Sirius went down for 30 minutes

[Staff 9972]

Hello!

We have had some issues with Sirius, we apologize for the inconvenience. We have managed to solve the problem and Sirius is again working fine. Please feel free to report any issue.

Kind regards

[xdroid 0]

Hi, I can connect to Sirius but cannot access any web addresses(started yesterday and still today). All other (edit) servers are working fine. I have not tried pinging your DNS while connected to it as I just switched to a different server. Thanks

[Staff 9972]

Hi, I can connect to Sirius but cannot access any web addresses(started yesterday and still today). All other (edit) servers are working fine. I have not tried pinging your DNS while connected to it as I just switched to a different server. Thanks

Hello!

We don't detect this problem on Sirius. Which port do you connect to? Can you please send us the logs, the network cards DNS (if you're on Windows) and the routing table, and check whether there's any difference with other servers?

Kind regards

[5o52xwmftthyuq2gmdy6 0]

Same issue; can connect, can't get to anything. Running on linux, with a 192.168.2.* LAN.

# dig +stats google.com

; <<>> DiG 9.8.1-P1 <<>> +stats google.com

;; global options: +cmd

;; connection timed out; no servers could be reached

# route

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

default 10.4.18.137 0.0.0.0 UG 0 0 0 tun0

10.4.0.1 10.4.18.137 255.255.255.255 UGH 0 0 0 tun0

10.4.18.137 * 255.255.255.255 UH 0 0 0 tun0

108.59.8.147 192.168.2.1 255.255.255.255 UGH 0 0 0 eth0

link-local * 255.255.0.0 U 1000 0 0 eth0

192.168.2.0 * 255.255.255.0 U 1 0 0 eth0

# ifconfig

eth0 Link encap:Ethernet HWaddr <redacted>

inet addr:192.168.2.40 Bcast:192.168.2.255 Mask:255.255.255.0

inet6 addr: <redacted>

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:68741655 errors:0 dropped:0 overruns:0 frame:0

TX packets:77072445 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:70201571609 (70.2 GB) TX bytes:70330562864 (70.3 GB)

Interrupt:16

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:1010530 errors:0 dropped:0 overruns:0 frame:0

TX packets:1010530 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:206391648 (206.3 MB) TX bytes:206391648 (206.3 MB)

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00

inet addr:10.4.18.138 P-t-P:10.4.18.137 Mask:255.255.255.255

UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1

RX packets:2013 errors:0 dropped:0 overruns:0 frame:0

TX packets:1691 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:100

RX bytes:381439 (381.4 KB) TX bytes:465055 (465.0 KB)

Not sure where the Linux logs would be, but I can forward them if you can point me to them (ubuntu).

[Staff 9972]

Same issue; can connect, can't get to anything. Running on linux, with a 192.168.2.* LAN.

Not sure where the Linux logs would be, but I can forward them if you can point me to them (ubuntu).

Hello!

Kernel routing table and network interfaces look ok.

You can launch "sudo openvpn" with the --log-append directive to store the logs where you wish.

Can you please also send us the content of your /etc/resolv.conf ?

Kind regards

[5o52xwmftthyuq2gmdy6 0]

Same issue; can connect, can't get to anything. Running on linux, with a 192.168.2.* LAN.

Not sure where the Linux logs would be, but I can forward them if you can point me to them (ubuntu).

Hello!

Kernel routing table and network interfaces look ok.

You can launch "sudo openvpn" with the --log-append <filename> directive to store the logs where you wish.

Can you please also send us the content of your /etc/resolv.conf ?

Kind regards

I'm logged in to the machine via ssh and running the vpn via the network manager; I can kill that via command line, but that will disconnect me and I won't be able to get back in of course. When I get back to my machine physically, I'll try with the logging enabled. In the meantime, I found this; is this helpful?

Aug 23 11:40:01 media-server NetworkManager[747]: <info> Starting VPN service 'openvpn'...

Aug 23 11:40:01 media-server NetworkManager[747]: <info> VPN service 'openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 32083

Aug 23 11:40:01 media-server NetworkManager[747]: <info> VPN service 'openvpn' appeared; activating connections

Aug 23 11:40:01 media-server NetworkManager[747]: <info> VPN plugin state changed: init (1)

Aug 23 11:40:01 media-server NetworkManager[747]: <info> VPN plugin state changed: starting (3)

Aug 23 11:40:01 media-server NetworkManager[747]: <info> VPN connection 'air' (Connect) reply received.

Aug 23 11:40:01 media-server nm-openvpn[32086]: OpenVPN 2.2.1 i686-linux-gnu [sSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [iPv6 payload 20110424-2 (2.2RC2)] built on Mar 30 2012

Aug 23 11:40:01 media-server nm-openvpn[32086]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

Aug 23 11:40:01 media-server nm-openvpn[32086]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Aug 23 11:40:01 media-server nm-openvpn[32086]: WARNING: file 'xxxxxxxxxx/.airvpn/manassas_udp_443/user.key' is group or others accessible

Aug 23 11:40:01 media-server nm-openvpn[32086]: LZO compression initialized

Aug 23 11:40:01 media-server nm-openvpn[32086]: UDPv4 link local: [undef]

Aug 23 11:40:01 media-server nm-openvpn[32086]: UDPv4 link remote: [AF_INET]108.59.8.147:443

Aug 23 11:40:02 media-server nm-openvpn[32086]: [server] Peer Connection Initiated with [AF_INET]108.59.8.147:443

Aug 23 11:40:10 media-server NetworkManager[747]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tun0, iface: tun0)

Aug 23 11:40:10 media-server NetworkManager[747]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found.

Aug 23 11:40:10 media-server nm-openvpn[32086]: TUN/TAP device tun0 opened

Aug 23 11:40:10 media-server nm-openvpn[32086]: /usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper tun0 1500 1558 10.4.18.138 10.4.18.137 init

Aug 23 11:40:11 media-server NetworkManager[747]: <info> VPN connection 'air' (IP Config Get) reply received.

Aug 23 11:40:11 media-server NetworkManager[747]: <info> VPN Gateway: 108.59.8.147

Aug 23 11:40:11 media-server NetworkManager[747]: <info> Internal Gateway: 10.4.18.137

Aug 23 11:40:11 media-server NetworkManager[747]: <info> Tunnel Device: tun0

Aug 23 11:40:11 media-server NetworkManager[747]: <info> Internal IP4 Address: 10.4.18.138

Aug 23 11:40:11 media-server NetworkManager[747]: <info> Internal IP4 Prefix: 32

Aug 23 11:40:11 media-server NetworkManager[747]: <info> Internal IP4 Point-to-Point Address: 10.4.18.137

Aug 23 11:40:11 media-server NetworkManager[747]: <info> Maximum Segment Size (MSS): 0

Aug 23 11:40:11 media-server NetworkManager[747]: <info> Static Route: 10.4.0.1/32 Next Hop: 10.4.0.1

Aug 23 11:40:11 media-server NetworkManager[747]: <info> Forbid Default Route: no

Aug 23 11:40:11 media-server NetworkManager[747]: <info> Internal IP4 DNS: 10.4.0.1

Aug 23 11:40:11 media-server NetworkManager[747]: <info> DNS Domain: '(none)'

Aug 23 11:40:11 media-server nm-openvpn[32086]: Initialization Sequence Completed

Aug 23 11:40:12 media-server NetworkManager[747]: <info> DNS: starting dnsmasq...

Aug 23 11:40:12 media-server dnsmasq[32052]: exiting on receipt of SIGTERM

Aug 23 11:40:12 media-server NetworkManager[747]: <info> (tun0): writing resolv.conf to /sbin/resolvconf

Aug 23 11:40:12 media-server dnsmasq[32094]: started, version 2.59 cache disabled

Aug 23 11:40:12 media-server dnsmasq[32094]: compile time options: IPv6 GNU-getopt DBus i18n DHCP TFTP conntrack IDN

Aug 23 11:40:12 media-server dnsmasq[32094]: using nameserver 10.4.0.1#53

Aug 23 11:40:12 media-server NetworkManager[747]: <info> VPN connection 'air' (IP Config Get) complete.

Aug 23 11:40:12 media-server NetworkManager[747]: <info> Policy set 'air' (tun0) as default for IPv4 routing and DNS.

Aug 23 11:40:12 media-server dbus[718]: [system] Activating service name='org.freedesktop.nm_dispatcher' (using servicehelper)

Aug 23 11:40:12 media-server NetworkManager[747]: <info> VPN plugin state changed: started (4)

Aug 23 11:40:12 media-server dbus[718]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'

I'm running mint 13. I don't have an /etc/resolv.conf, but /etc/resolveconf/resolv.conf/base is just a header; no content.

/etc/resolvconf/interface-order is:

/etc/resolvconf> cat interface-order

# interface-order(5)

lo.inet*

lo.dnsmasq

lo.pdnsd

lo.!(pdns|pdns-recursor)

lo

tun*

tap*

hso*

em+([0-9])?(_+([0-9]))*

p+([0-9])p+([0-9])?(_+([0-9]))*

eth*

ath*

wlan*

ppp*

*

[Staff 9972]

@5o52xwmftthyuq2gmdy6

Hello!

The resolv interfaces order is correct. The network-manager logs look fine, please just check that you are running OpenVPN in "client mode" (do you use the configuration file generated by our generator or did you modify it?) and that all the certificates are accessible. Our clients DO require server certificate verification and our servers verify client certificates (double-certificate verification with ca.crt and user.crt so that no MITM is possible).

Does the problem occur on Sirius only or on every server?

Kind regards

[sunnymorning 1]

keep it up the great work airvpn , sweden servers ftw!!!!

[5o52xwmftthyuq2gmdy6 0]

I was using a file generated by the airvpn system. I created a new one, on the Librae server and it works fine; I'm able to "get out". It's definitely something weird between my system and Sirius that is the problem, but since Librae works I'll stick with it for now.

I notice that the UI for generating the client files is different than when I used it before; could there be a difference there?

[xdroid 0]

Still having this issue here is the log.

27/08/2012 - 16:10 AirVPN client version: 1.7

27/08/2012 - 16:10 Reading options from C:\Users\User\AppData\Roaming\AirVPN\Air\1.0.0.0\AirVPN.xml

27/08/2012 - 16:10 OpenVPN bundle version: OpenVPN 2.2.2

27/08/2012 - 16:10 OpenVPN current version: OpenVPN 2.2.2

27/08/2012 - 16:10 Ready.

27/08/2012 - 16:10 Login...

27/08/2012 - 16:10 Login success.

27/08/2012 - 16:10 Contacting service...

27/08/2012 - 16:10 Connecting...

27/08/2012 - 16:10 OpenVPN 2.2.2 Win32-MSVC++ [sSL] [LZO2] [PKCS11] built on Dec 15 2011

27/08/2012 - 16:10 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

27/08/2012 - 16:10 LZO compression initialized

27/08/2012 - 16:10 Control Channel MTU parms [ L:1558 D:138 EF:38 EB:0 ET:0 EL:0 ]

27/08/2012 - 16:10 Socket Buffers: R=[8192->8192] S=[8192->8192]

27/08/2012 - 16:10 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]

27/08/2012 - 16:10 Local Options hash (VER=V4): '22188c5b'

27/08/2012 - 16:10 Expected Remote Options hash (VER=V4): 'a8f55717'

27/08/2012 - 16:10 UDPv4 link local: [undef]

27/08/2012 - 16:10 UDPv4 link remote: 108.59.8.147:443

27/08/2012 - 16:10 TLS: Initial packet from 108.59.8.147:443, sid=6ab3d41f c5ae034f

27/08/2012 - 16:10 VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

27/08/2012 - 16:10 VERIFY OK: nsCertType=SERVER

27/08/2012 - 16:10 VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

27/08/2012 - 16:10 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

27/08/2012 - 16:10 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

27/08/2012 - 16:10 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

27/08/2012 - 16:10 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

27/08/2012 - 16:10 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

27/08/2012 - 16:10 [server] Peer Connection Initiated with 108.59.8.147:443

27/08/2012 - 16:10 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

27/08/2012 - 16:10 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.4.13.110 10.4.13.109'

27/08/2012 - 16:10 OPTIONS IMPORT: timers and/or timeouts modified

27/08/2012 - 16:10 OPTIONS IMPORT: LZO parms modified

27/08/2012 - 16:10 OPTIONS IMPORT: --ifconfig/up options modified

27/08/2012 - 16:10 OPTIONS IMPORT: route options modified

27/08/2012 - 16:10 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

27/08/2012 - 16:10 ROUTE default_gateway=192.168.1.1

27/08/2012 - 16:10 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{DB7661BE-9308-466D-AE18-67AE3F12883B}.tap

27/08/2012 - 16:10 TAP-Win32 Driver Version 9.9

27/08/2012 - 16:10 TAP-Win32 MTU=1500

27/08/2012 - 16:10 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.4.13.110/255.255.255.252 on interface {DB7661BE-9308-466D-AE18-67AE3F12883B} [DHCP-serv: 10.4.13.109, lease-time: 31536000]

27/08/2012 - 16:10 Successful ARP Flush on interface [15] {DB7661BE-9308-466D-AE18-67AE3F12883B}

27/08/2012 - 16:10 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up

27/08/2012 - 16:10 C:\WINDOWS\system32\route.exe ADD 108.59.8.147 MASK 255.255.255.255 192.168.1.1

27/08/2012 - 16:10 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=10 and dwForwardType=4

27/08/2012 - 16:10 Route addition via IPAPI succeeded [adaptive]

27/08/2012 - 16:10 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.4.13.109

27/08/2012 - 16:10 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4

27/08/2012 - 16:10 Route addition via IPAPI succeeded [adaptive]

27/08/2012 - 16:10 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.4.13.109

27/08/2012 - 16:10 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4

27/08/2012 - 16:10 Route addition via IPAPI succeeded [adaptive]

27/08/2012 - 16:10 C:\WINDOWS\system32\route.exe ADD 10.4.0.1 MASK 255.255.255.255 10.4.13.109

27/08/2012 - 16:10 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4

27/08/2012 - 16:10 Route addition via IPAPI succeeded [adaptive]

27/08/2012 - 16:10 Initialization Sequence Completed

27/08/2012 - 16:10 Starting Management Interface...

27/08/2012 - 16:10 Checking...

27/08/2012 - 16:10 Retrieve statistics...

27/08/2012 - 16:10 Connected.

I can connect and use every other server. Thanks