Jump to content
Not connected, Your IP: 44.200.40.97
Stalinium

ANSWERED Pegasus (US) is down BUT is selected as best US server

Recommended Posts

Posted ... (edited)

Pegasus, US unconnectable. Fails with AUTH_FAILURE. Unfortunately it is currently selected by the DNS as the preferred US server.
Connecting directly to Pollux (US) worked for me: I copied the US config (certs embedded) and changed the IP address. Here's a log for Pegasus (from right now, MTU notifications are from my own edits):

2021-09-26 04:29:38 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2021-09-26 04:29:38 OpenVPN 2.5.3 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Jun 17 2021
2021-09-26 04:29:38 Windows version 6.1 (Windows 7) 64bit
2021-09-26 04:29:38 library versions: OpenSSL 1.1.1k  25 Mar 2021, LZO 2.10
Enter Management Password:
2021-09-26 04:29:38 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25343
2021-09-26 04:29:38 Need hold release from management interface, waiting...
2021-09-26 04:29:38 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25343
2021-09-26 04:29:38 MANAGEMENT: CMD 'state on'
2021-09-26 04:29:38 MANAGEMENT: CMD 'log all on'
2021-09-26 04:29:38 MANAGEMENT: CMD 'echo all on'
2021-09-26 04:29:38 MANAGEMENT: CMD 'bytecount 5'
2021-09-26 04:29:38 MANAGEMENT: CMD 'hold off'
2021-09-26 04:29:38 MANAGEMENT: CMD 'hold release'
2021-09-26 04:29:38 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-09-26 04:29:38 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-09-26 04:29:38 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1250)
2021-09-26 04:29:38 MANAGEMENT: >STATE:1632655778,RESOLVE,,,,,,
2021-09-26 04:29:38 TCP/UDP: Preserving recently used remote address: [AF_INET]199.249.230.16:443
2021-09-26 04:29:38 Socket Buffers: R=[8192->262144] S=[8192->262144]
2021-09-26 04:29:38 UDP link local: (not bound)
2021-09-26 04:29:38 UDP link remote: [AF_INET]199.249.230.16:443
2021-09-26 04:29:38 MANAGEMENT: >STATE:1632655778,WAIT,,,,,,
2021-09-26 04:29:39 MANAGEMENT: >STATE:1632655779,AUTH,,,,,,
2021-09-26 04:29:39 TLS: Initial packet from [AF_INET]199.249.230.16:443, sid=83a14a89 9092e81f
2021-09-26 04:29:39 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
2021-09-26 04:29:39 VERIFY KU OK
2021-09-26 04:29:39 Validating certificate extended key usage
2021-09-26 04:29:39 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2021-09-26 04:29:39 VERIFY EKU OK
2021-09-26 04:29:39 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Pegasus, emailAddress=info@airvpn.org
2021-09-26 04:29:39 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1372', remote='link-mtu 1558'
2021-09-26 04:29:39 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1250', remote='tun-mtu 1500'
2021-09-26 04:29:39 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 4096 bit RSA, signature: RSA-SHA512
2021-09-26 04:29:39 [Pegasus] Peer Connection Initiated with [AF_INET]199.249.230.16:443
2021-09-26 04:29:40 MANAGEMENT: >STATE:1632655780,GET_CONFIG,,,,,,
2021-09-26 04:29:40 SENT CONTROL [Pegasus]: 'PUSH_REQUEST' (status=1)
2021-09-26 04:29:40 AUTH: Received control message: AUTH_FAILED
2021-09-26 04:29:40 SIGUSR1[soft,auth-failure] received, process restarting
2021-09-26 04:29:40 MANAGEMENT: >STATE:1632655780,RECONNECTING,auth-failure,,,,,
2021-09-26 04:29:40 Restart pause, 5 second(s)
2021-09-26 04:29:45 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-09-26 04:29:45 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-09-26 04:29:45 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1250)
2021-09-26 04:29:45 TCP/UDP: Preserving recently used remote address: [AF_INET]199.249.230.16:443
2021-09-26 04:29:45 Socket Buffers: R=[8192->262144] S=[8192->262144]
2021-09-26 04:29:45 UDP link local: (not bound)
2021-09-26 04:29:45 UDP link remote: [AF_INET]199.249.230.16:443
2021-09-26 04:29:45 MANAGEMENT: >STATE:1632655785,WAIT,,,,,,
2021-09-26 04:29:46 MANAGEMENT: >STATE:1632655786,AUTH,,,,,,
2021-09-26 04:29:46 TLS: Initial packet from [AF_INET]199.249.230.16:443, sid=807e834f 86f4a62b
2021-09-26 04:29:46 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
2021-09-26 04:29:46 VERIFY KU OK
2021-09-26 04:29:46 Validating certificate extended key usage
2021-09-26 04:29:46 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2021-09-26 04:29:46 VERIFY EKU OK
2021-09-26 04:29:46 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Pegasus, emailAddress=info@airvpn.org
2021-09-26 04:29:46 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1372', remote='link-mtu 1558'
2021-09-26 04:29:46 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1250', remote='tun-mtu 1500'
2021-09-26 04:29:46 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 4096 bit RSA, signature: RSA-SHA512
2021-09-26 04:29:46 [Pegasus] Peer Connection Initiated with [AF_INET]199.249.230.16:443
2021-09-26 04:29:47 MANAGEMENT: >STATE:1632655787,GET_CONFIG,,,,,,
2021-09-26 04:29:47 SENT CONTROL [Pegasus]: 'PUSH_REQUEST' (status=1)
2021-09-26 04:29:47 AUTH: Received control message: AUTH_FAILED
2021-09-26 04:29:47 SIGUSR1[soft,auth-failure] received, process restarting
2021-09-26 04:29:47 MANAGEMENT: >STATE:1632655787,RECONNECTING,auth-failure,,,,,
2021-09-26 04:29:47 Restart pause, 5 second(s)
2021-09-26 04:29:51 SIGTERM[hard,init_instance] received, process exiting
2021-09-26 04:29:51 MANAGEMENT: >STATE:1632655791,EXITING,init_instance,,,,,


The server page shows Pegasus is chosen as the best server although Pegasus' stats show it has zero users and the drop happened a couple hours ago (Sunday 09:00 on the graph).
Similar to my last post I propose that servers are ranked differently. Apparently this time an end-to-end test using OpenVPN is required since the server is reachable but it has got issues with authentication.

servers page.png

pegasus page.png

Edited ... by Stalinium

Share this post


Link to post
@Stalinium

Thank you! The problem has been resolved with the domain name. However, we still have issues with three servers in Dallas, including Pegasus, which have been closed (so they will not be picked for names resolution or by our software). We are working on them.

EDIT: problem resolved.

Kind regards
 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...