OpenVPN brocken

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help
User avatar
phd21
Level 19
Level 19
Posts: 9447
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: OpenVPN brocken

Post by phd21 » Wed Apr 25, 2018 5:06 pm

HI wf54,
wf54 wrote:Tried again, even copied and pasted you code but still the red highlight. Irritatingly I just really needed the VPN for Kodi with the TV's and could do without it on the computer. Then I've found out that the app on Amazon isn't compatible to the stick but their App on Google is. Work that one out, not having both apps on Amazon and Google :?:
It is really smart to use a VPN provider for security reasons and because it allows access to "geoblocked" content when using Kodi and other multimedia servers, browsers, etc...

I would use the Cloudflare DNS entries. Try adding them one at a time, enter in one, click the plus sign to add the other, click apply/ok, and let us know what happens. If they are entered in correctly with the proper format, you should not be getting the red box?

As was mentioned, your session with your VPN provider's support staff may have messed up your Linux Mint system's handling of VPNs and network connections. It would be nice to know exactly what they did. There is no reason you should not be able to connect to whichever VPN server location you want.

I would still try using a free vpn provider like "vpnbook" to check your system out and see if you can connect to one or more of their servers without issues. The free VPN provider vpnbook only has a few vpn server locations and probably will not allow Kodi and other apps like that, but trying it and seeing if your browsers are using that vpn connection will let you and us know if your system is ok.

You can always try another paid for VPN provider as well like the excellent low cost "Private Internet Access (PIA)" or "ProtonVPN", etc...

Good luck and keep us posted...
Phd21: Mint KDE 18.3 & 19, 64-bit Awesome OS, Ancient Dell OptiPlex 780 Core2Duo E8400 3GHz,4gb Ram,256gb SDD, Video: Intel 4 Graphics, DVD Lightscribe. Why I use KDE?:https://opensource.com/life/15/4/9-reasons-to-use-kde

wf54
Level 2
Level 2
Posts: 90
Joined: Sat Oct 14, 2017 7:23 am

Re: OpenVPN brocken

Post by wf54 » Wed Apr 25, 2018 6:32 pm

Tried the free VPN and it had problems connecting also. Like you say, not knowing what changes were made complicates matters.
Putting off, but looking it's more and more that I may need a fresh install.
Since it’s working of sorts, I may just stick with it and wait for Mint 19, It isn't a major problem just having one server and with a little messing about it's possible to change the server
In an ideal world Mint 19 would be made available from the package manager.

wf54
Level 2
Level 2
Posts: 90
Joined: Sat Oct 14, 2017 7:23 am

Re: OpenVPN brocken

Post by wf54 » Fri Apr 27, 2018 12:49 pm

UP date...
To try and solve this with a re-install of Mint 18.3.
First thing I did was update Open VPN, then installed the servers with import from file method.
It hasn't worked, still got the IPV6 leak and installed several server that still aren't changing, according to the DNS page.
Also some of servers all failing to connect with timed-out as the reason.

Problem I'm having is that there's very few help pages that show MInt rather than Ubuntu, different terms and images and some are out of date.

User avatar
phd21
Level 19
Level 19
Posts: 9447
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: OpenVPN brocken

Post by phd21 » Fri Apr 27, 2018 1:08 pm

HI wf54,

I think doing a re-install of Linux Mint was a good idea in your situation. FYI: You can (& should) backup or take a system snapshot before installing or updating anything that may have system-wide ramifications, or allowing 3rd party tech support changes, etc...

As was stated before, you can simply change your local ISP default DNS server IP addresses to a reliable DNS providers servers which will protect you and your anonymity regardless whether a VPN connection from a VPN provider leaks or does not leak DNS information (using IPv4 and or IPv6). IMHO everyone should change their local ISP default server IP addresses anyway for many good reasons.

FYI: Not all VPN providers have DNS leaking issues.

Also as I stated before, IPv6 is not really necessary (yet) and can be easily disabled or ignored using the information I have given you and in the links provided.

Also the link and instructions from member "Rubin_Farr" would work for preventing the VPN DNS leaks, but simply changing the local ISP DNS server IP addresses will protect anyone anyway.

viewtopic.php?f=90&t=260970&p=1410738&s ... 4#p1410738

Assuming you do not have hardware problems, if certain VPN servers are disconnecting or not connecting, that is usually a problem from the VPN provider and their servers. But if you are using WiFi adapters to connect to a router for Internet access, then check to make sure that your WiFi adapter is not going to sleep or using power saving features (disable power saving features).


Hope this helps ...
Phd21: Mint KDE 18.3 & 19, 64-bit Awesome OS, Ancient Dell OptiPlex 780 Core2Duo E8400 3GHz,4gb Ram,256gb SDD, Video: Intel 4 Graphics, DVD Lightscribe. Why I use KDE?:https://opensource.com/life/15/4/9-reasons-to-use-kde

wf54
Level 2
Level 2
Posts: 90
Joined: Sat Oct 14, 2017 7:23 am

Re: OpenVPN brocken

Post by wf54 » Fri Apr 27, 2018 3:02 pm

Thanks for the advice, a little spoilt for choice on the link page. I tried a couple before and must have done something wrong.
Should I use this fix by Sammiev;
[
Post by sammiev » Fri Jan 05, 2018 8:18 pm
I have been installing "bind9" like so.

Code: Select all

sudo apt-get install bind9

Edit your network connections and change IPv6 to Ignore.

Edit IPv4 to "Automatic DHCP Address only" and in DNS Servers: type in 127.0.0.1 and select save.

Code: Select all

sudo /etc/init.d/bind9 restart

Edit the configuration file:

Code: Select all

sudo nano /etc/NetworkManager/NetworkManager.conf

Find the line:

Code: Select all

dns=dnsmasq

Replace it with:

Code: Select all

#dns=dnsmasq

Save & close the file with Ctrl+O, Enter, Ctrl+X.

Reboot computer or restart NetworkManager

Restart NetworkManager:

Code: Select all

sudo systemctl restart NetworkManager

Go here to test for leaks with and without your VPN.

https://ipleak.net/

You should have no leaks with and without your VPN.

Been do this for years and 127.0.0.1 is your best friend.

and if you see "Your IP addresses - WebRTC detection"

goto the bottom of the page and it will show you how to fix that as well.

Edit: added a few lines about NetworkManager from my later post.
Last edited by sammiev on Sat Jan 06, 2018 4:22 am, edited 1 time in total.
Top
Thanks again.

User avatar
phd21
Level 19
Level 19
Posts: 9447
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: OpenVPN brocken

Post by phd21 » Fri Apr 27, 2018 3:40 pm

HI wf54,
wf54 wrote:Thanks for the advice, a little spoilt for choice on the link page. I tried a couple before and must have done something wrong. Should I use this fix by Sammiev?
You are welcome...

As for disabling IPv6, you can use any or all of those options, I usually use two of them.

It is up to you whether or not to use the good instructions from "Sammiev" for fixing VPN DNS leaks. Since I always change the local ISP connection's DNS servers anyway to secure and anonymous ones from a DNS provider which protects me from DNS leaks anyway, using the Linux Mint default internal server IP address of "127.0.0.1" is not necessary. I did install "Bind9" just to see what happens and I already had "dnsmasq" installed and enabled. I did not revert my Network Manager or "resolveconf" files to the older versions as was recommended in that post.

Hope this helps ...
Phd21: Mint KDE 18.3 & 19, 64-bit Awesome OS, Ancient Dell OptiPlex 780 Core2Duo E8400 3GHz,4gb Ram,256gb SDD, Video: Intel 4 Graphics, DVD Lightscribe. Why I use KDE?:https://opensource.com/life/15/4/9-reasons-to-use-kde

Rubin_Farr
Level 1
Level 1
Posts: 34
Joined: Sun Jul 09, 2017 3:50 pm

Re: OpenVPN brocken

Post by Rubin_Farr » Sat Apr 28, 2018 4:20 am

phd21 wrote:
Fri Apr 27, 2018 1:08 pm
As was stated before, you can simply change your local ISP default DNS server IP addresses to a reliable DNS providers servers which will protect you and your anonymity regardless whether a VPN connection from a VPN provider leaks or does not leak DNS information (using IPv4 and or IPv6). IMHO everyone should change their local ISP default server IP addresses anyway for many good reasons.
You say that a leak doesn't matter if you choose to a 'reliable' DNS. I don't agree. The leak is coming from the OS. Also, with most VPNs anyway, they use their own secure DNSs. If a Ubuntu base user is suffering from the aforementioned bug, changing VPNs won't make a difference.

phd21 wrote:
Fri Apr 27, 2018 1:08 pm
FYI: Not all VPN providers have DNS leaking issues.
If someone is suffering from the bug I was, the VPN provider would make little difference. The bug is in the OS.

phd21 wrote:
Fri Apr 27, 2018 1:08 pm
Also the link and instructions from member "Rubin_Farr" would work for preventing the VPN DNS leaks, but simply changing the local ISP DNS server IP addresses will protect anyone anyway.
No, no it would not. If you leak, you leak. To say that configuring to a certain DNS would make leaks unimportant is incorrect.

I do agree w/ phd21 in that OP should disable ipv6 either at the router level and/or in the network options.

User avatar
phd21
Level 19
Level 19
Posts: 9447
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: OpenVPN brocken

Post by phd21 » Sat Apr 28, 2018 10:48 am

Hi Rubin_Farr,

I have been testing various VPN providers and DNS providers and networking connections for years now.

If you change the local ISP's default DNS IP Server addresses to reliable DNS provider servers at the desktop OS or at the hardware router, then even if VPN connections leaks DNS information or the OS leaks DNS information, the only visible DNS entries are from the DNS provider not yours, therefore your actual local ISP DNS information is still unknown and you are secure and anonymous regarding DNS information. This is easy to test using various websites (ipleak.net, etc...) and console terminal commands.

I am not saying that any operating systems or its components, or VPN providers, etc... should not strive to resolve the "DNS leaks" issues, they certainly should.

Are you saying that changing the local ISP's default DNS server IP addresses does not work to protect users actual local DNS anonymity?
Phd21: Mint KDE 18.3 & 19, 64-bit Awesome OS, Ancient Dell OptiPlex 780 Core2Duo E8400 3GHz,4gb Ram,256gb SDD, Video: Intel 4 Graphics, DVD Lightscribe. Why I use KDE?:https://opensource.com/life/15/4/9-reasons-to-use-kde

Rubin_Farr
Level 1
Level 1
Posts: 34
Joined: Sun Jul 09, 2017 3:50 pm

Re: OpenVPN brocken

Post by Rubin_Farr » Sat Apr 28, 2018 11:10 am

phd21 wrote:
Sat Apr 28, 2018 10:48 am
Are you saying that changing the local ISP's default DNS server IP addresses does not work to protect users actual local DNS anonymity?
I started to reply but realized I was simply repeating myself from my previous post. I would encourage you to reread my post and read about the bug.

Pippin
Level 4
Level 4
Posts: 294
Joined: Wed Dec 13, 2017 11:14 am
Location: NL/DE/TH

Re: OpenVPN brocken

Post by Pippin » Sat Apr 28, 2018 2:41 pm

I think it would be good for clarity if first agree on definition of DNS leak?
Everything is electric.

wf54
Level 2
Level 2
Posts: 90
Joined: Sat Oct 14, 2017 7:23 am

Re: OpenVPN brocken

Post by wf54 » Mon Apr 30, 2018 4:38 pm

I’m nearly back to square one after the fresh install.
Tried again to use the terminal solution but failed, although I have managed to get the first server to run without a leak.
It’s after changing servers that the fun begins, time out, wrong location and leaks.
Also, even when the DNS site shows that the VPN is working and that there’s not a leak, but the service provider is still blocking sites.

Given up for now, just not changing the starting server and using their app for TV’s, so it ain’t a total loss.
Waiting for the release of 19, the changes may improve this particular problem.

All you help is very much appreciated, unfortunately wasted on my single grey cell but may not be wasted on others.

Post Reply

Return to “Newbie Questions”