quote Share this post Link to post
zhang888 1066 Posted ... That doesn't matter if you use Eddie or not - when you connect using the generated config files with SSL same thing occurs.You don't need any further step after you see the 10.50.0.1 address as your default gateway. If you prefer to use the command line method, make sure there are no other processes such as Eddie or Network Managerthat initiate other OpenVPN connections. You can only get the 10.50.0.1 gateway and IP address from that mask when connected via tunnel, as per: https://airvpn.org/specs/ Port 2018 - Protocol TCPPort 2018 - Protocol SSHPort 2018 - Protocol SSL 10.50.*.* 10.50.0.1 Then visit https://ipleak.net and check if your IP is from the VPN server you are connected to. Quote Hide zhang888's signature Hide all signatures Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees. Share this post Link to post
Milou13 0 Posted ... That doesn't matter if you use Eddie or not - when you connect using the generated config files with SSL same thing occurs.You don't need any further step after you see the 10.50.0.1 address as your default gateway. If you prefer to use the command line method, make sure there are no other processes such as Eddie or Network Managerthat initiate other OpenVPN connections. You can only get the 10.50.0.1 gateway and IP address from that mask when connected via tunnel, as per: https://airvpn.org/specs/ Port 2018 - Protocol TCPPort 2018 - Protocol SSHPort 2018 - Protocol SSL 10.50.*.* 10.50.0.1 Then visit https://ipleak.net and check if your IP is from the VPN server you are connected to. Dude! I was looking for some kind of super duper bug while struggling with basics.Phew... What a relief. Can I paypal/bitcoin your for beer? It's the least I can do Quote Share this post Link to post