OpenVPN - Succesfully connected but cannot browse

[Tibbs]

Hello!

I hope someone will be able to help me out with this. I have Googled the problem I'm having and it seems like I'm not the only one but I am yet to come across the solution or figure out exactly what is going wrong. I use ProXPN as my VPN provider and they do not provide any support for OpenVPN on Linux, however, I have taken the config files from my Windows installation and imported them into Linux using Network Manager.

It all seems to have worked okay and I get a notification that the VPN connection was succesful, but while connected I seem to lose all internet connectivity. I cannot browse the internet or ping any addresses.

I have no idea what is causing this.

If anyone has any idea what could be causing this and how to fix it, I'd sure appreciate your help!

I'm using Linux Mint 16 32-bit.

[twinkel]

if you run

Code: Select all

route -n

in a terminal you will see that all internet traffic is routed through your vpn, you should disable this in the vpn configuration in network manager. I dont know how, because I don't use openVPN.

[Tibbs]

if you run

Code: Select all

route -n

in a terminal you will see that all internet traffic is routed through your vpn, you should disable this in the vpn configuration in network manager. I dont know how, because I don't use openVPN.

Don't I want my internet traffic to be routed through my VPN? I use the VPN to keep my traffic secure when using open hotspots at cafes etc.

[twinkel]

ok, but in that case you want to route all your vpn traffic through your vpn. (some people only use the vpn to get specific info from e.g. an employers system)

You also have to make sure that the other end routes your ip through to the internet.

you could run

Code: Select all

traceroute 8.8.8.8

to see how far it gets.

[dazhann2]

I have this browsing issue as well. I can use use it for torrent traffic. I know its working as I have "torguard whats my ip" running in qbitorrent and it shows the ip is the vpn's. Problem is I can not browse. I appreciate that with a vpn running it will be slower then normal, but Im not connecting at all, the brower times out tring to connect. I've tried changing dns to googles 8.8.8.8 8.8.4.4, I've disconnected and then removed firewall, I've ticked "use this connection only for resources on this netwok" in the ipv4 settings, routes tab in editting options, that worked I could connect to the internet, but when I did a whats my ip check I was still using my local ip.
All of these have been offered as possible solutions when I have googled. Any other suggestions?

[twinkel]

Does your browser use a local proxy which forces ip traffic through your own ip?

if your torrent shows the vpn ip then obviously, there is an other interface on your system (find out with ifconfig) which routes traffic through your vpn (find out with route -n).

Still, if you do a traceroute, you will find out how standard ip traffic is routed to the outside world, that would be a good starting point to exclude other issues
next would probably be to investigate if you have a proper dns setup and your firewall.

[dazhann2]

Thanks for reply, I'll try to answer all you questions.
Browser, Firefox, no proxy
ifconfig result no open vpn
eth0 Link encap:Ethernet HWaddr 00:13:72:23:ec:18
inet addr:192.168.2.5 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::213:72ff:fe23:ec18/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:327835 errors:0 dropped:0 overruns:0 frame:0
TX packets:223884 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:447563608 (447.5 MB) TX bytes:19978628 (19.9 MB)
Interrupt:16

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:6330 errors:0 dropped:0 overruns:0 frame:0
TX packets:6330 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:771244 (771.2 KB) TX bytes:771244 (771.2 KB)

ifconfig open vpn on
eth0 Link encap:Ethernet HWaddr 00:13:72:23:ec:18
inet addr:192.168.2.5 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::213:72ff:fe23:ec18/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:328546 errors:0 dropped:0 overruns:0 frame:0
TX packets:224620 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:448130715 (448.1 MB) TX bytes:20070416 (20.0 MB)
Interrupt:16

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:6487 errors:0 dropped:0 overruns:0 frame:0
TX packets:6487 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:785299 (785.2 KB) TX bytes:785299 (785.2 KB)

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.128.128.2 P-t-P:10.128.128.2 Mask:255.255.255.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:207 errors:0 dropped:0 overruns:0 frame:0
TX packets:280 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:63210 (63.2 KB) TX bytes:35710 (35.7 KB)

route -n vpn off
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0
192.168.2.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0

route -n vpn on
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.128.128.1 0.0.0.0 UG 0 0 0 tun0
10.128.128.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0
162.243.72.22 192.168.2.1 255.255.255.255 UGH 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0
192.168.2.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0

I'm not sure how to use traceroute, terminal commands say not installed, so I install it and re run, but I don't get a result. I think I am not using right command.

As to firewall uninstalled. Dns settings are googles.
thanks again

[dazhann2]

Right figured out traceroute.

with openvpn off
traceroute to bbc.com (212.58.244.18), 30 hops max, 60 byte packets
1 192.168.2.1 (192.168.2.1) 0.392 ms 0.457 ms 0.569 ms
2 wlg-cust-2-lo-1.actrix.co.nz (192.100.53.7) 207.439 ms 207.722 ms 208.191 ms
3 * * *
4 * * *
5 * * *
6 * unknown.telstraglobal.net (134.159.174.37) 124.750 ms unknown.telstraglobal.net (134.159.174.41) 84.621 ms
7 i-0-6-1-1.tlot-core01.bx.telstraglobal.net (202.84.223.85) 208.760 ms i-0-0-4-1.tlot-core01.bx.telstraglobal.net (202.84.142.106) 208.257 ms i-0-0-4-0.tlot-core01.bx.telstraglobal.net (202.84.142.118) 209.212 ms
8 i-1-0-0.nwk-core01.bi.telstraglobal.net (202.40.149.201) 285.571 ms 286.720 ms i-5-0-0.nwk-core01.bi.telstraglobal.net (202.84.141.130) 286.863 ms
9 i-0-3-0-2.ulhc-core01.bx.telstraglobal.net (202.84.143.230) 356.463 ms 357.418 ms 358.143 ms
10 i-0-0-1-3.ulco04.bi.telstraglobal.net (202.40.148.230) 358.609 ms 356.859 ms i-0-0-2-2.ulco04.bi.telstraglobal.net (202.40.148.234) 360.036 ms
11 bbc-linx.pr01.rbsov.bbc.co.uk (195.66.236.103) 359.510 ms 358.999 ms 391.460 ms
12 * * *
13 * * *
14 ae0.er01.telhc.bbc.co.uk (132.185.254.109) 364.729 ms 364.543 ms 365.109 ms
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

With openvpn on

traceroute to bbc.com (212.58.246.104), 30 hops max, 60 byte packets
1 10.128.128.1 (10.128.128.1) 291.809 ms 292.741 ms 294.595 ms
2 107.170.24.253 (107.170.24.253) 297.032 ms 297.501 ms 297.972 ms
3 192.241.164.241 (192.241.164.241) 300.414 ms 301.868 ms 302.340 ms
4 nyk-b5-link.telia.net (62.115.44.241) 304.039 ms 306.540 ms 306.947 ms
5 nyk-bb2-link.telia.net (213.155.133.12) 309.878 ms nyk-bb1-link.telia.net (213.155.133.10) 325.438 ms nyk-bb2-link.telia.net (80.91.254.39) 310.817 ms
6 ldn-bb1-link.telia.net (213.248.65.89) 387.669 ms ldn-bb2-link.telia.net (213.155.135.66) 362.135 ms ldn-bb2-link.telia.net (213.155.135.70) 362.775 ms
7 ldn-b3-link.telia.net (80.91.247.86) 375.765 ms ldn-b3-link.telia.net (213.155.133.3) 368.058 ms ldn-b3-link.telia.net (80.91.247.86) 376.159 ms
8 atos-ic-124708-ldn-b2.c.telia.net (213.248.104.70) 368.502 ms 370.447 ms 369.934 ms
9 * * *
10 * * *
11 ae0.er01.cwwtf.bbc.co.uk (132.185.254.93) 380.865 ms 382.834 ms 363.120 ms
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

[jobangles]

I have similar problem as follows:-

Hi, I am running a Linux Mint 16 64-bit system, Linux Kernel 3.11.0-12-generic, Cinnamon Version 2.0.14. I have had great VPN service until about a week ago. I have followed linux help re "FullyRouted-All.ovpn" I can connect to "br4.bolehvpn.net" with HTTPS protocol but cannot browse with Firefox 30.0 for Linux Mint-1.0
"Server Not Found" Have trolled Internet, tried fixes, reinstalled system, tried Knoppix, tried Slackware(to complicated). Somting has changed causing a once great setup to now fail. Any help greatly appreciated. Attached files may help you to find problem. Thanking you in advance, graham.

Syslog:

Code: Select all

Jun 20 12:00:06 Hal NetworkManager[1044]: <info> Starting VPN service 'openvpn'...
Jun 20 12:00:06 Hal NetworkManager[1044]: <info> VPN service 'openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 4997
Jun 20 12:00:06 Hal NetworkManager[1044]: <info> VPN service 'openvpn' appeared; activating connections
Jun 20 12:00:06 Hal NetworkManager[1044]: <info> VPN plugin state changed: starting (3)
Jun 20 12:00:06 Hal NetworkManager[1044]: <info> VPN connection 'BolehVPN FullyRouted (LUX) #1' (Connect) reply received.
Jun 20 12:00:06 Hal nm-openvpn[5000]: OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Jul 12 2013
Jun 20 12:00:06 Hal nm-openvpn[5000]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jun 20 12:00:06 Hal nm-openvpn[5000]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jun 20 12:00:06 Hal nm-openvpn[5000]: Control Channel Authentication: using '/etc/openvpn/keys/ta.key' as a OpenVPN static key file
Jun 20 12:00:06 Hal nm-openvpn[5000]: UDPv4 link local: [undef]
Jun 20 12:00:06 Hal nm-openvpn[5000]: UDPv4 link remote: [AF_INET]212.117.176.3:443
Jun 20 12:00:12 Hal nm-openvpn[5000]: [server] Peer Connection Initiated with [AF_INET]212.117.176.3:443
Jun 20 12:00:14 Hal nm-openvpn[5000]: TUN/TAP device tun0 opened
Jun 20 12:00:14 Hal nm-openvpn[5000]: /usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper tun0 1500 1558 10.10.12.34 10.10.12.33 init
Jun 20 12:00:14 Hal NetworkManager[1044]:    SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tun0, iface: tun0)
Jun 20 12:00:14 Hal NetworkManager[1044]:    SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found.
Jun 20 12:00:14 Hal NetworkManager[1044]: <warn> /sys/devices/virtual/net/tun0: couldn't determine device driver; ignoring...
Jun 20 12:00:14 Hal NetworkManager[1044]: <info> VPN connection 'BolehVPN FullyRouted (LUX) #1' (IP4 Config Get) reply received from old-style plugin.
Jun 20 12:00:14 Hal NetworkManager[1044]: <info> VPN Gateway: 212.117.176.3
Jun 20 12:00:14 Hal NetworkManager[1044]: <info> Tunnel Device: tun0
Jun 20 12:00:14 Hal NetworkManager[1044]: <info> IPv4 configuration:
Jun 20 12:00:14 Hal NetworkManager[1044]: <info>   Internal Gateway: 10.10.12.33
Jun 20 12:00:14 Hal NetworkManager[1044]: <info>   Internal Address: 10.10.12.34
Jun 20 12:00:14 Hal NetworkManager[1044]: <info>   Internal Prefix: 32
Jun 20 12:00:14 Hal NetworkManager[1044]: <info>   Internal Point-to-Point Address: 10.10.12.33
Jun 20 12:00:14 Hal NetworkManager[1044]: <info>   Maximum Segment Size (MSS): 0
Jun 20 12:00:14 Hal NetworkManager[1044]: <info>   Forbid Default Route: no
Jun 20 12:00:14 Hal NetworkManager[1044]: <info>   Internal DNS: 78.138.98.82
Jun 20 12:00:14 Hal NetworkManager[1044]: <info>   DNS Domain: '(none)'
Jun 20 12:00:14 Hal NetworkManager[1044]: <info> No IPv6 configuration
Jun 20 12:00:14 Hal nm-openvpn[5000]: Initialization Sequence Completed
Jun 20 12:00:15 Hal NetworkManager[1044]: <info> VPN connection 'BolehVPN FullyRouted (LUX) #1' (IP Config Get) complete.
Jun 20 12:00:15 Hal NetworkManager[1044]: <info> Policy set 'BolehVPN FullyRouted (LUX) #1' (tun0) as default for IPv4 routing and DNS.
Jun 20 12:00:15 Hal NetworkManager[1044]: <info> Writing DNS information to /sbin/resolvconf
Jun 20 12:00:15 Hal dnsmasq[1555]: setting upstream servers from DBus
Jun 20 12:00:15 Hal dnsmasq[1555]: using nameserver 78.138.98.82#53
Jun 20 12:00:15 Hal dbus[948]: [system] Activating service name='org.freedesktop.nm_dispatcher' (using servicehelper)
Jun 20 12:00:15 Hal NetworkManager[1044]: <info> VPN plugin state changed: started (4)
Jun 20 12:00:15 Hal dbus[948]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'

Route:

Code: Select all

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         10.10.12.33     0.0.0.0         UG    0      0        0 tun0
10.10.12.33     *               255.255.255.255 UH    0      0        0 tun0
192.168.1.0     *               255.255.255.0   U     1      0        0 eth0
212.117.176.3   192.168.1.1     255.255.255.255 UGH   0      0        0 eth0

FullyRouted-All.ovpn:

Code: Select all

script-security 2
client
dev tun
proto udp
route-delay 10
comp-lzo no

sndbuf 131072
rcvbuf 131072
nobind

cipher AES-128-CBC
tls-cipher TLS-DHE-RSA-WITH-AES-128-CBC-SHA

# Server List
# This list does not include Hong Kong and Sweden as those locations have limited bandwidth and should only be used if necessary
#Luxembourg
remote 94.242.228.140 443
remote 94.242.228.140 4343
remote 94.242.228.140 80
remote 94.242.228.140 8080
remote 212.117.176.2 443
remote 94.242.213.5 443
remote 94.242.213.6 443
remote 212.117.164.177 443
#Switzerland
remote 46.19.137.130 443
remote 46.19.137.131 443
#Netherlands
remote 62.212.85.79 443
#Sweden
remote 188.126.92.66 443
remote 178.73.195.200 443
#Canada
remote 192.99.13.226 443
remote 198.27.81.65 443
#USA-Kansas
remote 208.110.65.98 443
#France
remote 62.210.162.7 443
remote 62.210.162.7 22
remote 62.210.162.7 56000
remote 62.210.162.7 56001
remote 62.210.162.7 56002
remote 62.210.162.7 56003

remote-random

resolv-retry 10
nobind

persist-key
#persist-tun
keepalive 3 10

ns-cert-type server

# Set log file verbosity.
verb 4

# Silence repeating messages
mute 20

#User Info
ca /etc/openvpn/certs/ca.crt
cert /etc/openvpn/certs/jobangles.crt
key /etc/openvpn/keys/jobangles.key
tls-auth /etc/openvpn/keys/ta.key 1

Versions:

Code: Select all

openvpn			Installed- 2.3.2-4ubuntu1	Latest- 2.3.2-4ubuntu1
network-manager		Installed- 0.9.8.0-0ubuntu22 	Latest- 0.9.8.0-0ubuntu22
network-manager-gnome	Installed- 0.9.8.0-1ubuntu5.1	Latest- 0.9.8.0-1ubuntu5.1

[jobangles]

Fixed! Problem was at VPN server end. Thanks