Jump to content
Not connected, Your IP: 18.212.102.174

Recommended Posts

Aloha,

 

So here I'm trying my Airvpn for 30 days. Can't figure out one problem.Dns leak.

Hope to get some help here.

I have Kali linux, starting my connection with openvpn. However, after checking www.dnsleaktest.com it shows my isp nameserver. Damn.

I've figured out that these lines (up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf) should sort the problem.

It didn't.

Getting same leak. Over and over again. Can someone give me some sort of advice? Thank you!

 

 

Share this post


Link to post

Hello!

 

Welcome to AirVPN firstly!

 

Are you using the Eddie client with Network Lock? It doesn't sound like it. You can try out the experimental version or a portable version (so there's no mono issues or whatever).

 

Do check out ipleak.net too

 

Sent to you from me with datalove


Moderators do not speak on behalf of AirVPN. Only the Official Staff account does. Please also do not run Tor Exit Servers behind AirVPN, thank you.
Did you make a guide or how-to for something? Then contact me to get it listed in my new user guide's Guides Section, so that the community can find it more easily.

Share this post


Link to post

Hey LZ1,

 

Thanks for reply. I did try Eddie, portable version. However, experience was quite negative. Client can't connect, stops on the "Checking the route". It's impossible to copy logs. Any chance to do the job with openvpn only?Thanks

Share this post


Link to post

Aloha,

 

So here I'm trying my Airvpn for 30 days. Can't figure out one problem.Dns leak.

Hope to get some help here.

I have Kali linux, starting my connection with openvpn. However, after checking www.dnsleaktest.com it shows my isp nameserver. Damn.

I've figured out that these lines (up /etc/openvpn/update-resolv-conf

down /etc/openvpn/update-resolv-conf) should sort the problem.

It didn't.

Getting same leak. Over and over again. Can someone give me some sort of advice? Thank you!

Doesn't work with kali via openvpn - will result in DNS-Leaks.

try the portable Client without mono ;D

 

P.S. don't dist-upgrade only upgrade kali, otherwise the libcil will be replaced and some other lib's and it won't work anymore bc airvpn-client depends on those lib's...

That's the only solution I know for that ;D

Share this post


Link to post

@highchilled

There are no DNS leaks in Linux. Check resolv.conf

Can we get a bit more into the details? What I got in resolv.conf is my router ip address.So every time I'm connecting to vpn it keeps asking for dns servers through my router ip address, correct? How can we avoid that, without installing client? 

Share this post


Link to post

Post your logs if the update-resolv-conf method does not work.

Sometimes the update-resolve-conf script can be in a different location, that depends on where is the OpenVPN package installed,

and it can vary across different distributions.

 

See this for reference:

https://airvpn.org/topic/9608-how-to-accept-dns-push-on-linux-systems-with-resolvconf/


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

don't forget ya can run static, meaning from your router to yer box, take over yer whole local

if yer on a 'pentest' distro that's fine and all but truth is just roll yer own and go with one tool at a time

 

i've been playing with this stuff for years and first to tell you, my dd-wrt router does more than i got a clue about

 

learning and understanding how just one box can talk with a printer and back and forth still in awe of it

 

as ya prolly already figured out pentest distros tend to load up a lot of services and tools at boot

 

this is actually the correct config because they are designed to simply 'test'

 

yep you can mod them and all that to roll as a daily driver, nothin wrong with that but actually yer better off

 

just grabben xyz tools you want and starten from scratch, gentoo, arch etc and add yer mcluvn there

 

oh, and don't drop 40 hits of acid all at once, it's bad for the gerbals....

Share this post


Link to post

set your local to static from your router, switch to open source firmware if ya don't already have it

shut off the dhcp server on your local, with the static also assign your ip addresses via hostname/mac

i like to remove network-manager grab sysv-rc-conf shut down half the stuff upon boot, set your OS

to boot up with eth0 down and run all your connections from the terminal

ex: ifup eth0, stunel "xyzserver.ssl" --auth-nocache, openvpn --config "xyzserver.ovpn" --auth-nocache

run your wpa_supplicant all that from command line also, this gives you full control of your connections

which is what you want on a pentest distro don't forget to set your dns on your router to airvpn

and config your ifaces to static, this way if you lose power, everything back on same ip addys

also your iptables firewall, have that going also route your traffic

 

stunnel fix if ever needed:

# rm /usr/bin/stunnel
# ln -s /usr/bin/stunnel4 /usr/bin/stunnel
# cd /etc/stunnel
# touch stunnel.conf
# nano stunnel.conf
cert=/path/to/pem
key=/path/to/key

 

also stunnel/ssl configz via airvpn, 3 files

 

this works for me, might be a horrible idea for you 

 

cheerz

 

 

Dude! Thanks! Thats a nice mini-guide for me. Much appreciate

Share this post


Link to post

 

@highchilled

There are no DNS leaks in Linux. Check resolv.conf

 

https://airvpn.org/topic/18625-eddie-211beta-available/

 

Kind regards

Thanks - but I dont understand exactly; what should I look for in resolv.conf?

 

The name servers. Set the first nameserver to 10.4.0.1, with the line:

nameserver 10.4.0.1

 

when connected to the VPN.

 

You might also like to answer to zhang requests for additional investigations. Accepting DNS push on systemd based systems poses different issues than in initd based systems. Alternatively just run Eddie 2.11.3 beta, it directly and automatically manipulates resolv.conf

 

Kind regards

Share this post


Link to post

 

 

Thanks - but I dont understand exactly; what should I look for in resolv.conf?

@highchilled

There are no DNS leaks in Linux. Check resolv.conf

 

https://airvpn.org/topic/18625-eddie-211beta-available/

 

Kind regards

The name servers. Set the first nameserver to 10.4.0.1, with the line:

nameserver 10.4.0.1

 

when connected to the VPN.

 

You might also like to answer to zhang requests for additional investigations. Accepting DNS push on systemd based systems poses different issues than in initd based systems. Alternatively just run Eddie 2.11.3 beta, it directly and automatically manipulates resolv.conf

 

Kind regards

Dude, I feel like the biggest noob that I missed that - it works perfectly, and I just realize it worked like that all the time.. and just because I missed to edit the proper resolv.conf in /etc and instead tried to edit it in /etc/openvpn/resolv.conf...

 

So nice...  THANKS!!!

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...