Jump to content
Not connected, Your IP: 3.145.10.68
Sign in to follow this  
PunkinDonuts

Re: Blocking all non-VPN traffic (Windows)

Recommended Posts

I got Comodo installed and it seems I'm thisclose to getting everything working. The one issue I seem to be having is that my VPN network connection and my physical NIC appear to not be "talking" to each other. I know I missed something but I can't figure out what it is.

Here is a pic of my set up, per the instructions posted in the Windows & Comodo - Prevent leaks thread:

http://imgur.com/a/RY7TG

Also, is asking for application access proper for Comodo? It still asks me for permission to allow Chrome to access the Internet when I check my router settings.

Thank you!

Share this post


Link to post

I'm not sure how this became its own topic, but I apologize. Anyway, I forgot to mention that I can successfully connect to the two VPN servers I have listed in the screenshots (Vega and Octantis), but when they are connected no Internet traffic flows. I can connect internally to my router, however.

Share this post


Link to post

Hello!

Your Network Zones and Global Rules are just fine. Probably the problem does not lie in Comodo settings. Do you notice any difference if you perform a connection with Comodo Firewall set to "Disabled"?

Also, can you please send us the connection logs of your client pertaining to the issue?

Kind regards

Share this post


Link to post

Success!! I fixed it as I was typing this message, but it was thanks to you, Admin!

After looking at the log (I have posted it below for anyone else that runs into this issue), I noticed a lot of Access Denied issues (as you can see from the first line it couldn't even write the log, I had to copy it from the Show Status message box). I guessed this was the problem, so I closed down OpenVPN and then ran it as Administrator. Bingo, now it all works.

Just to test it, I disconnected from Octantis tried a website, and it was a no go. I then connected to Vega and the site connected fine.

Tue Dec 18 17:33:45 2012 Warning: cannot open --log file: C:\Program Files\OpenVPN\log\AirVPN US Octantis - UDP 443.log: Access is denied. (errno=5)

Tue Dec 18 17:33:45 2012 OpenVPN 2.3_rc1 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [iPv6] built on Nov 1 2012

Tue Dec 18 17:33:45 2012 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.10:25340

Tue Dec 18 17:33:45 2012 Need hold release from management interface, waiting...

Tue Dec 18 17:33:50 2012 MANAGEMENT: Client connected from [AF_INET]127.0.0.10:25340

Tue Dec 18 17:33:50 2012 MANAGEMENT: CMD 'state on'

Tue Dec 18 17:33:50 2012 MANAGEMENT: CMD 'log all on'

Tue Dec 18 17:33:50 2012 MANAGEMENT: CMD 'hold off'

Tue Dec 18 17:33:50 2012 MANAGEMENT: CMD 'hold release'

Tue Dec 18 17:33:50 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

Tue Dec 18 17:33:50 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]

Tue Dec 18 17:33:50 2012 UDPv4 link local: [undef]

Tue Dec 18 17:33:50 2012 UDPv4 link remote: [AF_INET]69.163.36.106:443

Tue Dec 18 17:33:50 2012 MANAGEMENT: >STATE:1355880830,WAIT,,,

Tue Dec 18 17:33:50 2012 MANAGEMENT: >STATE:1355880830,AUTH,,,

Tue Dec 18 17:33:50 2012 TLS: Initial packet from [AF_INET]69.163.36.106:443, sid=8b3513db 52903711

Tue Dec 18 17:33:54 2012 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org

Tue Dec 18 17:33:54 2012 VERIFY OK: nsCertType=SERVER

Tue Dec 18 17:33:54 2012 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org

Tue Dec 18 17:33:54 2012 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Tue Dec 18 17:33:54 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Tue Dec 18 17:33:54 2012 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Tue Dec 18 17:33:54 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Tue Dec 18 17:33:54 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

Tue Dec 18 17:33:54 2012 [server] Peer Connection Initiated with [AF_INET]69.163.36.106:443

Tue Dec 18 17:33:56 2012 MANAGEMENT: >STATE:1355880836,GET_CONFIG,,,

Tue Dec 18 17:33:57 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

Tue Dec 18 17:33:59 2012 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.3.174 10.4.3.173'

Tue Dec 18 17:33:59 2012 OPTIONS IMPORT: timers and/or timeouts modified

Tue Dec 18 17:33:59 2012 OPTIONS IMPORT: LZO parms modified

Tue Dec 18 17:33:59 2012 OPTIONS IMPORT: --ifconfig/up options modified

Tue Dec 18 17:33:59 2012 OPTIONS IMPORT: route options modified

Tue Dec 18 17:33:59 2012 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

Tue Dec 18 17:33:59 2012 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0

Tue Dec 18 17:33:59 2012 MANAGEMENT: >STATE:1355880839,ASSIGN_IP,,10.4.3.174,

Tue Dec 18 17:33:59 2012 open_tun, tt->ipv6=0

Tue Dec 18 17:33:59 2012 TAP-WIN32 device [Local Area Connection 3] opened: \\.\Global\{8633B1D0-A3EF-40EC-843F-D75567FD9250}.tap

Tue Dec 18 17:33:59 2012 TAP-Windows Driver Version 9.9

Tue Dec 18 17:33:59 2012 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.4.3.174/255.255.255.252 on interface {8633B1D0-A3EF-40EC-843F-D75567FD9250} [DHCP-serv: 10.4.3.173, lease-time: 31536000]

Tue Dec 18 17:33:59 2012 NOTE: FlushIpNetTable failed on interface [20] {8633B1D0-A3EF-40EC-843F-D75567FD9250} (status=5) : Access is denied.

Tue Dec 18 17:34:04 2012 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up

Tue Dec 18 17:34:04 2012 C:\Windows\system32\route.exe ADD 69.163.36.106 MASK 255.255.255.255 192.168.1.2

Tue Dec 18 17:34:04 2012 ROUTE: route addition failed using CreateIpForwardEntry: Access is denied. [status=5 if_index=12]

Tue Dec 18 17:34:04 2012 Route addition via IPAPI failed [adaptive]

Tue Dec 18 17:34:04 2012 Route addition fallback to route.exe

Tue Dec 18 17:34:04 2012 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem

Tue Dec 18 17:34:04 2012 ERROR: Windows route add command failed [adaptive]: returned error code 1

Tue Dec 18 17:34:04 2012 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.4.3.173

Tue Dec 18 17:34:04 2012 ROUTE: route addition failed using CreateIpForwardEntry: Access is denied. [status=5 if_index=20]

Tue Dec 18 17:34:04 2012 Route addition via IPAPI failed [adaptive]

Tue Dec 18 17:34:04 2012 Route addition fallback to route.exe

Tue Dec 18 17:34:04 2012 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem

Tue Dec 18 17:34:04 2012 ERROR: Windows route add command failed [adaptive]: returned error code 1

Tue Dec 18 17:34:04 2012 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.4.3.173

Tue Dec 18 17:34:04 2012 ROUTE: route addition failed using CreateIpForwardEntry: Access is denied. [status=5 if_index=20]

Tue Dec 18 17:34:04 2012 Route addition via IPAPI failed [adaptive]

Tue Dec 18 17:34:04 2012 Route addition fallback to route.exe

Tue Dec 18 17:34:04 2012 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem

Tue Dec 18 17:34:04 2012 ERROR: Windows route add command failed [adaptive]: returned error code 1

Tue Dec 18 17:34:04 2012 MANAGEMENT: >STATE:1355880844,ADD_ROUTES,,,

Tue Dec 18 17:34:04 2012 C:\Windows\system32\route.exe ADD 10.4.0.1 MASK 255.255.255.255 10.4.3.173

Tue Dec 18 17:34:04 2012 ROUTE: route addition failed using CreateIpForwardEntry: Access is denied. [status=5 if_index=20]

Tue Dec 18 17:34:04 2012 Route addition via IPAPI failed [adaptive]

Tue Dec 18 17:34:04 2012 Route addition fallback to route.exe

Tue Dec 18 17:34:04 2012 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem

Tue Dec 18 17:34:04 2012 ERROR: Windows route add command failed [adaptive]: returned error code 1

Tue Dec 18 17:34:04 2012 Initialization Sequence Completed

Tue Dec 18 17:34:04 2012 MANAGEMENT: >STATE:1355880844,CONNECTED,SUCCESS,10.4.3.174,69.163.36.106

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...