Search the Community
Showing results for tags 'chain'.
Found 2 results
-
My operating system is Debian 10.9 and I am experimenting on double-hop two different VPN servers. Some call it chaining or cascading two VPN servers. Attached is the script that I found on the internet. It is called updown.sh and I attach it to this post. The contents of the config file that I used were: client dev tun remote exit-ip-of-airvpn-server 443 resolv-retry infinite nobind persist-key persist-tun auth-nocache route-delay 5 verb 3 remote-cert-tls server data-ciphers-fallback AES-256-CBC comp-lzo no proto tcp auth SHA512 script-security 2 up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf <ca> -----BEGIN CERTIFICATE----- alphanumeric text -----END CERTIFICATE----- </ca> <cert> -----BEGIN CERTIFICATE----- alphanumeric text -----END CERTIFICATE----- </cert> <key> -----BEGIN PRIVATE KEY----- alphanumeric text -----END PRIVATE KEY----- </key> <tls-crypt> -----BEGIN OpenVPN Static key V1----- alphanumeric text -----END OpenVPN Static key V1----- </tls-crypt> I have the error message "RTNETLINK answers: Operation not supported" when AirVPN Server is the first hop. Below is the full log: username@localhost:~/test$ sudo openvpn --config AirVPN_TCP-443-Entry4.ovpn --script-security 2 --route remote_host --persist-tun --up updown.sh --down updown.sh --route-noexec [sudo] password for username: 2021-04-29 18:32:59 Multiple --up scripts defined. The previously configured script is overridden. 2021-04-29 18:32:59 Multiple --down scripts defined. The previously configured script is overridden. 2021-04-29 18:32:59 OpenVPN 2.5.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 21 2021 2021-04-29 18:32:59 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10 2021-04-29 18:32:59 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2021-04-29 18:32:59 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key 2021-04-29 18:32:59 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-04-29 18:32:59 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key 2021-04-29 18:32:59 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-04-29 18:32:59 TCP/UDP: Preserving recently used remote address: [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 18:32:59 Socket Buffers: R=[131072->131072] S=[16384->16384] 2021-04-29 18:32:59 Attempting to establish TCP connection with [AF_INET]exit-ip-of-airvpn-server:443 [nonblock] 2021-04-29 18:32:59 TCP connection established with [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 18:32:59 TCP_CLIENT link local: (not bound) 2021-04-29 18:32:59 TCP_CLIENT link remote: [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 18:33:00 TLS: Initial packet from [AF_INET]exit-ip-of-airvpn-server:443, sid=8bb71dc6 7f1a32a5 2021-04-29 18:33:00 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org 2021-04-29 18:33:00 VERIFY KU OK 2021-04-29 18:33:00 Validating certificate extended key usage 2021-04-29 18:33:00 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2021-04-29 18:33:00 VERIFY EKU OK 2021-04-29 18:33:00 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn-server, emailAddress=info@airvpn.org 2021-04-29 18:33:01 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 4096 bit RSA, signature: RSA-SHA512 2021-04-29 18:33:01 [AirVPN-Server] Peer Connection Initiated with [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 18:33:01 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.21.207.1,route-gateway 10.21.207.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.21.207.18 255.255.255.0,peer-id 0,cipher AES-256-GCM' 2021-04-29 18:33:01 OPTIONS IMPORT: timers and/or timeouts modified 2021-04-29 18:33:01 OPTIONS IMPORT: compression parms modified 2021-04-29 18:33:01 OPTIONS IMPORT: --ifconfig/up options modified 2021-04-29 18:33:01 OPTIONS IMPORT: route options modified 2021-04-29 18:33:01 OPTIONS IMPORT: route-related options modified 2021-04-29 18:33:01 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified 2021-04-29 18:33:01 OPTIONS IMPORT: peer-id set 2021-04-29 18:33:01 OPTIONS IMPORT: adjusting link_mtu to 1627 2021-04-29 18:33:01 OPTIONS IMPORT: data channel crypto options modified 2021-04-29 18:33:01 Data Channel: using negotiated cipher 'AES-256-GCM' 2021-04-29 18:33:01 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key 2021-04-29 18:33:01 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key 2021-04-29 18:33:01 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=enx000ec6ca331e HWADDR=11:1e:b7:de:00:2f 2021-04-29 18:33:01 TUN/TAP device tun0 opened 2021-04-29 18:33:01 /sbin/ip link set dev tun0 up mtu 1500 2021-04-29 18:33:01 /sbin/ip link set dev tun0 up 2021-04-29 18:33:01 /sbin/ip addr add dev tun0 10.21.207.18/24 2021-04-29 18:33:01 updown.sh tun0 1500 1555 10.21.207.18 255.255.255.0 init updown.sh: STARTED updown.sh: hop number: (default: 1) updown.sh: gateway of previous hop: (default: local gateway) updown.sh: local gateway: 192.168.1.1 updown.sh: VPN: int. IP address: 10.21.207.18 updown.sh: VPN: netmask: 255.255.255.0 updown.sh: VPN: gateway: 10.21.207.1 updown.sh: VPN: public IP address: exit-ip-of-airvpn-server updown.sh: Notice: You didn't set 'hopid'. Assuming this to be the first hop (hopid=1). updown.sh: Notice: You didn't set the previous gateway. The gateway of your local network ('192.168.1.1') will be used. updown.sh: executing: '/usr/sbin/ip route add exit-ip-of-airvpn-server via 192.168.1.1' updown.sh: executing: '/usr/sbin/ip route add 0.0.0.0/1 via 10.21.207.1' updown.sh: executing: '/usr/sbin/ip route add 128.0.0.0/1 via 10.21.207.1' updown.sh: executing: '/usr/sbin/ip -6 route add 2000::/4 dev tun0' RTNETLINK answers: Operation not supported updown.sh: executing: '/usr/sbin/ip -6 route add 3000::/4 dev tun0' RTNETLINK answers: Operation not supported updown.sh: HINT: For the next hop, start openvpn with the following options: updown.sh: HINT: openvpn --config <config.conf> --script-security 2 --route remote_host --persist-tun --up updown.sh --down updown.sh --route-noexec --setenv hopid 2 --setenv prevgw 10.21.207.1 updown.sh: execuding: '/etc/openvpn/update-resolv-conf' dhcp-option DNS 10.21.207.1 updown.sh: FINISHED 2021-04-29 18:33:06 Initialization Sequence Completed There were about four "RTNETLINK answers: Operation not supported" messages when AirVPN Server was the second hop. Below is the full log: sudo openvpn --config AirVPN_TCP-443-Entry4.ovpn --script-security 2 --route remote_host --persist-tun --up updown.sh --down updown.sh --route-noexec --setenv hopid 2 --setenv prevgw 10.10.101.9 [sudo] password for username: 2021-04-29 17:38:57 Multiple --up scripts defined. The previously configured script is overridden. 2021-04-29 17:38:57 Multiple --down scripts defined. The previously configured script is overridden. 2021-04-29 17:38:57 OpenVPN 2.5.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 21 2021 2021-04-29 17:38:57 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10 2021-04-29 17:38:57 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2021-04-29 17:38:57 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key 2021-04-29 17:38:57 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-04-29 17:38:57 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key 2021-04-29 17:38:57 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-04-29 17:38:57 TCP/UDP: Preserving recently used remote address: [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 17:38:57 Socket Buffers: R=[131072->131072] S=[16384->16384] 2021-04-29 17:38:57 Attempting to establish TCP connection with [AF_INET]exit-ip-of-airvpn-server:443 [nonblock] 2021-04-29 17:38:57 TCP connection established with [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 17:38:57 TCP_CLIENT link local: (not bound) 2021-04-29 17:38:57 TCP_CLIENT link remote: [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 17:38:58 TLS: Initial packet from [AF_INET]exit-ip-of-airvpn-server:443, sid=efab61d0 f267c3aa 2021-04-29 17:38:58 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org 2021-04-29 17:38:58 VERIFY KU OK 2021-04-29 17:38:58 Validating certificate extended key usage 2021-04-29 17:38:58 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2021-04-29 17:38:58 VERIFY EKU OK 2021-04-29 17:38:58 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn-server, emailAddress=info@airvpn.org 2021-04-29 17:38:59 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 4096 bit RSA, signature: RSA-SHA512 2021-04-29 17:38:59 [AirVPN-Server] Peer Connection Initiated with [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 17:39:00 SENT CONTROL [AirVPN-Server]: 'PUSH_REQUEST' (status=1) 2021-04-29 17:39:00 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.21.195.1,route-gateway 10.21.195.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.21.195.37 255.255.255.0,peer-id 0,cipher AES-256-GCM' 2021-04-29 17:39:00 OPTIONS IMPORT: timers and/or timeouts modified 2021-04-29 17:39:00 OPTIONS IMPORT: compression parms modified 2021-04-29 17:39:00 OPTIONS IMPORT: --ifconfig/up options modified 2021-04-29 17:39:00 OPTIONS IMPORT: route options modified 2021-04-29 17:39:00 OPTIONS IMPORT: route-related options modified 2021-04-29 17:39:00 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified 2021-04-29 17:39:00 OPTIONS IMPORT: peer-id set 2021-04-29 17:39:00 OPTIONS IMPORT: adjusting link_mtu to 1627 2021-04-29 17:39:00 OPTIONS IMPORT: data channel crypto options modified 2021-04-29 17:39:00 Data Channel: using negotiated cipher 'AES-256-GCM' 2021-04-29 17:39:00 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key 2021-04-29 17:39:00 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key 2021-04-29 17:39:00 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=enx000ec6ca331e HWADDR=11:1e:b7:de:00:2f 2021-04-29 17:39:00 TUN/TAP device tun1 opened 2021-04-29 17:39:00 /sbin/ip link set dev tun1 up mtu 1500 2021-04-29 17:39:00 /sbin/ip link set dev tun1 up 2021-04-29 17:39:00 /sbin/ip addr add dev tun1 10.21.195.37/24 2021-04-29 17:39:00 updown.sh tun1 1500 1555 10.21.195.37 255.255.255.0 init updown.sh: STARTED updown.sh: hop number: 2 (default: 1) updown.sh: gateway of previous hop: 10.10.101.9 (default: local gateway) updown.sh: local gateway: 192.168.1.1 updown.sh: VPN: int. IP address: 10.21.195.37 updown.sh: VPN: netmask: 255.255.255.0 updown.sh: VPN: gateway: 10.21.195.1 updown.sh: VPN: public IP address: exit-ip-of-airvpn-server updown.sh: executing: '/usr/sbin/ip route add exit-ip-of-airvpn-server via 10.10.101.9' updown.sh: executing: '/usr/sbin/ip route add 0.0.0.0/2 via 10.21.195.1' updown.sh: executing: '/usr/sbin/ip route add 64.0.0.0/2 via 10.21.195.1' updown.sh: executing: '/usr/sbin/ip route add 128.0.0.0/2 via 10.21.195.1' updown.sh: executing: '/usr/sbin/ip route add 192.0.0.0/2 via 10.21.195.1' updown.sh: executing: '/usr/sbin/ip -6 route add 2000::/5 dev tun1' RTNETLINK answers: Operation not supported updown.sh: executing: '/usr/sbin/ip -6 route add 2800::/5 dev tun1' RTNETLINK answers: Operation not supported updown.sh: executing: '/usr/sbin/ip -6 route add 3000::/5 dev tun1' RTNETLINK answers: Operation not supported updown.sh: executing: '/usr/sbin/ip -6 route add 3800::/5 dev tun1' RTNETLINK answers: Operation not supported updown.sh: HINT: For the next hop, start openvpn with the following options: updown.sh: HINT: openvpn --config <config.conf> --script-security 2 --route remote_host --persist-tun --up updown.sh --down updown.sh --route-noexec --setenv hopid 3 --setenv prevgw 10.21.195.1 updown.sh: execuding: '/etc/openvpn/update-resolv-conf' dhcp-option DNS 10.21.195.1 updown.sh: FINISHED 2021-04-29 17:39:05 Initialization Sequence Completed How do I fix the "RTNETLINK: Operation not supported" issue? updown.sh
-
Hello I have a very strange problem with my Windows 10 laptop. I try to make a VPN chain. My host OS is a freshly and clean installed Windows 10 Professional without any third party antivirus or firewall installed. I set up an Ubuntu virtual machine in vmware workstation player with NAT network setting. I can successfully connect to the first VPN server on my host OS and start up the virtual machine. When I go to ipleak.net (in the Ubuntu guest OS) i can see the ip address from the first VPN server, so far so good. But when I try to fire up the eddie client in the Ubuntu guest OS and make the second VPN connection it's always stuck on checking route and it fails to connect. After that, I tried to disable the VPN connection on my host OS. I can now make a VPN connection inside the Ubuntu guest OS without any errors. So, a VPN connection is possible on the host and guest OS, but chaining doesn't work. I tried exactly the same on my friends Windows 10 host machine and it worked right away. Why it doesn't on my Windows 10 Laptop?