Search the Community
Showing results for tags 'double hop'.
Found 2 results
-
My operating system is Debian 10.9 and I am experimenting on double-hop two different VPN servers. Some call it chaining or cascading two VPN servers. Attached is the script that I found on the internet. It is called updown.sh and I attach it to this post. The contents of the config file that I used were: client dev tun remote exit-ip-of-airvpn-server 443 resolv-retry infinite nobind persist-key persist-tun auth-nocache route-delay 5 verb 3 remote-cert-tls server data-ciphers-fallback AES-256-CBC comp-lzo no proto tcp auth SHA512 script-security 2 up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf <ca> -----BEGIN CERTIFICATE----- alphanumeric text -----END CERTIFICATE----- </ca> <cert> -----BEGIN CERTIFICATE----- alphanumeric text -----END CERTIFICATE----- </cert> <key> -----BEGIN PRIVATE KEY----- alphanumeric text -----END PRIVATE KEY----- </key> <tls-crypt> -----BEGIN OpenVPN Static key V1----- alphanumeric text -----END OpenVPN Static key V1----- </tls-crypt> I have the error message "RTNETLINK answers: Operation not supported" when AirVPN Server is the first hop. Below is the full log: username@localhost:~/test$ sudo openvpn --config AirVPN_TCP-443-Entry4.ovpn --script-security 2 --route remote_host --persist-tun --up updown.sh --down updown.sh --route-noexec [sudo] password for username: 2021-04-29 18:32:59 Multiple --up scripts defined. The previously configured script is overridden. 2021-04-29 18:32:59 Multiple --down scripts defined. The previously configured script is overridden. 2021-04-29 18:32:59 OpenVPN 2.5.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 21 2021 2021-04-29 18:32:59 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10 2021-04-29 18:32:59 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2021-04-29 18:32:59 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key 2021-04-29 18:32:59 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-04-29 18:32:59 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key 2021-04-29 18:32:59 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-04-29 18:32:59 TCP/UDP: Preserving recently used remote address: [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 18:32:59 Socket Buffers: R=[131072->131072] S=[16384->16384] 2021-04-29 18:32:59 Attempting to establish TCP connection with [AF_INET]exit-ip-of-airvpn-server:443 [nonblock] 2021-04-29 18:32:59 TCP connection established with [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 18:32:59 TCP_CLIENT link local: (not bound) 2021-04-29 18:32:59 TCP_CLIENT link remote: [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 18:33:00 TLS: Initial packet from [AF_INET]exit-ip-of-airvpn-server:443, sid=8bb71dc6 7f1a32a5 2021-04-29 18:33:00 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org 2021-04-29 18:33:00 VERIFY KU OK 2021-04-29 18:33:00 Validating certificate extended key usage 2021-04-29 18:33:00 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2021-04-29 18:33:00 VERIFY EKU OK 2021-04-29 18:33:00 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn-server, emailAddress=info@airvpn.org 2021-04-29 18:33:01 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 4096 bit RSA, signature: RSA-SHA512 2021-04-29 18:33:01 [AirVPN-Server] Peer Connection Initiated with [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 18:33:01 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.21.207.1,route-gateway 10.21.207.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.21.207.18 255.255.255.0,peer-id 0,cipher AES-256-GCM' 2021-04-29 18:33:01 OPTIONS IMPORT: timers and/or timeouts modified 2021-04-29 18:33:01 OPTIONS IMPORT: compression parms modified 2021-04-29 18:33:01 OPTIONS IMPORT: --ifconfig/up options modified 2021-04-29 18:33:01 OPTIONS IMPORT: route options modified 2021-04-29 18:33:01 OPTIONS IMPORT: route-related options modified 2021-04-29 18:33:01 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified 2021-04-29 18:33:01 OPTIONS IMPORT: peer-id set 2021-04-29 18:33:01 OPTIONS IMPORT: adjusting link_mtu to 1627 2021-04-29 18:33:01 OPTIONS IMPORT: data channel crypto options modified 2021-04-29 18:33:01 Data Channel: using negotiated cipher 'AES-256-GCM' 2021-04-29 18:33:01 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key 2021-04-29 18:33:01 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key 2021-04-29 18:33:01 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=enx000ec6ca331e HWADDR=11:1e:b7:de:00:2f 2021-04-29 18:33:01 TUN/TAP device tun0 opened 2021-04-29 18:33:01 /sbin/ip link set dev tun0 up mtu 1500 2021-04-29 18:33:01 /sbin/ip link set dev tun0 up 2021-04-29 18:33:01 /sbin/ip addr add dev tun0 10.21.207.18/24 2021-04-29 18:33:01 updown.sh tun0 1500 1555 10.21.207.18 255.255.255.0 init updown.sh: STARTED updown.sh: hop number: (default: 1) updown.sh: gateway of previous hop: (default: local gateway) updown.sh: local gateway: 192.168.1.1 updown.sh: VPN: int. IP address: 10.21.207.18 updown.sh: VPN: netmask: 255.255.255.0 updown.sh: VPN: gateway: 10.21.207.1 updown.sh: VPN: public IP address: exit-ip-of-airvpn-server updown.sh: Notice: You didn't set 'hopid'. Assuming this to be the first hop (hopid=1). updown.sh: Notice: You didn't set the previous gateway. The gateway of your local network ('192.168.1.1') will be used. updown.sh: executing: '/usr/sbin/ip route add exit-ip-of-airvpn-server via 192.168.1.1' updown.sh: executing: '/usr/sbin/ip route add 0.0.0.0/1 via 10.21.207.1' updown.sh: executing: '/usr/sbin/ip route add 128.0.0.0/1 via 10.21.207.1' updown.sh: executing: '/usr/sbin/ip -6 route add 2000::/4 dev tun0' RTNETLINK answers: Operation not supported updown.sh: executing: '/usr/sbin/ip -6 route add 3000::/4 dev tun0' RTNETLINK answers: Operation not supported updown.sh: HINT: For the next hop, start openvpn with the following options: updown.sh: HINT: openvpn --config <config.conf> --script-security 2 --route remote_host --persist-tun --up updown.sh --down updown.sh --route-noexec --setenv hopid 2 --setenv prevgw 10.21.207.1 updown.sh: execuding: '/etc/openvpn/update-resolv-conf' dhcp-option DNS 10.21.207.1 updown.sh: FINISHED 2021-04-29 18:33:06 Initialization Sequence Completed There were about four "RTNETLINK answers: Operation not supported" messages when AirVPN Server was the second hop. Below is the full log: sudo openvpn --config AirVPN_TCP-443-Entry4.ovpn --script-security 2 --route remote_host --persist-tun --up updown.sh --down updown.sh --route-noexec --setenv hopid 2 --setenv prevgw 10.10.101.9 [sudo] password for username: 2021-04-29 17:38:57 Multiple --up scripts defined. The previously configured script is overridden. 2021-04-29 17:38:57 Multiple --down scripts defined. The previously configured script is overridden. 2021-04-29 17:38:57 OpenVPN 2.5.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 21 2021 2021-04-29 17:38:57 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10 2021-04-29 17:38:57 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2021-04-29 17:38:57 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key 2021-04-29 17:38:57 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-04-29 17:38:57 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key 2021-04-29 17:38:57 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-04-29 17:38:57 TCP/UDP: Preserving recently used remote address: [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 17:38:57 Socket Buffers: R=[131072->131072] S=[16384->16384] 2021-04-29 17:38:57 Attempting to establish TCP connection with [AF_INET]exit-ip-of-airvpn-server:443 [nonblock] 2021-04-29 17:38:57 TCP connection established with [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 17:38:57 TCP_CLIENT link local: (not bound) 2021-04-29 17:38:57 TCP_CLIENT link remote: [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 17:38:58 TLS: Initial packet from [AF_INET]exit-ip-of-airvpn-server:443, sid=efab61d0 f267c3aa 2021-04-29 17:38:58 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org 2021-04-29 17:38:58 VERIFY KU OK 2021-04-29 17:38:58 Validating certificate extended key usage 2021-04-29 17:38:58 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2021-04-29 17:38:58 VERIFY EKU OK 2021-04-29 17:38:58 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn-server, emailAddress=info@airvpn.org 2021-04-29 17:38:59 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 4096 bit RSA, signature: RSA-SHA512 2021-04-29 17:38:59 [AirVPN-Server] Peer Connection Initiated with [AF_INET]exit-ip-of-airvpn-server:443 2021-04-29 17:39:00 SENT CONTROL [AirVPN-Server]: 'PUSH_REQUEST' (status=1) 2021-04-29 17:39:00 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.21.195.1,route-gateway 10.21.195.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.21.195.37 255.255.255.0,peer-id 0,cipher AES-256-GCM' 2021-04-29 17:39:00 OPTIONS IMPORT: timers and/or timeouts modified 2021-04-29 17:39:00 OPTIONS IMPORT: compression parms modified 2021-04-29 17:39:00 OPTIONS IMPORT: --ifconfig/up options modified 2021-04-29 17:39:00 OPTIONS IMPORT: route options modified 2021-04-29 17:39:00 OPTIONS IMPORT: route-related options modified 2021-04-29 17:39:00 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified 2021-04-29 17:39:00 OPTIONS IMPORT: peer-id set 2021-04-29 17:39:00 OPTIONS IMPORT: adjusting link_mtu to 1627 2021-04-29 17:39:00 OPTIONS IMPORT: data channel crypto options modified 2021-04-29 17:39:00 Data Channel: using negotiated cipher 'AES-256-GCM' 2021-04-29 17:39:00 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key 2021-04-29 17:39:00 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key 2021-04-29 17:39:00 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=enx000ec6ca331e HWADDR=11:1e:b7:de:00:2f 2021-04-29 17:39:00 TUN/TAP device tun1 opened 2021-04-29 17:39:00 /sbin/ip link set dev tun1 up mtu 1500 2021-04-29 17:39:00 /sbin/ip link set dev tun1 up 2021-04-29 17:39:00 /sbin/ip addr add dev tun1 10.21.195.37/24 2021-04-29 17:39:00 updown.sh tun1 1500 1555 10.21.195.37 255.255.255.0 init updown.sh: STARTED updown.sh: hop number: 2 (default: 1) updown.sh: gateway of previous hop: 10.10.101.9 (default: local gateway) updown.sh: local gateway: 192.168.1.1 updown.sh: VPN: int. IP address: 10.21.195.37 updown.sh: VPN: netmask: 255.255.255.0 updown.sh: VPN: gateway: 10.21.195.1 updown.sh: VPN: public IP address: exit-ip-of-airvpn-server updown.sh: executing: '/usr/sbin/ip route add exit-ip-of-airvpn-server via 10.10.101.9' updown.sh: executing: '/usr/sbin/ip route add 0.0.0.0/2 via 10.21.195.1' updown.sh: executing: '/usr/sbin/ip route add 64.0.0.0/2 via 10.21.195.1' updown.sh: executing: '/usr/sbin/ip route add 128.0.0.0/2 via 10.21.195.1' updown.sh: executing: '/usr/sbin/ip route add 192.0.0.0/2 via 10.21.195.1' updown.sh: executing: '/usr/sbin/ip -6 route add 2000::/5 dev tun1' RTNETLINK answers: Operation not supported updown.sh: executing: '/usr/sbin/ip -6 route add 2800::/5 dev tun1' RTNETLINK answers: Operation not supported updown.sh: executing: '/usr/sbin/ip -6 route add 3000::/5 dev tun1' RTNETLINK answers: Operation not supported updown.sh: executing: '/usr/sbin/ip -6 route add 3800::/5 dev tun1' RTNETLINK answers: Operation not supported updown.sh: HINT: For the next hop, start openvpn with the following options: updown.sh: HINT: openvpn --config <config.conf> --script-security 2 --route remote_host --persist-tun --up updown.sh --down updown.sh --route-noexec --setenv hopid 3 --setenv prevgw 10.21.195.1 updown.sh: execuding: '/etc/openvpn/update-resolv-conf' dhcp-option DNS 10.21.195.1 updown.sh: FINISHED 2021-04-29 17:39:05 Initialization Sequence Completed How do I fix the "RTNETLINK: Operation not supported" issue? updown.sh
-
On my Linux desktops and Windows laptop I am able to select a NL server and view the geo-locked service BBC iPLayer in the UK using Eddie. I understand I am using the double-hop technique... I like to use this method as I have good speeds with NL servers. I have installed the AIrVPN NL config for my 'dedicated VPN' Asus router to view BBC iPlayer on my Apple TV but this procedure does not work via the Asus router. I have to select an AirVPN UK config to view BBC iPlayer. Is this correct?