Jump to content
Not connected, Your IP: 18.188.61.223
AirVPN
harold_l

Connection issue only with SSL and SSH protocol

By harold_l, ... in Troubleshooting and Problems

Recommended Posts

harold_l    0

harold_l
Posted ...

Hi Community,

 

I've been working on a case for many hours, and I can't figure out what's wrong.

I've issue to connect AirVPN with some protocols. The Eddie Client try to connect over and over on different server without establish the connection.

 

- UDP and TCP on all port and all IP are OK (I tested one by one )

- SSL all ports all IP NOK

- SSH all port all IP NOK

 

My Environnement :

- Windows 10 1803

- Firewall disabled

- Antivirus disabled

- Eddie 2.15.2 the last

- Orange France ISP

- Ethernet card wired 1 Gbps LAN

- Ryzen 2600X CPU

 

Eddie config :

- TCP/UDP buffer size 512 KB

- Layer IPv6 to BLOCK

- IP Prot used for connection to IPv4 ONLY

- Interface used for connection to Ethernet

- Other config are the default ones

 

Here some logs of an SSL 443 IP 2 connection :

 

I 2018.07.19 16:59:05 - Session starting.
I 2018.07.19 16:59:05 - Checking authorization ...
. 2018.07.19 16:59:06 - IPv6 disabled with packet filtering.
! 2018.07.19 16:59:06 - Connecting to Gienah (Netherlands, Alblasserdam)
. 2018.07.19 16:59:06 - Routes, added a new route, 213.152.162.95 for gateway 192.168.1.1
. 2018.07.19 16:59:06 - SSL > 2018.07.19 16:59:06 LOG5[ui]: stunnel 5.40 on x86-pc-mingw32-gnu platform
. 2018.07.19 16:59:06 - SSL > 2018.07.19 16:59:06 LOG5[ui]: Compiled/running with OpenSSL 1.0.2k 26 Jan 2017
. 2018.07.19 16:59:06 - SSL > 2018.07.19 16:59:06 LOG5[ui]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,OCSP,PSK,SNI
. 2018.07.19 16:59:06 - SSL > 2018.07.19 16:59:06 LOG5[ui]: Reading configuration from file C:\*\AppData\Local\AirVPN\9f9d6b2a288678dd7cd7d6c9435f5a6f698999a7eb024b0d200d43ff160300b6.tmp.ssl
. 2018.07.19 16:59:06 - SSL > 2018.07.19 16:59:06 LOG5[ui]: UTF-8 byte order mark not detected
. 2018.07.19 16:59:06 - SSL > 2018.07.19 16:59:06 LOG6[ui]: Initializing service [openvpn]
. 2018.07.19 16:59:06 - SSL > 2018.07.19 16:59:06 LOG4[ui]: Service [openvpn] needs authentication to prevent MITM attacks
. 2018.07.19 16:59:06 - SSL > 2018.07.19 16:59:06 LOG5[ui]: Configuration successful
. 2018.07.19 16:59:06 - OpenVPN > OpenVPN 2.4.6 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 27 2018
. 2018.07.19 16:59:06 - OpenVPN > Windows version 6.2 (Windows 8 or greater) 64bit
. 2018.07.19 16:59:06 - OpenVPN > library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10
. 2018.07.19 16:59:06 - Connection to OpenVPN Management Interface
. 2018.07.19 16:59:06 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100
. 2018.07.19 16:59:06 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2018.07.19 16:59:06 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2018.07.19 16:59:06 - OpenVPN > TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:53481
. 2018.07.19 16:59:06 - OpenVPN > Socket Buffers: R=[65536->524288] S=[65536->524288]
. 2018.07.19 16:59:06 - OpenVPN > Attempting to establish TCP connection with [AF_INET]127.0.0.1:53481 [nonblock]
. 2018.07.19 16:59:07 - OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3100
. 2018.07.19 17:00:06 - SSL > 2018.07.19 17:00:06 LOG6[cron]: Executing cron jobs
. 2018.07.19 17:00:06 - SSL > 2018.07.19 17:00:06 LOG6[cron]: Cron jobs completed in 0 seconds
. 2018.07.19 17:01:06 - OpenVPN > TCP: connect to [AF_INET]127.0.0.1:53481 failed: Unknown error
. 2018.07.19 17:01:06 - OpenVPN > SIGUSR1[connection failed(soft),init_instance] received, process restarting
. 2018.07.19 17:01:06 - OpenVPN > Restart pause, 5 second(s)
! 2018.07.19 17:01:06 - Disconnecting
. 2018.07.19 17:01:07 - Routes, removed a route previously added, 213.152.162.95 for gateway 192.168.1.1
. 2018.07.19 17:01:07 - Sending management termination signal
. 2018.07.19 17:01:07 - Management - Send 'signal SIGTERM'
. 2018.07.19 17:01:07 - OpenVPN > MANAGEMENT: CMD 'c5d8b01266873afe568bf401b8d2f49d3291b4a5630f694846e20d44c8521f0c'
. 2018.07.19 17:01:11 - OpenVPN > MANAGEMENT: Client disconnected
. 2018.07.19 17:01:11 - OpenVPN > All connections have been connect-retry-max (1) times unsuccessful, exiting
. 2018.07.19 17:01:11 - OpenVPN > Exiting due to fatal error
. 2018.07.19 17:01:16 - Sending soft termination signal
. 2018.07.19 17:01:16 - Connection terminated.
. 2018.07.19 17:01:16 - IPv6 restored with packet filtering.

 

Here some logs of an SSH port 22 IP 1 :

 

I 2018.07.19 17:27:48 - Session starting.
I 2018.07.19 17:27:48 - Checking authorization ...
. 2018.07.19 17:27:48 - IPv6 disabled with packet filtering.
! 2018.07.19 17:27:48 - Connecting to Ancha (Netherlands, Alblasserdam)
. 2018.07.19 17:27:48 - Routes, added a new route, 213.152.162.164 for gateway 192.168.1.1
. 2018.07.19 17:27:48 - SSH > Looking up host "213.152.162.164"
. 2018.07.19 17:27:48 - SSH > Connecting to 213.152.162.164 port 22
. 2018.07.19 17:27:48 - SSH > We claim version: SSH-2.0-PuTTY_Release_0.67
. 2018.07.19 17:27:48 - SSH > Server version: SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u1
. 2018.07.19 17:27:48 - SSH > Using SSH protocol version 2
. 2018.07.19 17:27:49 - SSH > Doing Diffie-Hellman group exchange
. 2018.07.19 17:27:49 - SSH > Doing Diffie-Hellman key exchange with hash SHA-256
. 2018.07.19 17:27:49 - SSH > Host key fingerprint is:
. 2018.07.19 17:27:49 - SSH > ssh-rsa 2048 4d:79:1e:2c:fe:a2:ce:2d:9b:ff:5d:fb:eb:f0:6e:a9
. 2018.07.19 17:27:49 - SSH > Initialised AES-256 SDCTR client->server encryption
. 2018.07.19 17:27:49 - SSH > Initialised HMAC-SHA-256 client->server MAC algorithm
. 2018.07.19 17:27:49 - SSH > Initialised AES-256 SDCTR server->client encryption
. 2018.07.19 17:27:49 - SSH > Initialised HMAC-SHA-256 server->client MAC algorithm
. 2018.07.19 17:27:49 - SSH > Reading private key file "C:\Users\*\Local\AirVPN\5636ac2f3f6fd940306bfa8eba4fb6b866cb06fa01a8590bacd500dfdb0c54cb.tmp.ppk"
. 2018.07.19 17:27:49 - SSH > Using username "sshtunnel".
. 2018.07.19 17:27:49 - SSH > Offered public key
. 2018.07.19 17:27:49 - SSH > Offer of public key accepted
. 2018.07.19 17:27:49 - SSH > Authenticating with public key ""
. 2018.07.19 17:27:49 - SSH > Sent public key signature
. 2018.07.19 17:27:49 - SSH > Access granted
. 2018.07.19 17:27:49 - SSH > Local port 24747 forwarding to 127.0.0.1:2018
. 2018.07.19 17:27:49 - SSH > Remote debug message: PTY allocation disabled.
. 2018.07.19 17:27:49 - SSH > Remote debug message: X11 forwarding disabled.
. 2018.07.19 17:27:49 - SSH > Remote debug message: Forced command.
. 2018.07.19 17:27:49 - SSH > Remote debug message: PTY allocation disabled.
. 2018.07.19 17:27:49 - SSH > Remote debug message: X11 forwarding disabled.
. 2018.07.19 17:27:49 - SSH > Remote debug message: Forced command.
. 2018.07.19 17:27:49 - OpenVPN > OpenVPN 2.4.6 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 27 2018
. 2018.07.19 17:27:49 - OpenVPN > Windows version 6.2 (Windows 8 or greater) 64bit
. 2018.07.19 17:27:49 - OpenVPN > library versions: OpenSSL 1.1.0h  27 Mar 2018, LZO 2.10
. 2018.07.19 17:27:49 - Connection to OpenVPN Management Interface
. 2018.07.19 17:27:49 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100
. 2018.07.19 17:27:49 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2018.07.19 17:27:49 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2018.07.19 17:27:49 - OpenVPN > TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:24747
. 2018.07.19 17:27:49 - OpenVPN > Socket Buffers: R=[65536->524288] S=[65536->524288]
. 2018.07.19 17:27:49 - OpenVPN > Attempting to establish TCP connection with [AF_INET]127.0.0.1:24747 [nonblock]
. 2018.07.19 17:27:49 - OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3100
. 2018.07.19 17:28:37 - Updating systems & servers data ...
. 2018.07.19 17:28:38 - Systems & servers data update completed
. 2018.07.19 17:29:49 - OpenVPN > TCP: connect to [AF_INET]127.0.0.1:24747 failed: Unknown error
. 2018.07.19 17:29:49 - OpenVPN > SIGUSR1[connection failed(soft),init_instance] received, process restarting
. 2018.07.19 17:29:49 - OpenVPN > Restart pause, 5 second(s)
! 2018.07.19 17:29:49 - Disconnecting
. 2018.07.19 17:29:49 - Routes, removed a route previously added, 213.152.162.164 for gateway 192.168.1.1
. 2018.07.19 17:29:49 - Sending management termination signal
. 2018.07.19 17:29:49 - Management - Send 'signal SIGTERM'
. 2018.07.19 17:29:49 - OpenVPN > MANAGEMENT: CMD '39cea6bd844dbb8b26bbf6fb5a9463d9775f43fcab5928b650850b0ec633839a'
. 2018.07.19 17:29:54 - OpenVPN > MANAGEMENT: Client disconnected
. 2018.07.19 17:29:54 - OpenVPN > All connections have been connect-retry-max (1) times unsuccessful, exiting
. 2018.07.19 17:29:54 - OpenVPN > Exiting due to fatal error
. 2018.07.19 17:29:59 - Sending soft termination signal
. 2018.07.19 17:29:59 - Connection terminated.
. 2018.07.19 17:29:59 - IPv6 restored with packet filtering.

 

Same Error on both case :

OpenVPN > TCP: connect to [AF_INET]127.0.0.1:24747 failed: Unknown error 

 

 

Any ideas ?

Share this post

Link to post

nick75    25

nick75
Posted ...

Hello,

 

It seems like there's a problem on the loopback: either there are some firewall rules blocking the loopback (very unlikely) or the port is already busy.

Can you type this in a prompt as administrator:

netstat -a -b > C:\net_result.txt

This will create a file named net_result.txt in your C drive, can you post its content?

You may want to redact its content to remove your login name.

 

Also check that you don't have any anti-malware installed (Malwarebytes, Bytefence etc...)

Share this post

Link to post

Nasdaq    10

Nasdaq
Posted ...

Hi guys!

 

I have the same problem.

 

I solved it this way :

 

- TCP/UDP buffer size (send-receive) : Automatic

- Layer IPv4 : inside tunnel if supported, otherwise blocked

- Layer IPv6 : inside tunnel if supported, otherwise blocked

- IP Prot used for connection to : IPv4, IPv6

- Interface used for connection to : Automatic

 

 

- DNS switch mode : Automatic

- Check AirVPN DNS

- Ensure DNS Lock

 

Network Lock :

- Windows Firewall (not recommended)

- Incoming : block

- Outcoming : block

- Allow lan/private

- Allow ping

 

And I setup rules of Windows Firewall to : On (private and public)

 

Eddie - In - Allow local

Eddie - In - Allow VPN

Eddie - In - ICMP IPv4

Eddie - In - ICMP IPv6 

 

Eddie - Out - : are the default ones

 

 

I tested it using "netstat -a" & "netsat -b" and nothing pass outside SSL tunnel

 

Using Windows Filtering Platform or Automatic doesn't work.

 

If someone has a better idea, I'm ready to test it. 

 

Best regards

knighthawk reacted to this

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Go To Topic Listing
×
×
  • Create New...