Results 1 to 8 of 8
  1. #1
    Newbie
    Join Date
    Jun 2020
    Posts
    5

    Default Unable to form VPN connection

    Hi all,

    I've bought the Untangled z4w firewall and and having a lot of fun with it!
    More or less got everything except OpenVPN working properly.

    Basically, the issue I'm having is that every time I try to form a VPN connection I get the following:
    UDP link local: (not bound)
    UDP link remote: [AF_INET]

    Tried looking through these forums, but nothing that was mentioned on here appeared to work for me.
    I attached the logs below, if anyone is able to help I would really appreciate it.

    VPN-Client.txt
    client.ovpn.txt

  2. #2
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,177

    Talking Welcome

    ...to Untangle, and the forums!

    What client OS?

  3. #3
    Newbie
    Join Date
    Jun 2020
    Posts
    5

    Default

    Using Manjaro Linux

    Testing connection with: openvpn --config VPNFile.ovpn

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,660

    Default

    Let's see...

    "It's broke" with no description of network configuration.
    Log files with obfuscated IP addresses.
    And it's a VPN question...

    Yep, that's the trifecta!

    But there's a twist, buried in the client log is a properly configured external DNS name aimed at an obfuscated ddns.net address...

    Grabbing magic 8 ball, giving it a shake...
    Sniffing the wind for good measure...

    Taking the moonshot...

    User is trying to connect to their VPN from inside the protected network.

    OP if you're not trying to connect from inside the Untangle protected network, the next step is to double check that ddns.net record is resolving to the public address on Untangle. While you're at it, is that public address actually ON Untangle? If it isn't, you need to port forward UDP 1194 to Untangle to make the connection. But if Untangle is in bridge mode, there's so much more that needs doing.

    But if you want us to be able to do anything other than guess, we need details. What Untangle version? How is it installed? Where is your public IP address? What is the relationship between internal and external? A network map would possibly help as well.
    Last edited by sky-knight; 06-28-2020 at 08:31 AM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Newbie
    Join Date
    Jun 2020
    Posts
    5

    Default

    Understood, Will let you know what I can:

    1. The untangled firewall is configured as a router, directly from the modem.
    2. Currently, I am trying to form a VPN connection from inside the firewalls internal network
    3. Current untangled build version is 15.1.0.20200615T124608.a9d75cc95d-1buster
    4. My public IP is: 68.7.92.202/23 and tied to ddns: obsidian-legion.ddns.net/

    Network Diagram.txt

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,660

    Default

    Point 2, you can't do that.

    OpenVPN is only available on the WAN interfaces with Untangle. You cannot test a connection to the VPN from behind the Untangle router providing the connectivity. There is a way to fix this, but it would just cause your laptop grief. Computers don't like routing loops.

    Double check your DDNS name resolves to that 68. address you mentioned just for good measure, but I'll bet if you make your laptop use your cellular hot spot the VPN will fire right up. You have the simplest setup, the way Untangle was designed to be used, everything should just work for you.
    Jim.Alles likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Newbie
    Join Date
    Jun 2020
    Posts
    5

    Default

    Thank you ninja, just tried connecting though outside of my internal network. While a connection was made I observed a few issues that I am currently looking into.

  8. #8
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,660

    Default

    Now you're onto the fun part... name resolution. DNS over the tunnel isn't hard, but it isn't easy either. OpenVPN App -> Settings -> Server Tab -> Groups Sub tab. Look at your group, if PUSH DNS is false that's likely your trouble. IP works but names won't. Enable Push DNS, and set it to OpenVPN Server, you can also push a DNS suffix there if you wish for short name resolution.

    Once set, reconnect the VPN client and it'll get the new configuration.

    And, beware... software firewalls on your end points are a constant fight in this space too. Good luck!
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2