Jump to content
Not connected, Your IP: 3.14.145.167
Sign in to follow this  
hoffli

How to connect from command line on Ubuntu 16?

Recommended Posts

Hi, 

 

I am used to using *sudo openvpn --config file.ovpn* and will not switch to use any GUI. However after switching to Ubuntu 16.04 LTS I cannot connect to AirVPN - the log looks like connection succeeded but I have no internet connection. Could you please point me to a tutorial on how to connect from terminal? I cannot find any. 

 

~/AirVPN$ sudo openvpn --config germany.ovpn 
Mon Mar 27 09:40:44 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [iPv6] built on Feb  2 2016
Mon Mar 27 09:40:44 2017 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Mon Mar 27 09:40:44 2017 Control Channel Authentication: tls-auth using INLINE static key file
Mon Mar 27 09:40:44 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Mar 27 09:40:44 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Mar 27 09:40:44 2017 Socket Buffers: R=[212992->212992] S=[212992->212992]
Mon Mar 27 09:40:44 2017 UDPv4 link local: [undef]
Mon Mar 27 09:40:44 2017 UDPv4 link remote: [AF_INET]178.162.198.112:2018
Mon Mar 27 09:40:46 2017 TLS: Initial packet from [AF_INET]178.162.198.112:2018, sid=5f8e2f65 10b9f080
Mon Mar 27 09:40:46 2017 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
Mon Mar 27 09:40:46 2017 Validating certificate key usage
Mon Mar 27 09:40:46 2017 ++ Certificate has key usage  00a0, expects 00a0
Mon Mar 27 09:40:46 2017 VERIFY KU OK
Mon Mar 27 09:40:46 2017 Validating certificate extended key usage
Mon Mar 27 09:40:46 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Mon Mar 27 09:40:46 2017 VERIFY EKU OK
Mon Mar 27 09:40:46 2017 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
Mon Mar 27 09:40:47 2017 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Mar 27 09:40:47 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Mar 27 09:40:47 2017 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Mar 27 09:40:47 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Mar 27 09:40:47 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Mon Mar 27 09:40:47 2017 [server] Peer Connection Initiated with [AF_INET]178.162.198.112:2018
Mon Mar 27 09:40:49 2017 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon Mar 27 09:40:49 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.30.0.1,comp-lzo no,route-gateway 10.30.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.30.0.155 255.255.0.0'
Mon Mar 27 09:40:49 2017 OPTIONS IMPORT: timers and/or timeouts modified
Mon Mar 27 09:40:49 2017 OPTIONS IMPORT: LZO parms modified
Mon Mar 27 09:40:49 2017 OPTIONS IMPORT: --ifconfig/up options modified
Mon Mar 27 09:40:49 2017 OPTIONS IMPORT: route options modified
Mon Mar 27 09:40:49 2017 OPTIONS IMPORT: route-related options modified
Mon Mar 27 09:40:49 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Mar 27 09:40:49 2017 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 IFACE=wlp2s0 HWADDR=48:51:b7:b2:37:2f
Mon Mar 27 09:40:49 2017 TUN/TAP device tun0 opened
Mon Mar 27 09:40:49 2017 TUN/TAP TX queue length set to 100
Mon Mar 27 09:40:49 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Mar 27 09:40:49 2017 /sbin/ip link set dev tun0 up mtu 1500
Mon Mar 27 09:40:49 2017 /sbin/ip addr add dev tun0 10.30.0.155/16 broadcast 10.30.255.255
Mon Mar 27 09:40:49 2017 /sbin/ip route add 178.162.198.112/32 via 192.168.0.1
Mon Mar 27 09:40:49 2017 /sbin/ip route add 0.0.0.0/1 via 10.30.0.1
Mon Mar 27 09:40:49 2017 /sbin/ip route add 128.0.0.0/1 via 10.30.0.1
Mon Mar 27 09:40:49 2017 Initialization Sequence Completed
 

Share this post


Link to post

Yes, you're definitely connected. Do you have absolutrly no connectivity, or is it just DNS lookups that are failing? You might want to try adding the following to the end of your AirVPN config file if you haven't done so already.

 

script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

Share this post


Link to post

After what you did, then check /etc/resolv.conf and if 10.4.0.1 is there. If not edit the file and change it/save it, then try to connect.

Share this post


Link to post

After what you did, then check /etc/resolv.conf and if 10.4.0.1 is there. If not edit the file and change it/save it, then try to connect.

 

In this case it is 10.3.0.1, but yes this is a good way to check if your system is updating resolv.conf correctly.

Share this post


Link to post

 

After what you did, then check /etc/resolv.conf and if 10.4.0.1 is there. If not edit the file and change it/save it, then try to connect.

 

In this case it is 10.3.0.1, but yes this is a good way to check if your system is updating resolv.conf correctly.

 

Hello,

 

10.3.0.1 is not one of our private addresses in the VPN. It is out of any of our subnets. The problem is that you don't take care of DNS push. OpenVPN will not do that for you in Linux. Please see here for some ideas:

https://airvpn.org/topic/9608-how-to-accept-dns-push-on-linux-systems-with-resolvconf/

 

Kind regards

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...