Jump to content
Not connected, Your IP: 3.238.228.191
Sign in to follow this  
beryllium

ANSWERED Eddie login credentials check fails

Recommended Posts

Hello!
I've set up the Comodo Firewall as per the howto instructions shown here: https://airvpn.org/topic/3405-windows-comodo-prevent-leaks/

When I enter my username and password and click "Login", the process seems to fail, logs below:

! 2014.09.18 15:33:37 - Checking login ...
. 2014.09.18 15:33:49 - The operation has timed out
! 2014.09.18 15:33:52 - Logged in.

However, after the timeout it shows me as logged in and the "Login" button has changed to "Logout".


Also, when I try to connect to a server the credential check seems to also fail, logs below:

I 2014.09.18 15:36:02 - Session starting.
! 2014.09.18 15:36:02 - Checking environment
! 2014.09.18 15:36:04 - Checking authorization
. 2014.09.18 15:36:16 - The operation has timed out
! 2014.09.18 15:36:18 - Connecting to Leporis (Netherlands, Amsterdam)


It does connect to the server properly, I see the server (in this case Leporis) as my external IP, but looking at the logs, something that "route.exe" does is not working correctly, logs below:

. 2014.09.18 15:36:30 - OpenVPN > C:\Windows\system32\route.exe ADD 10.4.0.1 MASK 255.255.255.255 10.4.122.153
. 2014.09.18 15:36:30 - OpenVPN > ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct.   [status=160 if_index=19]
. 2014.09.18 15:36:30 - OpenVPN > Route addition via IPAPI failed [adaptive]
. 2014.09.18 15:36:30 - OpenVPN > Route addition fallback to route.exe
. 2014.09.18 15:36:30 - OpenVPN > env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem


I'm using Windows 7 with Windows Firewall disabled. The client is Eddie 2.5 and Comodo is the newest version as well.
In Eddie I've selected the server as Leporis, under Advanced -> General I have "Checking if the tunnel use AirVPN DNS" and "Checking if the tunnel effectively works" selected. DNS Switch mode is set to "Automatic", and under Windows settings "Force TAP interface UP" and "Force DNS" selected.
In Comodo "Application Rules" I've enabled "openvpn.exe", "AirVPN.exe" and "stunnel.exe" with a rule "Allow IP Out From MAC Any to MAC Any Where Protocol Is Any". Allowing "route.exe" did not fix the problem mentioned above. AirVPN is run as administrator.


Any help would be much appreciated.

--
Beryllium


Full logs:

! 2014.09.18 15:33:37 - Checking login ...
. 2014.09.18 15:33:49 - The operation has timed out
! 2014.09.18 15:33:52 - Logged in.
I 2014.09.18 15:36:02 - Session starting.
! 2014.09.18 15:36:02 - Checking environment
! 2014.09.18 15:36:04 - Checking authorization
. 2014.09.18 15:36:16 - The operation has timed out
! 2014.09.18 15:36:18 - Connecting to Leporis (Netherlands, Amsterdam)
. 2014.09.18 15:36:18 - OpenVPN > OpenVPN 2.3.4 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [iPv6] built on Aug 18 2014
. 2014.09.18 15:36:18 - OpenVPN > library versions: OpenSSL 1.0.1i 6 Aug 2014, LZO 2.05
. 2014.09.18 15:36:18 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100
. 2014.09.18 15:36:19 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file
. 2014.09.18 15:36:19 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.09.18 15:36:19 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.09.18 15:36:19 - OpenVPN > Socket Buffers: R=[8192->8192] S=[32767->32767]
. 2014.09.18 15:36:19 - OpenVPN > UDPv4 link local: [undef]
. 2014.09.18 15:36:19 - OpenVPN > UDPv4 link remote: [AF_INET]95.211.191.33:443
. 2014.09.18 15:36:19 - OpenVPN > TLS: Initial packet from [AF_INET]95.211.191.33:443, sid=2361112e 1b92e576
. 2014.09.18 15:36:19 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
. 2014.09.18 15:36:19 - OpenVPN > Validating certificate key usage
. 2014.09.18 15:36:19 - OpenVPN > ++ Certificate has key usage  00a0, expects 00a0
. 2014.09.18 15:36:19 - OpenVPN > VERIFY KU OK
. 2014.09.18 15:36:19 - OpenVPN > Validating certificate extended key usage
. 2014.09.18 15:36:19 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
. 2014.09.18 15:36:19 - OpenVPN > VERIFY EKU OK
. 2014.09.18 15:36:19 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
. 2014.09.18 15:36:23 - OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2014.09.18 15:36:23 - OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.09.18 15:36:23 - OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2014.09.18 15:36:23 - OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2014.09.18 15:36:23 - OpenVPN > Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA
. 2014.09.18 15:36:23 - OpenVPN > [server] Peer Connection Initiated with [AF_INET]95.211.191.33:443
. 2014.09.18 15:36:25 - OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
. 2014.09.18 15:36:25 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.122.154 10.4.122.153'
. 2014.09.18 15:36:25 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified
. 2014.09.18 15:36:25 - OpenVPN > OPTIONS IMPORT: LZO parms modified
. 2014.09.18 15:36:25 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified
. 2014.09.18 15:36:25 - OpenVPN > OPTIONS IMPORT: route options modified
. 2014.09.18 15:36:25 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
. 2014.09.18 15:36:25 - OpenVPN > do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
. 2014.09.18 15:36:25 - OpenVPN > open_tun, tt->ipv6=0
. 2014.09.18 15:36:25 - OpenVPN > TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{BEABCF98-FA7B-487B-B140-3F139804D203}.tap
. 2014.09.18 15:36:25 - OpenVPN > TAP-Windows Driver Version 9.9
. 2014.09.18 15:36:25 - OpenVPN > Notified TAP-Windows driver to set a DHCP IP/netmask of 10.4.122.154/255.255.255.252 on interface {BEABCF98-FA7B-487B-B140-3F139804D203} [DHCP-serv: 10.4.122.153, lease-time: 31536000]
. 2014.09.18 15:36:25 - OpenVPN > Successful ARP Flush on interface [19] {BEABCF98-FA7B-487B-B140-3F139804D203}
. 2014.09.18 15:36:30 - OpenVPN > TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
. 2014.09.18 15:36:30 - OpenVPN > C:\Windows\system32\route.exe ADD 95.211.191.33 MASK 255.255.255.255 10.150.119.228
. 2014.09.18 15:36:30 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
. 2014.09.18 15:36:30 - OpenVPN > Route addition via IPAPI succeeded [adaptive]
. 2014.09.18 15:36:30 - OpenVPN > C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.4.122.153
. 2014.09.18 15:36:30 - OpenVPN > ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct.   [status=160 if_index=19]
. 2014.09.18 15:36:30 - OpenVPN > Route addition via IPAPI failed [adaptive]
. 2014.09.18 15:36:30 - OpenVPN > Route addition fallback to route.exe
. 2014.09.18 15:36:30 - OpenVPN > env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
. 2014.09.18 15:36:30 - OpenVPN > C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.4.122.153
. 2014.09.18 15:36:30 - OpenVPN > ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct.   [status=160 if_index=19]
. 2014.09.18 15:36:30 - OpenVPN > Route addition via IPAPI failed [adaptive]
. 2014.09.18 15:36:30 - OpenVPN > Route addition fallback to route.exe
. 2014.09.18 15:36:30 - OpenVPN > env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
. 2014.09.18 15:36:30 - OpenVPN > C:\Windows\system32\route.exe ADD 10.4.0.1 MASK 255.255.255.255 10.4.122.153
. 2014.09.18 15:36:30 - OpenVPN > ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct.   [status=160 if_index=19]
. 2014.09.18 15:36:30 - OpenVPN > Route addition via IPAPI failed [adaptive]
. 2014.09.18 15:36:30 - OpenVPN > Route addition fallback to route.exe
. 2014.09.18 15:36:30 - OpenVPN > env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
. 2014.09.18 15:36:31 - Starting Management Interface
. 2014.09.18 15:36:31 - OpenVPN > Initialization Sequence Completed
! 2014.09.18 15:36:31 - Flushing DNS
! 2014.09.18 15:36:31 - Checking route
! 2014.09.18 15:36:32 - Checking DNS
! 2014.09.18 15:36:33 - Connected.
. 2014.09.18 15:36:33 - OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3100
. 2014.09.18 15:36:33 - OpenVpn Management > >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info

Share this post


Link to post

Hello!

I've set up the Comodo Firewall as per the howto instructions shown here: https://airvpn.org/topic/3405-windows-comodo-prevent-leaks/

 

When I enter my username and password and click "Login", the process seems to fail, logs below:

 

! 2014.09.18 15:33:37 - Checking login ...

. 2014.09.18 15:33:49 - The operation has timed out

! 2014.09.18 15:33:52 - Logged in.

 

However, after the timeout it shows me as logged in and the "Login" button has changed to "Logout".

 

Hello!

 

That's fine (in this case the logs might be a little misleading). Logging in the first authorization server hard coded in Eddie timed out (and that was due to Comodo rules) but then Eddie could manage to evade the 1st block.

 

In order to speed up the procedure please authorize (in Comodo global rules) packets to and from the following IP address:

54.246.124.152

 

A radical alternative would be disabling Comodo and relying on the "Network Lock" feature of Eddie, which uses (currently) Windows firewall.

 

. 2014.09.18 15:36:30 - OpenVPN > C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.4.122.153

. 2014.09.18 15:36:30 - OpenVPN > ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct.   [status=160 if_index=19]

 

This is another problem... we will investigate. Does it occur even if you disable Comodo completely?

 

Kind regards

Share this post


Link to post

Hello!

 

A radical alternative would be disabling Comodo and relying on the "Network Lock" feature of Eddie, which uses (currently) Windows firewall.

I'd rather use Comodo to have better control over application permissions.

 

 

 

beryllium, on 18 Sept 2014 - 16:04, said:snapback.png

. 2014.09.18 15:36:30 - OpenVPN > C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.4.122.153
. 2014.09.18 15:36:30 - OpenVPN > ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct.   [status=160 if_index=19]

This is another problem... we will investigate. Does it occur even if you disable Comodo completely?

I tried disabling Comodo completely, but the error persists.

Share this post


Link to post

I tried disabling Comodo completely, but the error persists.

beryllium, on 18 Sept 2014 - 16:04, said:snapback.png

This is another problem... we will investigate. Does it occur even if you disable Comodo completely?

. 2014.09.18 15:36:30 - OpenVPN > C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.4.122.153

. 2014.09.18 15:36:30 - OpenVPN > ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct.   [status=160 if_index=19]

 

 

Hello!

 

Try to add the following OpenVPN directives:

 

route-method exe
route-delay 2

 

In Eddie, you can add those directives in "Custom" field that you can see in  "AirVPN" -> "Preferences" -> "Advanced" -> "OVPN directives".

 

Feel free to keep us posted.

 

Kind regards

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...