Network Manager Bypassing VPN

Connection sharing, Firewall, Samba..etc
Forum rules
Before you post please read how to get help
Post Reply
taux1c
Level 1
Level 1
Posts: 9
Joined: Tue Aug 20, 2019 10:25 am

Network Manager Bypassing VPN

Post by taux1c » Tue Aug 20, 2019 11:22 am

I recently installed Linux Mint so I'm new to the specific distro. I am using cyberghost vpn. Everything says it is connected and I still have internet access. However if I go and check my information on status sites, what is my ip, google, cyberghost website, etc. It still shows my non-vpn information. If I set the connection to require vpn it does the same thing. If I disconnect the vpn it still shows the same information.

I have been trying to verify that the connection is in use. Thus far I haven't been able to determine but it is my belief that is isn't in use.

I tried a trace route and here are the results.

traceroute to www.google.com (172.217.4.68), 30 hops max, 60 byte packets
1 10.253.200.1 (10.253.200.1) 237.659 ms 237.639 ms 237.639 ms
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *


I tried a ping and here are the results:

PING www.google.com(ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004)) 56 data bytes
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=1 ttl=53 time=109 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=2 ttl=53 time=38.7 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=3 ttl=53 time=220 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=4 ttl=53 time=44.6 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=5 ttl=53 time=108 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=6 ttl=53 time=139 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=7 ttl=53 time=179 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=8 ttl=53 time=45.9 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=9 ttl=53 time=133 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=10 ttl=53 time=79.9 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=11 ttl=53 time=48.1 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=12 ttl=53 time=61.1 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=13 ttl=53 time=172 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=14 ttl=53 time=37.2 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=15 ttl=53 time=72.3 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=16 ttl=53 time=113 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=17 ttl=53 time=84.2 ms
64 bytes from ord36s04-in-x04.1e100.net (2607:f8b0:4009:800::2004): icmp_seq=18 ttl=53 time=80.8 ms
^C
--- www.google.com ping statistics ---
18 packets transmitted, 18 received, 0% packet loss, time 17023ms
rtt min/avg/max/mdev = 37.219/98.280/220.491/51.983 ms

User avatar
phd21
Level 19
Level 19
Posts: 9178
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: Network Manager Bypassing VPN

Post by phd21 » Tue Aug 20, 2019 12:42 pm

Hi taux1c,

Welcome to the wonderful world of Linux Mint and its excellent forum!

It would help to know more about your system setup and which VPN provider you use and what VPN connection protocol like "openVPN" or another you are using or want to use. If you run "inxi -Fxzd" from the console terminal prompt, highlight the results, copy and paste them back here, that should provide enough information.

Previous post with really good information
[SOLVED]How to fix dns leaks? - Linux Mint Forums
viewtopic.php?f=157&t=270477&hilit=openvpn


Hope this helps ...
Phd21: Mint KDE 18.3 & 19, 64-bit Awesome OS, Ancient Dell OptiPlex 780 Core2Duo E8400 3GHz,4gb Ram,256gb SDD, Video: Intel 4 Graphics, DVD Lightscribe. Why I use KDE?:https://opensource.com/life/15/4/9-reasons-to-use-kde

taux1c
Level 1
Level 1
Posts: 9
Joined: Tue Aug 20, 2019 10:25 am

Re: Network Manager Bypassing VPN

Post by taux1c » Thu Aug 22, 2019 11:30 am

Thank you for the reply!

I am using cyberghost vpn over the open vpn protocol. Below are the requested results.

System:
Host: Taux1c Kernel: 4.15.0-54-generic x86_64 bits: 64 compiler: gcc
v: 7.4.0 Desktop: Cinnamon 4.2.3 Distro: Linux Mint 19.2 Tina
base: Ubuntu 18.04 bionic
Machine:
Type: Laptop System: HP product: HP 15 Notebook PC
v: Type1 - ProductConfigId serial: <filter>
Mobo: Hewlett-Packard model: 233F v: 06.25 serial: <filter> UEFI: Insyde
v: F.23 date: 08/05/2015
Battery:
ID-1: BAT0 charge: 21.7 Wh condition: 21.7/21.7 Wh (100%)
model: Hewlett-Packard Primary status: Full
CPU:
Topology: Quad Core model: Intel Pentium N3540 bits: 64 type: MCP
arch: Silvermont rev: 8 L2 cache: 1024 KiB
flags: lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 17326
Speed: 583 MHz min/max: 500/2666 MHz Core speeds (MHz): 1: 536 2: 534
3: 500 4: 500
Graphics:
Device-1: Intel Atom Processor Z36xxx/Z37xxx Series Graphics & Display
vendor: Hewlett-Packard driver: i915 v: kernel bus ID: 00:02.0
Display: x11 server: X.Org 1.19.6 driver: modesetting unloaded: fbdev,vesa
resolution: 1366x768~60Hz
OpenGL: renderer: Mesa DRI Intel Bay Trail v: 4.2 Mesa 19.0.8
direct render: Yes
Audio:
Device-1: Intel Atom Processor Z36xxx/Z37xxx Series High Definition Audio
vendor: Hewlett-Packard driver: snd_hda_intel v: kernel bus ID: 00:1b.0
Sound Server: ALSA v: k4.15.0-54-generic
Network:
Device-1: Realtek RTL8188EE Wireless Network Adapter
vendor: Hewlett-Packard driver: rtl8188ee v: kernel port: 2000
bus ID: 02:00.0
IF: wlo1 state: up mac: <filter>
Device-2: Realtek RTL810xE PCI Express Fast Ethernet
vendor: Hewlett-Packard driver: r8169 v: 2.3LK-NAPI port: 1000
bus ID: 03:00.0
IF: enp3s0 state: down mac: <filter>
Drives:
Local Storage: total: 465.76 GiB used: 149.80 GiB (32.2%)
ID-1: /dev/sda vendor: Western Digital model: WD5000LPVX-60V0TT0
size: 465.76 GiB
Optical-1: /dev/sr0 vendor: hp model: DVDRW DU8A6SH rev: DH61
dev-links: cdrom,cdrw,dvd,dvdrw
Features: speed: 24 multisession: yes audio: yes dvd: yes
rw: cd-r,cd-rw,dvd-r,dvd-ram state: running
Partition:
ID-1: / size: 455.31 GiB used: 74.86 GiB (16.4%) fs: ext4 dev: /dev/dm-1
ID-2: /boot size: 704.5 MiB used: 78.1 MiB (11.1%) fs: ext4 dev: /dev/sda2
ID-3: swap-1 size: 979.5 MiB used: 0 KiB (0.0%) fs: swap dev: /dev/dm-3
Sensors:
System Temperatures: cpu: 75.0 C mobo: N/A
Fan Speeds (RPM): N/A
Info:
Processes: 238 Uptime: 2d 2h 08m Memory: 3.75 GiB used: 1.85 GiB (49.5%)
Init: systemd runlevel: 5 Compilers: gcc: 7.4.0 Shell: bash v: 4.4.20
inxi: 3.0.32

User avatar
phd21
Level 19
Level 19
Posts: 9178
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: Network Manager Bypassing VPN

Post by phd21 » Thu Aug 22, 2019 1:41 pm

Hi taux1c,

You are welcome...

I do not see anything wrong with the results of the "inxi -Fxzd" console terminal command, so that is a good thing.

Did you use the "import VPN" into the Network Manager (NM) option? It should be working if you did. In the NM when you click to enable a VPN server connection, does it say connected and show that? "ipleak.net" is a greate website to test your system to make sure your VPN is working and that your local IP address is not showing only the VPN server's IP address.

This post has some good information.
[SOLVED]How to fix dns leaks? - Linux Mint Forums
viewtopic.php?f=157&t=270477&hilit=openvpn

FYI: Your VPN provider CyberGhost also has Linux software available that is run the the console terminal.

https://www.cyberghostvpn.com/en_US/apps/linux-vpn

Hope this helps ...
Phd21: Mint KDE 18.3 & 19, 64-bit Awesome OS, Ancient Dell OptiPlex 780 Core2Duo E8400 3GHz,4gb Ram,256gb SDD, Video: Intel 4 Graphics, DVD Lightscribe. Why I use KDE?:https://opensource.com/life/15/4/9-reasons-to-use-kde

taux1c
Level 1
Level 1
Posts: 9
Joined: Tue Aug 20, 2019 10:25 am

Re: Network Manager Bypassing VPN

Post by taux1c » Thu Aug 22, 2019 3:59 pm

Thanks phd21,
I did use the import option when setting up the connection.
I am aware that cyberghost offers linux vpn via cli but it is only compatible with Ubuntu 16.04, 18.04, 19.04 and Fedora 29 & 30.
When I connect it does say connected. (One of the major reasons I am so thrown by this.)
I am actually leaving right now to go fishing for a couple hours but as soon as I get back I will go through the other forum about leaks. I just assumed it wasn't a leak because for dramatic purposes I set the vpn to columbia and nothing shows Columbia. Perhaps I'm just not familiar enough with what a leak is to understand that maybe that is the definition of a leak.

Thank you again for your rapid reply! I need to figure out how to get emails when I get replies. :)
Talk soon!

User avatar
majpooper
Level 5
Level 5
Posts: 911
Joined: Thu May 09, 2013 1:56 pm
Location: North Carolina, USA

Re: Network Manager Bypassing VPN

Post by majpooper » Thu Aug 22, 2019 4:33 pm

DNScrypt looks like a possible solution to your DNS leak. Even with a VPN DNS leak can still take place.
"DNS Leaking happens when your system, even after you've connected to a a VPN or anonymity network like Tor, continues to query your ISP's DNS servers every time you visit a new website, connect to a new server, or fire up a new internet-connected application."
The above comes from the lifehacker.com website that has a good explanation of DNS leak and how DNScrypt is a solution
https://lifehacker.com/how-to-boost-you ... -510386189

You may want to follow this HOW TO from this forum by JeffF73 and install the DNScrypt proxy
viewtopic.php?t=270777

User avatar
phd21
Level 19
Level 19
Posts: 9178
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: Network Manager Bypassing VPN

Post by phd21 » Thu Aug 22, 2019 4:59 pm

Hi taux1c,

You are welcome...
taux1c wrote:I did use the import option when setting up the connection. I am aware that cyberghost offers linux vpn via cli but it is only compatible with Ubuntu 16.04, 18.04, 19.04 and Fedora 29 & 30. When I connect it does say connected. (One of the major reasons I am so thrown by this.)
Okay, that's good you imported the openVPN configuration file(s) for the CyberGhost servers that you want to use. Does "ipleak" show that your local ISP public IP address changed to an IP address from your VPN provider's server like it is supposed to do?

FYI: Linux Mint is based on Ubuntu, so CyberGhost Linux client should work. Linux Mint 19.x is based on Ubuntu 18.04 and Linux Mint 18.x is based on Ubuntu 16.04.

Sometimes there can be a DNS leak when connected to a VPN provider's server which the information in the link I gave you can help with that. Just changing your local ISP default DNS servers to those from a DNS provider will protect you from that and everyone should be doing that anyway regardless whether you use a VPN or not.

Hope this helps ...
Phd21: Mint KDE 18.3 & 19, 64-bit Awesome OS, Ancient Dell OptiPlex 780 Core2Duo E8400 3GHz,4gb Ram,256gb SDD, Video: Intel 4 Graphics, DVD Lightscribe. Why I use KDE?:https://opensource.com/life/15/4/9-reasons-to-use-kde

taux1c
Level 1
Level 1
Posts: 9
Joined: Tue Aug 20, 2019 10:25 am

Re: Network Manager Bypassing VPN

Post by taux1c » Thu Aug 22, 2019 8:09 pm

So using IPLeak I found something interesting. My IP V4 it seems is routed through the proxy. IP v6 isn't. Any ideas on this? I suppose I could disable ipv 6 but I would rather not unless I have to.

taux1c
Level 1
Level 1
Posts: 9
Joined: Tue Aug 20, 2019 10:25 am

Re: Network Manager Bypassing VPN

Post by taux1c » Thu Aug 22, 2019 9:47 pm

Here is the results of the ip leak test.

https://www.sendspace.com/file/vxb0bm

taux1c
Level 1
Level 1
Posts: 9
Joined: Tue Aug 20, 2019 10:25 am

Re: Network Manager Bypassing VPN

Post by taux1c » Fri Aug 23, 2019 7:55 am

So I had time to look over the dns leak information. Definitely looks like that is what's going on. (To my understanding anyway.) I have also looked into the DNScrypt but I can't seem to find a valid source / install. I checked the life hacker links that are now just 404s. I didn't find it on the openDNS site (the site that life hacker linked to.) I did find a questionable source on git under openDNS repository but it looked as if it was just an unstable test version. (I should mention I have never compiled a source to install before. Always wanted to but was never able to get it to work like I wanted it to.)

taux1c
Level 1
Level 1
Posts: 9
Joined: Tue Aug 20, 2019 10:25 am

Re: Network Manager Bypassing VPN

Post by taux1c » Fri Aug 23, 2019 10:06 am

I have installed stubby as per https://www.linuxbabe.com/ubuntu/ubuntu ... s-over-tls

Still having a bit of trouble with it though. I have also disabled ipv6 and added the elements for blocking outside dns to the openvpn.ovpn file then imported the connection again. (same results)

Perhaps I missed something so I will review it again.

Just wanted to keep you guys up to speed on what I have tried. After installing stubby ipleak shows my traffic coming out in various locations. Sot it is most certainly leaking.

User avatar
phd21
Level 19
Level 19
Posts: 9178
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: Network Manager Bypassing VPN

Post by phd21 » Fri Aug 23, 2019 10:23 am

Hi taux1c,

To test if your VPN connection is working, go to a website like "ipleak.net" before connecting to a VPN server to see what your normal local ISP connection shows for your public (wan) IP address and what your ISP's default DNS servers are, and maybe print screen, or print to pdf or to an image this information, then connect to a VPN server location wait a few moments, then go to "ipleak.net" again or refresh its web page and compare the results, the public wan IP address should now be different from the local ISP and reflect the VPN server location and so should the DNS servers keeping in mind that some VPN provider's DNS servers may not be in the same location that the server you connected with is, but it should not be your Local ISP default DNS servers.

Changing your local ISP connection's default DNS servers to those from a secure and anonymous DNS provider like Cloudflare is a good idea whether or not anyone uses a VPN connection and if you use a VPN provider's servers and they leak DNS information, having changed them to a DNS providers servers will still keep you secure and anonymous. There are options to try and prevent DNS leaks with VPN providers that are leaking DNS information in the link I provided before.

For an even more secure DNS option "DNScrypt" is a good choice, but I prefer "DNS over TLS" which I think works well and is a little easier to setup and configure IMHO.

If your VPN connection is not changing your public IP address, or your local ISP IPv6 IP address is still showing, then you may have no choice but to use IPv4 only and disable IPv6, or use a different VPN provider.

FYI: You can attach a screenshot to your posts and or replies if their file sizes are below 200kb (small), or upload them to an image hosting website like "postimages.org" or "imgur" and then copy a direct link and paste that back into your post or replies (use the "rimg" in the forum toolbar so that remote images show up). There are various applications (Ksnip, converseen, various image editors, image browsers like Pix, etc...) that can rescale or shrink an image to below 200kb. The Slimjet browser has a built-in option for this.


Hope this helps ...
Phd21: Mint KDE 18.3 & 19, 64-bit Awesome OS, Ancient Dell OptiPlex 780 Core2Duo E8400 3GHz,4gb Ram,256gb SDD, Video: Intel 4 Graphics, DVD Lightscribe. Why I use KDE?:https://opensource.com/life/15/4/9-reasons-to-use-kde

Pippin
Level 4
Level 4
Posts: 273
Joined: Wed Dec 13, 2017 11:14 am
Location: NL/DE/TH

Re: Network Manager Bypassing VPN

Post by Pippin » Fri Aug 23, 2019 10:45 am

taux1c wrote:
Fri Aug 23, 2019 10:06 am
...
... I have also disabled ipv6
...
That was all you had to do (based on your result from ping and traceroute)
Everything is electric.

User avatar
catweazel
Level 19
Level 19
Posts: 9206
Joined: Fri Oct 12, 2012 9:44 pm
Location: Australian Antarctic Territory

Re: Network Manager Bypassing VPN

Post by catweazel » Fri Aug 23, 2019 11:07 am

taux1c wrote:
Thu Aug 22, 2019 8:09 pm
So using IPLeak I found something interesting. My IP V4 it seems is routed through the proxy. IP v6 isn't. Any ideas on this? I suppose I could disable ipv 6 but I would rather not unless I have to.
All you need to do is change the DNS servers on your router.
¡uʍop ǝpısdn sı buıɥʇʎɹǝʌǝ os ɐıןɐɹʇsnɐ ɯoɹɟ ɯ,ı

taux1c
Level 1
Level 1
Posts: 9
Joined: Tue Aug 20, 2019 10:25 am

Re: Network Manager Bypassing VPN

Post by taux1c » Fri Aug 23, 2019 5:40 pm

Thank everyone for the input. I am starting to think this network manager is junk. I have disabled ipv6 and it still shows as using ipv6. Also not using vpn. I then reboot and still showing my ip nothing from vpn and still using ipv6 with ipv4 as a fall back. I made a fresh install of Mint and still the same thing. I removed the openvpn and openvpn network-manager packages and reinstalled then reloaded the packages. No change except I could no longer import connection info. Rebooted and still the same results. Re-installed mint again and have tried all of this again on a fresh install and still nothing. Not sure if it's just junk or something that I'm doing but since I have followed the guides provided here as well as others I am leaning more to the side of it just being junk. Is there a better network manager I should be using rather than the default provided by linux mint?

taux1c
Level 1
Level 1
Posts: 9
Joined: Tue Aug 20, 2019 10:25 am

Re: Network Manager Bypassing VPN

Post by taux1c » Fri Aug 23, 2019 5:52 pm

Using this guide https://zillowtech.com/disable-disable-ipv6-linux.html I was able to force deactivation of ipv6 and not really happy about being on ipv4 only I am now successfully routed through the vpn.

User avatar
phd21
Level 19
Level 19
Posts: 9178
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: Network Manager Bypassing VPN

Post by phd21 » Fri Aug 23, 2019 6:01 pm

Hi taux1c,

You are welcome from all of us that replied...

You did not need to go through all that extra effort to accomplish this. Also, if your router supports VPN, then you can setup your VPN through that as well and re-enable the IPv6 on your computer if you want.
Phd21: Mint KDE 18.3 & 19, 64-bit Awesome OS, Ancient Dell OptiPlex 780 Core2Duo E8400 3GHz,4gb Ram,256gb SDD, Video: Intel 4 Graphics, DVD Lightscribe. Why I use KDE?:https://opensource.com/life/15/4/9-reasons-to-use-kde

Post Reply

Return to “Other networking topics”