Comodo settings for VPN over TOR

[h92GCn 0]

Two questions...

TOR over VPN connects fine but not VPN over TOR which I narrowed down to Comodo(no problems with just router firewall) that I setup using the AirVPN Guide.

So how do I configure Comodo to allow TOR without leaks?

Also, why do we have to use TOR Browser Bundle(which doesn't make sense for VPN over TOR) instead of just TOR Client?

Thanks

[Staff 9972]

Two questions...

TOR over VPN connects fine but not VPN over TOR which I narrowed down to Comodo(no problems with just router firewall) that I setup using the AirVPN Guide.

So how do I configure Comodo to allow TOR without leaks?

Hello!

Please see the following thread:

https://airvpn.org/index.php?option=com_kunena&func=view&catid=2&id=7021&Itemid=142

Kind regards

[h92GCn 0]

But that solution introduces leaks.

And what about my second question?

[Staff 9972]

But that solution introduces leaks.

Hello!

Yes, you must be aware of potential leak of your browser to https web sites in case of unexpected disconnection if you try to access them.

And what about my second question?

It's just an example which we believe is simple to explain, you can of course use your favorite TOR solution.

Kind regards

[h92GCn 0]

OK I've managed to connect the VPN through TOR but the VPN only stays connected for a little while then resets.

Fri Feb 01 15:54:27 2013 MANAGEMENT: >STATE:1359687267,CONNECTED,SUCCESS,10.5.3.98,127.0.0.1

Fri Feb 01 15:55:13 2013 Connection reset, restarting [0]

Fri Feb 01 15:55:13 2013 D:\WINDOWS\system32\route.exe DELETE 10.5.0.1 MASK 255.255.255.255 10.5.3.97

Fri Feb 01 15:55:13 2013 Route deletion via IPAPI succeeded [adaptive]

Fri Feb 01 15:55:13 2013 D:\WINDOWS\system32\route.exe DELETE 127.0.0.1 MASK 255.255.255.255 192.168.0.1

Fri Feb 01 15:55:13 2013 ROUTE: route deletion failed using DeleteIpForwardEntry: The parameter is incorrect.

Fri Feb 01 15:55:13 2013 Route deletion via IPAPI failed [adaptive]

Fri Feb 01 15:55:13 2013 Route deletion fallback to route.exe

Fri Feb 01 15:55:13 2013 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem

The route specified was not found.

Fri Feb 01 15:55:13 2013 D:\WINDOWS\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 10.5.3.97

Fri Feb 01 15:55:13 2013 Route deletion via IPAPI succeeded [adaptive]

Fri Feb 01 15:55:13 2013 D:\WINDOWS\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 10.5.3.97

Fri Feb 01 15:55:13 2013 Route deletion via IPAPI succeeded [adaptive]

Fri Feb 01 15:55:13 2013 Closing TUN/TAP interface

Fri Feb 01 15:55:13 2013 SIGUSR1[soft,connection-reset] received, process restarting

Fri Feb 01 15:55:13 2013 MANAGEMENT: >STATE:1359687313,RECONNECTING,connection-reset,,

Fri Feb 01 15:55:13 2013 Restart pause, 5 second(s)

Fri Feb 01 15:55:18 2013 MANAGEMENT: CMD 'proxy SOCKS 127.0.0.1 9050'

Fri Feb 01 15:55:19 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

Fri Feb 01 15:55:19 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]

Fri Feb 01 15:55:19 2013 Attempting to establish TCP connection with [AF_INET]127.0.0.1:9050

Fri Feb 01 15:55:19 2013 MANAGEMENT: >STATE:1359687319,TCP_CONNECT,,,

Fri Feb 01 15:55:19 2013 TCP connection established with [AF_INET]127.0.0.1:9050

Fri Feb 01 15:55:20 2013 TCPv4_CLIENT link local: [undef]

Fri Feb 01 15:55:20 2013 TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:9050

Fri Feb 01 15:55:20 2013 MANAGEMENT: >STATE:1359687320,WAIT,,,

Fri Feb 01 15:55:21 2013 MANAGEMENT: >STATE:1359687321,AUTH,,,

Fri Feb 01 15:55:21 2013 TLS: Initial packet from [AF_INET]127.0.0.1:9050, sid=ca1e4ded 253fa389

Fri Feb 01 15:55:30 2013 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org

Fri Feb 01 15:55:30 2013 VERIFY OK: nsCertType=SERVER

Fri Feb 01 15:55:30 2013 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org

Fri Feb 01 15:55:48 2013 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Fri Feb 01 15:55:48 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Fri Feb 01 15:55:48 2013 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Fri Feb 01 15:55:48 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Fri Feb 01 15:55:48 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

Fri Feb 01 15:55:48 2013 [server] Peer Connection Initiated with [AF_INET]127.0.0.1:9050

Fri Feb 01 15:55:49 2013 MANAGEMENT: >STATE:1359687349,GET_CONFIG,,,

Fri Feb 01 15:55:50 2013 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

Fri Feb 01 15:55:51 2013 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.5.0.1,comp-lzo no,route 10.5.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.5.3.98 10.5.3.97'

Fri Feb 01 15:55:51 2013 OPTIONS IMPORT: timers and/or timeouts modified

Fri Feb 01 15:55:51 2013 OPTIONS IMPORT: LZO parms modified

Fri Feb 01 15:55:51 2013 OPTIONS IMPORT: --ifconfig/up options modified

Fri Feb 01 15:55:51 2013 OPTIONS IMPORT: route options modified

Fri Feb 01 15:55:51 2013 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

Fri Feb 01 15:55:51 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0

Fri Feb 01 15:55:51 2013 MANAGEMENT: >STATE:1359687351,ASSIGN_IP,,10.5.3.98,

Fri Feb 01 15:55:51 2013 open_tun, tt->ipv6=0

Fri Feb 01 15:55:51 2013 TAP-WIN32 device [AirVPN] opened: \\.\Global\{2F61C6B9-6BFD-4C3E-8887-91354BC0B8BC}.tap

Fri Feb 01 15:55:51 2013 TAP-Windows Driver Version 9.9

Fri Feb 01 15:55:51 2013 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.5.3.98/255.255.255.252 on interface {2F61C6B9-6BFD-4C3E-8887-91354BC0B8BC} [DHCP-serv: 10.5.3.97, lease-time: 31536000]

Fri Feb 01 15:55:51 2013 Successful ARP Flush on interface [4] {2F61C6B9-6BFD-4C3E-8887-91354BC0B8BC}

Fri Feb 01 15:55:56 2013 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up

Fri Feb 01 15:55:56 2013 D:\WINDOWS\system32\route.exe ADD 127.0.0.1 MASK 255.255.255.255 192.168.0.1

Fri Feb 01 15:55:56 2013 ROUTE: route addition failed using CreateIpForwardEntry: The parameter is incorrect. [status=87 if_index=2]

Fri Feb 01 15:55:56 2013 Route addition via IPAPI failed [adaptive]

Fri Feb 01 15:55:56 2013 Route addition fallback to route.exe

Fri Feb 01 15:55:56 2013 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem

The route addition failed: The parameter is incorrect.

Fri Feb 01 15:55:56 2013 D:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.5.3.97

Fri Feb 01 15:55:56 2013 Route addition via IPAPI succeeded [adaptive]

Fri Feb 01 15:55:56 2013 D:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.5.3.97

Fri Feb 01 15:55:56 2013 Route addition via IPAPI succeeded [adaptive]

Fri Feb 01 15:55:56 2013 MANAGEMENT: >STATE:1359687356,ADD_ROUTES,,,

Fri Feb 01 15:55:56 2013 D:\WINDOWS\system32\route.exe ADD 10.5.0.1 MASK 255.255.255.255 10.5.3.97

Fri Feb 01 15:55:56 2013 Route addition via IPAPI succeeded [adaptive]

Fri Feb 01 15:55:56 2013 Initialization Sequence Completed

Fri Feb 01 15:55:56 2013 MANAGEMENT: >STATE:1359687356,CONNECTED,SUCCESS,10.5.3.98,127.0.0.1

[Staff 9972]

Hello!

Apparently OpenVPN can't set the routing table, are you running it (or OpenVPN GUI) with administrator privileges? Also, what OpenVPN version are you using?

Kind regards

[h92GCn 0]

Yes I'm using admin privileges(as far as I know) and I'm using OpenVPN 2.3.0(the latest one)

[Staff 9972]

Yes I'm using admin privileges(as far as I know) and I'm using OpenVPN 2.3.0(the latest one)

Hello!

Just to be sure, you confirm that this problem does not occur in the same machine when you don't connect over a proxy?

Kind regards

[h92GCn 0]

Correct, I'm using VPN without proxy as I type this.

[h92GCn 0]

bump

[h92GCn 0]

bump

C'mon I really want to resolve this.