Jump to content
Not connected, Your IP: 18.118.119.129
Sign in to follow this  
dYu784jseDsJ

VPN over TOR not working

Recommended Posts

Hi there. VPN by itself works great. Thanks

TOR by itself works, both using the TBB and using 127.0.0.1:9050 (SOCKS5) in all other browsers/software. However, when I put that info into AirVPN, I get "fails to connect". I've seen some others post this problem, but without much debug info. But here's mine:

AirVPN Logs:

10/24/2012 - 1:58 AM OpenVPN current version: OpenVPN 2.2.2

10/24/2012 - 1:58 AM Ready.

10/24/2012 - 1:58 AM Login...

10/24/2012 - 1:58 AM Login success.

10/24/2012 - 1:58 AM Contacting service...

10/24/2012 - 1:58 AM Connecting...

10/24/2012 - 1:58 AM OpenVPN 2.2.2 Win32-MSVC++ [sSL] [LZO2] [PKCS11] built on Dec 15 2011

10/24/2012 - 1:58 AM NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

10/24/2012 - 1:58 AM LZO compression initialized

10/24/2012 - 1:58 AM Control Channel MTU parms [ L:1558 D:138 EF:38 EB:0 ET:0 EL:10 ]

10/24/2012 - 1:58 AM Socket Buffers: R=[8192->8192] S=[8192->8192]

10/24/2012 - 1:58 AM Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:10 AF:3/1 ]

10/24/2012 - 1:58 AM Local Options hash (VER=V4): '22188c5b'

10/24/2012 - 1:58 AM Expected Remote Options hash (VER=V4): 'a8f55717'

10/24/2012 - 1:58 AM Attempting to establish TCP connection with 127.0.0.1:9050

10/24/2012 - 1:58 AM TCP connection established with 127.0.0.1:9050

10/24/2012 - 1:58 AM recv_socks_reply: Socks proxy returned bad reply

10/24/2012 - 1:58 AM TCP/UDP: Closing socket

10/24/2012 - 1:58 AM SIGTERM[soft,init_instance] received, process exiting

10/24/2012 - 1:58 AM Failed to start.

And from TOR's perspective, the connection attempt from AirVPN above adds this to its logs:

Oct 24 01:58:47.060 [warn] socks5: command 3 not recognized. Rejecting.

Oct 24 01:58:47.060 [warn] Fetching socks handshake failed. Closing.

Help?!

Share this post


Link to post

Hello!

Quite difficult to figure it out... anyway, can you please make sure that the proxy types match? OpenVPN supports connections over both http and socks proxies, but it must know in advance which proxy type it will meet. Perhaps OpenVPN is expecting a http proxy instead of a socks one.

Kind regards

Share this post


Link to post

Hello!

Can you please try with OpenVPN or OpenVPN GUI directly? The generator for the files you need is available in menu "Member Area"->"Access Without Our Client".

After that, please send us again the OpenVPN logs and your configuration file.

Kind regards

Share this post


Link to post

I spent an hour fooling around yet couldn't get OpenVPN working directly. Can't test it over TOR until I figure out how to get it working directly. I think I was successful the last time I tried it, but this time it says connected, yet my connection remains direct. :dry:

Share this post


Link to post

I'm having the exact same problem.

I'm running Vidalia Tor bundle, configured AirVpn to use SOCKS on 127.0.0.1 on 9050

I'm wondering if Openvpn uses a different version of the SOCKS protocol when communicating with Tor.

As I have this message in the Tor logs:

[sat 15. Dec 12:33:41 2012] Unknown SOCKS Protocol - One of your applications tried to establish a connection through Tor using a protocol that Tor does not understand. Please ensure you configure your applications to use only SOCKS4a or SOCKS5 with remote hostname resolution.

I'll try and investigate further to see what version it uses by default - and get back to you if it is any different.

Here are the logs for AirVPN

15/12/2012 - 14:57 AirVPN client version: 1.7

15/12/2012 - 14:57 Reading options from C:\Users\Kristin\AppData\Roaming\AirVPN\Air\1.0.0.0\AirVPN.xml

15/12/2012 - 14:57 OpenVPN bundle version: OpenVPN 2.2.2

15/12/2012 - 14:57 OpenVPN current version: OpenVPN 2.2.2

15/12/2012 - 14:57 Ready.

15/12/2012 - 14:57 Login...

15/12/2012 - 14:57 Login success.

15/12/2012 - 14:58 Contacting service...

15/12/2012 - 14:58 Connecting...

15/12/2012 - 14:58 OpenVPN 2.2.2 Win32-MSVC++ [sSL] [LZO2] [PKCS11] built on Dec 15 2011

15/12/2012 - 14:58 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

15/12/2012 - 14:58 LZO compression initialized

15/12/2012 - 14:58 Control Channel MTU parms [ L:1558 D:138 EF:38 EB:0 ET:0 EL:10 ]

15/12/2012 - 14:58 Socket Buffers: R=[8192->8192] S=[8192->8192]

15/12/2012 - 14:58 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:10 AF:3/1 ]

15/12/2012 - 14:58 Local Options hash (VER=V4): '22188c5b'

15/12/2012 - 14:58 Expected Remote Options hash (VER=V4): 'a8f55717'

15/12/2012 - 14:58 Attempting to establish TCP connection with 127.0.0.1:9050

15/12/2012 - 14:58 TCP connection established with 127.0.0.1:9050

15/12/2012 - 14:58 recv_socks_reply: Socks proxy returned bad reply

15/12/2012 - 14:58 TCP/UDP: Closing socket

15/12/2012 - 14:58 SIGTERM[soft,init_instance] received, process exiting

15/12/2012 - 14:58 Failed to start.

Share this post


Link to post

It's taken me a while, but I think I have it working, but could someone's advice to make sure.

I had set up Comodo firewall following the guide on the forum, so that if the OpenVPN dies then all apps are blocked.

However to get OpenVPN talking to TOR I had to allow access to port 443

otherwise I got the errors stated before.

I've tried OpenVPN using the Openvpn gui on with configs for ports 53 and another for 443, and had TOR setup to allow 53 within it's allowed ports.

But this too was only able to connect on 443.

On the face of it the end point IP in TOR is the start point for the VPN, so it seems to be doing the right thing.

However, what risks to me in terms of P2P by exposing port 443?

I've a feeling there is a better way of doing this.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...