Results 1 to 2 of 2
  1. #1
    Untangler
    Join Date
    Nov 2012
    Posts
    47

    Thumbs down Connection dies with NordVPN

    I cannot browse to any sites even though its up, see log below. I have tried multiple servers. It works for a few minutes, then Chrome cannot connect to any sites. Maybe I'm missing something?

    Code:
    Fri Apr 27 20:28:08 2018 OpenVPN 2.3.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 26 2017
    Fri Apr 27 20:28:08 2018 library versions: OpenSSL 1.0.1t  3 May 2016, LZO 2.08
    Fri Apr 27 20:28:08 2018 WARNING: file 'auth.txt' is group or others accessible
    Fri Apr 27 20:28:08 2018 WARNING: --ping should normally be used with --ping-restart or --ping-exit
    Fri Apr 27 20:28:08 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Fri Apr 27 20:28:08 2018 NOTE: --fast-io is disabled since we are not using UDP
    Fri Apr 27 20:28:08 2018 Control Channel Authentication: tls-auth using INLINE static key file
    Fri Apr 27 20:28:08 2018 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Apr 27 20:28:08 2018 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Apr 27 20:28:08 2018 Socket Buffers: R=[87380->131072] S=[16384->131072]
    Fri Apr 27 20:28:08 2018 Attempting to establish TCP connection with [AF_INET]xxxxxx:443 [nonblock]
    Fri Apr 27 20:28:09 2018 TCP connection established with [AF_INET]xxxx:443
    Fri Apr 27 20:28:09 2018 TCPv4_CLIENT link local: [undef]
    Fri Apr 27 20:28:09 2018 TCPv4_CLIENT link remote: [AF_INET]xxxxx:443
    Fri Apr 27 20:28:09 2018 TLS: Initial packet from [AF_INET]xxxxxx:443, sid=1d115df9 e050965d
    Fri Apr 27 20:28:09 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Fri Apr 27 20:28:10 2018 VERIFY OK: depth=1, C=PA, ST=PA, L=Panama, O=NordVPN, OU=NordVPN, CN=uk413.nordvpn.com, name=NordVPN, emailAddress=cert@nordvpn.com
    Fri Apr 27 20:28:10 2018 Validating certificate key usage
    Fri Apr 27 20:28:10 2018 ++ Certificate has key usage  00a0, expects 00a0
    Fri Apr 27 20:28:10 2018 VERIFY KU OK
    Fri Apr 27 20:28:10 2018 Validating certificate extended key usage
    Fri Apr 27 20:28:10 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
    Fri Apr 27 20:28:10 2018 VERIFY EKU OK
    Fri Apr 27 20:28:10 2018 VERIFY OK: depth=0, C=PA, ST=PA, L=Panama, O=NordVPN, OU=NordVPN, CN=uk413.nordvpn.com, name=NordVPN, emailAddress=cert@nordvpn.com
    Fri Apr 27 20:28:10 2018 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Fri Apr 27 20:28:10 2018 Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Apr 27 20:28:10 2018 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Fri Apr 27 20:28:10 2018 Data Channel Decrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Apr 27 20:28:10 2018 Control Channel: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
    Fri Apr 27 20:28:10 2018 [uk413.nordvpn.com] Peer Connection Initiated with [AF_INET]185.178.49.151:443
    Fri Apr 27 20:28:12 2018 SENT CONTROL [uk413.nordvpn.com]: 'PUSH_REQUEST' (status=1)
    Fri Apr 27 20:28:12 2018 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,sndbuf 524288,rcvbuf 524288,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,route-gateway 10.7.7.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.7.7.116 255.255.255.0'
    Fri Apr 27 20:28:12 2018 OPTIONS IMPORT: timers and/or timeouts modified
    Fri Apr 27 20:28:12 2018 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
    Fri Apr 27 20:28:12 2018 Socket Buffers: R=[131072->1048576] S=[131072->1048576]
    Fri Apr 27 20:28:12 2018 OPTIONS IMPORT: --ifconfig/up options modified
    Fri Apr 27 20:28:12 2018 OPTIONS IMPORT: route options modified
    Fri Apr 27 20:28:12 2018 OPTIONS IMPORT: route-related options modified
    Fri Apr 27 20:28:12 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
    Fri Apr 27 20:28:12 2018 ROUTE: default_gateway=UNDEF
    Fri Apr 27 20:28:12 2018 TUN/TAP device tun200 opened
    Fri Apr 27 20:28:12 2018 TUN/TAP TX queue length set to 100
    Fri Apr 27 20:28:12 2018 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
    Fri Apr 27 20:28:12 2018 /sbin/ip link set dev tun200 up mtu 1500
    Fri Apr 27 20:28:12 2018 /sbin/ip addr add dev tun200 10.7.7.116/24 broadcast 10.7.7.255
    Fri Apr 27 20:28:12 2018 /usr/share/untangle/bin/tunnel-vpn-up.sh tun200 1500 1636 10.7.7.116 255.255.255.0 init
    Fri Apr 27 20:28:12 GMT 2018: dev:tun200 local:10.7.7.116 remote: gateway:10.7.7.1
    [UPLINK  DEBUG: Fri Apr 27 20:28:12 GMT 2018] Adding default route table uplink.200 for tun200 to 10.7.7.1.
    [UPLINK  DEBUG: Fri Apr 27 20:28:12 GMT 2018] ip -4 route replace 10.7.7.1 dev tun200
    [UPLINK  DEBUG: Fri Apr 27 20:28:12 GMT 2018] ip -4 route replace table uplink.200 default via 10.7.7.1
    Fri Apr 27 20:28:12 2018 Initialization Sequence Completed
    Last edited by GodAtum; 04-27-2018 at 02:57 PM.

  2. #2
    Untanglit
    Join Date
    Dec 2017
    Posts
    25

    Default

    I'm not an expert here but it looks like the tunnel is connecting properly. Few things I can think of:

    1) Under the status tab does it show the tunnel as connected? if so then the tunnel is working fine.
    2) What rules have you created to force traffic through the tunnel? Are you trying to make ALL traffiic go through VPN?

    I don't run ALL traffic through the VPN due to speed issues and because I think its overkill. I have specific boxes and traffic I route through the tunnel.

    For example I have a machine which I "visit Sweden" with where I have a rule for the specific IP (Source Address) of that machine to go through tunnel.

    Hope that helps.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2