OpenVPN with IPVanish on Linux Mint: Connects but no internet access

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP












0















I'm trying to connect to an IPVanish server on Linux Mint. IPVanish does not provide software for Linux so it has to be done manually.



I downloaded an ovpn file from IPVanish here. I then went to Mint's Network Settings, hit the + button to add a network, and selected VPN. It prompted me to browse to my VPN config file and when I tried to import it I got this error



enter image description here



The next thing I tried was following this tutorial. Using OpenVPN, I was able to connect to the service using this command as root



openvpn --config newyork.ovpn


in the directory I downloaded the .ovpn and cert files to. It prompted me for my login information and then printed this



Mon Nov 23 13:10:42 2015 DEPRECATED OPTION: --tls-remote, please update your configuration
Mon Nov 23 13:10:42 2015 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
Enter Auth Username:nickgilbert1994
Enter Auth Password:
Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-RSA-AES256-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-256-CBC-SHA'
Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-DSS-AES256-SHA', please use IANA name 'TLS-DHE-DSS-WITH-AES-256-CBC-SHA'
Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'AES256-SHA', please use IANA name 'TLS-RSA-WITH-AES-256-CBC-SHA'
Mon Nov 23 13:11:24 2015 Socket Buffers: R=[212992->131072] S=[212992->131072]
Mon Nov 23 13:11:24 2015 UDPv4 link local: [undef]
Mon Nov 23 13:11:24 2015 UDPv4 link remote: [AF_INET]216.151.180.2:443
Mon Nov 23 13:11:24 2015 TLS: Initial packet from [AF_INET]216.151.180.2:443, sid=aad3ff40 72d53cab
Mon Nov 23 13:11:24 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Nov 23 13:11:25 2015 VERIFY OK: depth=1, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
Mon Nov 23 13:11:25 2015 VERIFY X509NAME OK: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
Mon Nov 23 13:11:25 2015 VERIFY OK: depth=0, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Nov 23 13:11:25 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Mon Nov 23 13:11:25 2015 [nyc-a01.ipvanish.com] Peer Connection Initiated with [AF_INET]216.151.180.2:443
Mon Nov 23 13:11:27 2015 SENT CONTROL [nyc-a01.ipvanish.com]: 'PUSH_REQUEST' (status=1)
Mon Nov 23 13:11:27 2015 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 198.18.0.1,dhcp-option DNS 198.18.0.2,rcvbuf 262144,explicit-exit-notify 5,route-gateway 172.20.32.1,topology subnet,ping 20,ping-restart 40,ifconfig 172.20.32.71 255.255.252.0'
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: timers and/or timeouts modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: explicit notify parm(s) modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Mon Nov 23 13:11:27 2015 Socket Buffers: R=[131072->425984] S=[131072->131072]
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ifconfig/up options modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route options modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route-related options modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Nov 23 13:11:27 2015 ROUTE_GATEWAY 10.0.47.254/255.255.240.0 IFACE=wlan0 HWADDR=48:5a:b6:aa:19:17
Mon Nov 23 13:11:27 2015 TUN/TAP device tun0 opened
Mon Nov 23 13:11:27 2015 TUN/TAP TX queue length set to 100
Mon Nov 23 13:11:27 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Nov 23 13:11:27 2015 /sbin/ip link set dev tun0 up mtu 1500
Mon Nov 23 13:11:27 2015 /sbin/ip addr add dev tun0 172.20.32.71/22 broadcast 172.20.35.255
Mon Nov 23 13:11:27 2015 /sbin/ip route add 216.151.180.2/32 via 10.0.47.254
Mon Nov 23 13:11:27 2015 /sbin/ip route add 0.0.0.0/1 via 172.20.32.1
Mon Nov 23 13:11:27 2015 /sbin/ip route add 128.0.0.0/1 via 172.20.32.1
Mon Nov 23 13:11:27 2015 Initialization Sequence Completed


I assume that means it connected to the IPVanish server successfully but then when I tried to go online or ping www.google.com I realized I had no internet.



Here is the output of ifconfig when I'm connected to the IPVanish server



eth0 Link encap:Ethernet HWaddr 20:1a:06:cd:26:ef 
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:18

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:25337 errors:0 dropped:0 overruns:0 frame:0
TX packets:25337 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14440746 (14.4 MB) TX bytes:14440746 (14.4 MB)

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:172.20.32.71 P-t-P:172.20.32.71 Mask:255.255.252.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:144 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:9401 (9.4 KB)

wlan0 Link encap:Ethernet HWaddr 48:5a:b6:aa:19:17
inet addr:10.0.42.167 Bcast:10.0.47.255 Mask:255.255.240.0
inet6 addr: fe80::4a5a:b6ff:feaa:1917/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:459377 errors:0 dropped:1 overruns:0 frame:0
TX packets:18214 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:71371126 (71.3 MB) TX bytes:3267392 (3.2 MB)


I'm fairly new to Linux and would really appreciate any help I can get on this. Thanks so much!



UPDATE



Traceroute to Google with VPN on



traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 172.20.32.1 (172.20.32.1) 23.133 ms 25.232 ms 25.521 ms
2 64.145.79.1 (64.145.79.1) 26.103 ms 26.134 ms 26.165 ms
3 206.130.10.41 (206.130.10.41) 26.187 ms 26.210 ms 26.232 ms
4 209.85.244.157 (209.85.244.157) 26.357 ms 209.85.244.145 (209.85.244.145) 26.481 ms 209.85.244.153 (209.85.244.153) 26.444 ms
5 8.8.8.8 (8.8.8.8) 26.225 ms 26.255 ms 26.281 ms


Result of route command with VPN on



Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
default 10.0.47.254 0.0.0.0 UG 0 0 0 wlan0
10.0.32.0 * 255.255.240.0 U 9 0 0 wlan0
128.0.0.0 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
172.20.32.0 * 255.255.252.0 U 0 0 0 tun0
216.151.180.2 10.0.47.254 255.255.255.255 UGH 0 0 0 wlan0









share|improve this question




























    0















    I'm trying to connect to an IPVanish server on Linux Mint. IPVanish does not provide software for Linux so it has to be done manually.



    I downloaded an ovpn file from IPVanish here. I then went to Mint's Network Settings, hit the + button to add a network, and selected VPN. It prompted me to browse to my VPN config file and when I tried to import it I got this error



    enter image description here



    The next thing I tried was following this tutorial. Using OpenVPN, I was able to connect to the service using this command as root



    openvpn --config newyork.ovpn


    in the directory I downloaded the .ovpn and cert files to. It prompted me for my login information and then printed this



    Mon Nov 23 13:10:42 2015 DEPRECATED OPTION: --tls-remote, please update your configuration
    Mon Nov 23 13:10:42 2015 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
    Enter Auth Username:nickgilbert1994
    Enter Auth Password:
    Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-RSA-AES256-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-256-CBC-SHA'
    Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-DSS-AES256-SHA', please use IANA name 'TLS-DHE-DSS-WITH-AES-256-CBC-SHA'
    Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'AES256-SHA', please use IANA name 'TLS-RSA-WITH-AES-256-CBC-SHA'
    Mon Nov 23 13:11:24 2015 Socket Buffers: R=[212992->131072] S=[212992->131072]
    Mon Nov 23 13:11:24 2015 UDPv4 link local: [undef]
    Mon Nov 23 13:11:24 2015 UDPv4 link remote: [AF_INET]216.151.180.2:443
    Mon Nov 23 13:11:24 2015 TLS: Initial packet from [AF_INET]216.151.180.2:443, sid=aad3ff40 72d53cab
    Mon Nov 23 13:11:24 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Mon Nov 23 13:11:25 2015 VERIFY OK: depth=1, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
    Mon Nov 23 13:11:25 2015 VERIFY X509NAME OK: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
    Mon Nov 23 13:11:25 2015 VERIFY OK: depth=0, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
    Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
    Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
    Mon Nov 23 13:11:25 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
    Mon Nov 23 13:11:25 2015 [nyc-a01.ipvanish.com] Peer Connection Initiated with [AF_INET]216.151.180.2:443
    Mon Nov 23 13:11:27 2015 SENT CONTROL [nyc-a01.ipvanish.com]: 'PUSH_REQUEST' (status=1)
    Mon Nov 23 13:11:27 2015 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 198.18.0.1,dhcp-option DNS 198.18.0.2,rcvbuf 262144,explicit-exit-notify 5,route-gateway 172.20.32.1,topology subnet,ping 20,ping-restart 40,ifconfig 172.20.32.71 255.255.252.0'
    Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: timers and/or timeouts modified
    Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: explicit notify parm(s) modified
    Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
    Mon Nov 23 13:11:27 2015 Socket Buffers: R=[131072->425984] S=[131072->131072]
    Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ifconfig/up options modified
    Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route options modified
    Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route-related options modified
    Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
    Mon Nov 23 13:11:27 2015 ROUTE_GATEWAY 10.0.47.254/255.255.240.0 IFACE=wlan0 HWADDR=48:5a:b6:aa:19:17
    Mon Nov 23 13:11:27 2015 TUN/TAP device tun0 opened
    Mon Nov 23 13:11:27 2015 TUN/TAP TX queue length set to 100
    Mon Nov 23 13:11:27 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
    Mon Nov 23 13:11:27 2015 /sbin/ip link set dev tun0 up mtu 1500
    Mon Nov 23 13:11:27 2015 /sbin/ip addr add dev tun0 172.20.32.71/22 broadcast 172.20.35.255
    Mon Nov 23 13:11:27 2015 /sbin/ip route add 216.151.180.2/32 via 10.0.47.254
    Mon Nov 23 13:11:27 2015 /sbin/ip route add 0.0.0.0/1 via 172.20.32.1
    Mon Nov 23 13:11:27 2015 /sbin/ip route add 128.0.0.0/1 via 172.20.32.1
    Mon Nov 23 13:11:27 2015 Initialization Sequence Completed


    I assume that means it connected to the IPVanish server successfully but then when I tried to go online or ping www.google.com I realized I had no internet.



    Here is the output of ifconfig when I'm connected to the IPVanish server



    eth0 Link encap:Ethernet HWaddr 20:1a:06:cd:26:ef 
    UP BROADCAST MULTICAST MTU:1500 Metric:1
    RX packets:0 errors:0 dropped:0 overruns:0 frame:0
    TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
    Interrupt:18

    lo Link encap:Local Loopback
    inet addr:127.0.0.1 Mask:255.0.0.0
    inet6 addr: ::1/128 Scope:Host
    UP LOOPBACK RUNNING MTU:65536 Metric:1
    RX packets:25337 errors:0 dropped:0 overruns:0 frame:0
    TX packets:25337 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:14440746 (14.4 MB) TX bytes:14440746 (14.4 MB)

    tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
    inet addr:172.20.32.71 P-t-P:172.20.32.71 Mask:255.255.252.0
    UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
    RX packets:0 errors:0 dropped:0 overruns:0 frame:0
    TX packets:144 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:100
    RX bytes:0 (0.0 B) TX bytes:9401 (9.4 KB)

    wlan0 Link encap:Ethernet HWaddr 48:5a:b6:aa:19:17
    inet addr:10.0.42.167 Bcast:10.0.47.255 Mask:255.255.240.0
    inet6 addr: fe80::4a5a:b6ff:feaa:1917/64 Scope:Link
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:459377 errors:0 dropped:1 overruns:0 frame:0
    TX packets:18214 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:71371126 (71.3 MB) TX bytes:3267392 (3.2 MB)


    I'm fairly new to Linux and would really appreciate any help I can get on this. Thanks so much!



    UPDATE



    Traceroute to Google with VPN on



    traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
    1 172.20.32.1 (172.20.32.1) 23.133 ms 25.232 ms 25.521 ms
    2 64.145.79.1 (64.145.79.1) 26.103 ms 26.134 ms 26.165 ms
    3 206.130.10.41 (206.130.10.41) 26.187 ms 26.210 ms 26.232 ms
    4 209.85.244.157 (209.85.244.157) 26.357 ms 209.85.244.145 (209.85.244.145) 26.481 ms 209.85.244.153 (209.85.244.153) 26.444 ms
    5 8.8.8.8 (8.8.8.8) 26.225 ms 26.255 ms 26.281 ms


    Result of route command with VPN on



    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    default 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
    default 10.0.47.254 0.0.0.0 UG 0 0 0 wlan0
    10.0.32.0 * 255.255.240.0 U 9 0 0 wlan0
    128.0.0.0 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
    172.20.32.0 * 255.255.252.0 U 0 0 0 tun0
    216.151.180.2 10.0.47.254 255.255.255.255 UGH 0 0 0 wlan0









    share|improve this question


























      0












      0








      0








      I'm trying to connect to an IPVanish server on Linux Mint. IPVanish does not provide software for Linux so it has to be done manually.



      I downloaded an ovpn file from IPVanish here. I then went to Mint's Network Settings, hit the + button to add a network, and selected VPN. It prompted me to browse to my VPN config file and when I tried to import it I got this error



      enter image description here



      The next thing I tried was following this tutorial. Using OpenVPN, I was able to connect to the service using this command as root



      openvpn --config newyork.ovpn


      in the directory I downloaded the .ovpn and cert files to. It prompted me for my login information and then printed this



      Mon Nov 23 13:10:42 2015 DEPRECATED OPTION: --tls-remote, please update your configuration
      Mon Nov 23 13:10:42 2015 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
      Enter Auth Username:nickgilbert1994
      Enter Auth Password:
      Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-RSA-AES256-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-256-CBC-SHA'
      Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-DSS-AES256-SHA', please use IANA name 'TLS-DHE-DSS-WITH-AES-256-CBC-SHA'
      Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'AES256-SHA', please use IANA name 'TLS-RSA-WITH-AES-256-CBC-SHA'
      Mon Nov 23 13:11:24 2015 Socket Buffers: R=[212992->131072] S=[212992->131072]
      Mon Nov 23 13:11:24 2015 UDPv4 link local: [undef]
      Mon Nov 23 13:11:24 2015 UDPv4 link remote: [AF_INET]216.151.180.2:443
      Mon Nov 23 13:11:24 2015 TLS: Initial packet from [AF_INET]216.151.180.2:443, sid=aad3ff40 72d53cab
      Mon Nov 23 13:11:24 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
      Mon Nov 23 13:11:25 2015 VERIFY OK: depth=1, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
      Mon Nov 23 13:11:25 2015 VERIFY X509NAME OK: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
      Mon Nov 23 13:11:25 2015 VERIFY OK: depth=0, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
      Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
      Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
      Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
      Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
      Mon Nov 23 13:11:25 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
      Mon Nov 23 13:11:25 2015 [nyc-a01.ipvanish.com] Peer Connection Initiated with [AF_INET]216.151.180.2:443
      Mon Nov 23 13:11:27 2015 SENT CONTROL [nyc-a01.ipvanish.com]: 'PUSH_REQUEST' (status=1)
      Mon Nov 23 13:11:27 2015 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 198.18.0.1,dhcp-option DNS 198.18.0.2,rcvbuf 262144,explicit-exit-notify 5,route-gateway 172.20.32.1,topology subnet,ping 20,ping-restart 40,ifconfig 172.20.32.71 255.255.252.0'
      Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: timers and/or timeouts modified
      Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: explicit notify parm(s) modified
      Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
      Mon Nov 23 13:11:27 2015 Socket Buffers: R=[131072->425984] S=[131072->131072]
      Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ifconfig/up options modified
      Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route options modified
      Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route-related options modified
      Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
      Mon Nov 23 13:11:27 2015 ROUTE_GATEWAY 10.0.47.254/255.255.240.0 IFACE=wlan0 HWADDR=48:5a:b6:aa:19:17
      Mon Nov 23 13:11:27 2015 TUN/TAP device tun0 opened
      Mon Nov 23 13:11:27 2015 TUN/TAP TX queue length set to 100
      Mon Nov 23 13:11:27 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
      Mon Nov 23 13:11:27 2015 /sbin/ip link set dev tun0 up mtu 1500
      Mon Nov 23 13:11:27 2015 /sbin/ip addr add dev tun0 172.20.32.71/22 broadcast 172.20.35.255
      Mon Nov 23 13:11:27 2015 /sbin/ip route add 216.151.180.2/32 via 10.0.47.254
      Mon Nov 23 13:11:27 2015 /sbin/ip route add 0.0.0.0/1 via 172.20.32.1
      Mon Nov 23 13:11:27 2015 /sbin/ip route add 128.0.0.0/1 via 172.20.32.1
      Mon Nov 23 13:11:27 2015 Initialization Sequence Completed


      I assume that means it connected to the IPVanish server successfully but then when I tried to go online or ping www.google.com I realized I had no internet.



      Here is the output of ifconfig when I'm connected to the IPVanish server



      eth0 Link encap:Ethernet HWaddr 20:1a:06:cd:26:ef 
      UP BROADCAST MULTICAST MTU:1500 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
      Interrupt:18

      lo Link encap:Local Loopback
      inet addr:127.0.0.1 Mask:255.0.0.0
      inet6 addr: ::1/128 Scope:Host
      UP LOOPBACK RUNNING MTU:65536 Metric:1
      RX packets:25337 errors:0 dropped:0 overruns:0 frame:0
      TX packets:25337 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:14440746 (14.4 MB) TX bytes:14440746 (14.4 MB)

      tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
      inet addr:172.20.32.71 P-t-P:172.20.32.71 Mask:255.255.252.0
      UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:144 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:100
      RX bytes:0 (0.0 B) TX bytes:9401 (9.4 KB)

      wlan0 Link encap:Ethernet HWaddr 48:5a:b6:aa:19:17
      inet addr:10.0.42.167 Bcast:10.0.47.255 Mask:255.255.240.0
      inet6 addr: fe80::4a5a:b6ff:feaa:1917/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:459377 errors:0 dropped:1 overruns:0 frame:0
      TX packets:18214 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:71371126 (71.3 MB) TX bytes:3267392 (3.2 MB)


      I'm fairly new to Linux and would really appreciate any help I can get on this. Thanks so much!



      UPDATE



      Traceroute to Google with VPN on



      traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
      1 172.20.32.1 (172.20.32.1) 23.133 ms 25.232 ms 25.521 ms
      2 64.145.79.1 (64.145.79.1) 26.103 ms 26.134 ms 26.165 ms
      3 206.130.10.41 (206.130.10.41) 26.187 ms 26.210 ms 26.232 ms
      4 209.85.244.157 (209.85.244.157) 26.357 ms 209.85.244.145 (209.85.244.145) 26.481 ms 209.85.244.153 (209.85.244.153) 26.444 ms
      5 8.8.8.8 (8.8.8.8) 26.225 ms 26.255 ms 26.281 ms


      Result of route command with VPN on



      Kernel IP routing table
      Destination Gateway Genmask Flags Metric Ref Use Iface
      default 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
      default 10.0.47.254 0.0.0.0 UG 0 0 0 wlan0
      10.0.32.0 * 255.255.240.0 U 9 0 0 wlan0
      128.0.0.0 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
      172.20.32.0 * 255.255.252.0 U 0 0 0 tun0
      216.151.180.2 10.0.47.254 255.255.255.255 UGH 0 0 0 wlan0









      share|improve this question
















      I'm trying to connect to an IPVanish server on Linux Mint. IPVanish does not provide software for Linux so it has to be done manually.



      I downloaded an ovpn file from IPVanish here. I then went to Mint's Network Settings, hit the + button to add a network, and selected VPN. It prompted me to browse to my VPN config file and when I tried to import it I got this error



      enter image description here



      The next thing I tried was following this tutorial. Using OpenVPN, I was able to connect to the service using this command as root



      openvpn --config newyork.ovpn


      in the directory I downloaded the .ovpn and cert files to. It prompted me for my login information and then printed this



      Mon Nov 23 13:10:42 2015 DEPRECATED OPTION: --tls-remote, please update your configuration
      Mon Nov 23 13:10:42 2015 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
      Enter Auth Username:nickgilbert1994
      Enter Auth Password:
      Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-RSA-AES256-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-256-CBC-SHA'
      Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-DSS-AES256-SHA', please use IANA name 'TLS-DHE-DSS-WITH-AES-256-CBC-SHA'
      Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'AES256-SHA', please use IANA name 'TLS-RSA-WITH-AES-256-CBC-SHA'
      Mon Nov 23 13:11:24 2015 Socket Buffers: R=[212992->131072] S=[212992->131072]
      Mon Nov 23 13:11:24 2015 UDPv4 link local: [undef]
      Mon Nov 23 13:11:24 2015 UDPv4 link remote: [AF_INET]216.151.180.2:443
      Mon Nov 23 13:11:24 2015 TLS: Initial packet from [AF_INET]216.151.180.2:443, sid=aad3ff40 72d53cab
      Mon Nov 23 13:11:24 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
      Mon Nov 23 13:11:25 2015 VERIFY OK: depth=1, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
      Mon Nov 23 13:11:25 2015 VERIFY X509NAME OK: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
      Mon Nov 23 13:11:25 2015 VERIFY OK: depth=0, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
      Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
      Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
      Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
      Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
      Mon Nov 23 13:11:25 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
      Mon Nov 23 13:11:25 2015 [nyc-a01.ipvanish.com] Peer Connection Initiated with [AF_INET]216.151.180.2:443
      Mon Nov 23 13:11:27 2015 SENT CONTROL [nyc-a01.ipvanish.com]: 'PUSH_REQUEST' (status=1)
      Mon Nov 23 13:11:27 2015 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 198.18.0.1,dhcp-option DNS 198.18.0.2,rcvbuf 262144,explicit-exit-notify 5,route-gateway 172.20.32.1,topology subnet,ping 20,ping-restart 40,ifconfig 172.20.32.71 255.255.252.0'
      Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: timers and/or timeouts modified
      Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: explicit notify parm(s) modified
      Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
      Mon Nov 23 13:11:27 2015 Socket Buffers: R=[131072->425984] S=[131072->131072]
      Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ifconfig/up options modified
      Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route options modified
      Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route-related options modified
      Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
      Mon Nov 23 13:11:27 2015 ROUTE_GATEWAY 10.0.47.254/255.255.240.0 IFACE=wlan0 HWADDR=48:5a:b6:aa:19:17
      Mon Nov 23 13:11:27 2015 TUN/TAP device tun0 opened
      Mon Nov 23 13:11:27 2015 TUN/TAP TX queue length set to 100
      Mon Nov 23 13:11:27 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
      Mon Nov 23 13:11:27 2015 /sbin/ip link set dev tun0 up mtu 1500
      Mon Nov 23 13:11:27 2015 /sbin/ip addr add dev tun0 172.20.32.71/22 broadcast 172.20.35.255
      Mon Nov 23 13:11:27 2015 /sbin/ip route add 216.151.180.2/32 via 10.0.47.254
      Mon Nov 23 13:11:27 2015 /sbin/ip route add 0.0.0.0/1 via 172.20.32.1
      Mon Nov 23 13:11:27 2015 /sbin/ip route add 128.0.0.0/1 via 172.20.32.1
      Mon Nov 23 13:11:27 2015 Initialization Sequence Completed


      I assume that means it connected to the IPVanish server successfully but then when I tried to go online or ping www.google.com I realized I had no internet.



      Here is the output of ifconfig when I'm connected to the IPVanish server



      eth0 Link encap:Ethernet HWaddr 20:1a:06:cd:26:ef 
      UP BROADCAST MULTICAST MTU:1500 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
      Interrupt:18

      lo Link encap:Local Loopback
      inet addr:127.0.0.1 Mask:255.0.0.0
      inet6 addr: ::1/128 Scope:Host
      UP LOOPBACK RUNNING MTU:65536 Metric:1
      RX packets:25337 errors:0 dropped:0 overruns:0 frame:0
      TX packets:25337 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:14440746 (14.4 MB) TX bytes:14440746 (14.4 MB)

      tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
      inet addr:172.20.32.71 P-t-P:172.20.32.71 Mask:255.255.252.0
      UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:144 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:100
      RX bytes:0 (0.0 B) TX bytes:9401 (9.4 KB)

      wlan0 Link encap:Ethernet HWaddr 48:5a:b6:aa:19:17
      inet addr:10.0.42.167 Bcast:10.0.47.255 Mask:255.255.240.0
      inet6 addr: fe80::4a5a:b6ff:feaa:1917/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:459377 errors:0 dropped:1 overruns:0 frame:0
      TX packets:18214 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:71371126 (71.3 MB) TX bytes:3267392 (3.2 MB)


      I'm fairly new to Linux and would really appreciate any help I can get on this. Thanks so much!



      UPDATE



      Traceroute to Google with VPN on



      traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
      1 172.20.32.1 (172.20.32.1) 23.133 ms 25.232 ms 25.521 ms
      2 64.145.79.1 (64.145.79.1) 26.103 ms 26.134 ms 26.165 ms
      3 206.130.10.41 (206.130.10.41) 26.187 ms 26.210 ms 26.232 ms
      4 209.85.244.157 (209.85.244.157) 26.357 ms 209.85.244.145 (209.85.244.145) 26.481 ms 209.85.244.153 (209.85.244.153) 26.444 ms
      5 8.8.8.8 (8.8.8.8) 26.225 ms 26.255 ms 26.281 ms


      Result of route command with VPN on



      Kernel IP routing table
      Destination Gateway Genmask Flags Metric Ref Use Iface
      default 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
      default 10.0.47.254 0.0.0.0 UG 0 0 0 wlan0
      10.0.32.0 * 255.255.240.0 U 9 0 0 wlan0
      128.0.0.0 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
      172.20.32.0 * 255.255.252.0 U 0 0 0 tun0
      216.151.180.2 10.0.47.254 255.255.255.255 UGH 0 0 0 wlan0






      linux debian linux-mint vpn openvpn






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 23 '15 at 20:07







      Nick Gilbert

















      asked Nov 23 '15 at 18:21









      Nick GilbertNick Gilbert

      10817




      10817




















          1 Answer
          1






          active

          oldest

          votes


















          0














          First thing I'd do is a traceroute to a common internet server. 8.8.8.8 for google DNS is usually something you can always hit. I'd then suggest posting your routing table. ip r s or simply route It says it's configuring the routes but it would be good to see if those changes are being applied properly; and of course Traceroute will actually give you an indication of where the packets are also going.



          Another thing of note is that it looks suspicious that your tunnel is sending packets but receiving.






          share|improve this answer























          • Updated question

            – Nick Gilbert
            Nov 23 '15 at 20:07










          Your Answer








          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "106"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader:
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          ,
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );













          draft saved

          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f244975%2fopenvpn-with-ipvanish-on-linux-mint-connects-but-no-internet-access%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          0














          First thing I'd do is a traceroute to a common internet server. 8.8.8.8 for google DNS is usually something you can always hit. I'd then suggest posting your routing table. ip r s or simply route It says it's configuring the routes but it would be good to see if those changes are being applied properly; and of course Traceroute will actually give you an indication of where the packets are also going.



          Another thing of note is that it looks suspicious that your tunnel is sending packets but receiving.






          share|improve this answer























          • Updated question

            – Nick Gilbert
            Nov 23 '15 at 20:07















          0














          First thing I'd do is a traceroute to a common internet server. 8.8.8.8 for google DNS is usually something you can always hit. I'd then suggest posting your routing table. ip r s or simply route It says it's configuring the routes but it would be good to see if those changes are being applied properly; and of course Traceroute will actually give you an indication of where the packets are also going.



          Another thing of note is that it looks suspicious that your tunnel is sending packets but receiving.






          share|improve this answer























          • Updated question

            – Nick Gilbert
            Nov 23 '15 at 20:07













          0












          0








          0







          First thing I'd do is a traceroute to a common internet server. 8.8.8.8 for google DNS is usually something you can always hit. I'd then suggest posting your routing table. ip r s or simply route It says it's configuring the routes but it would be good to see if those changes are being applied properly; and of course Traceroute will actually give you an indication of where the packets are also going.



          Another thing of note is that it looks suspicious that your tunnel is sending packets but receiving.






          share|improve this answer













          First thing I'd do is a traceroute to a common internet server. 8.8.8.8 for google DNS is usually something you can always hit. I'd then suggest posting your routing table. ip r s or simply route It says it's configuring the routes but it would be good to see if those changes are being applied properly; and of course Traceroute will actually give you an indication of where the packets are also going.



          Another thing of note is that it looks suspicious that your tunnel is sending packets but receiving.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Nov 23 '15 at 19:52









          c4iffordc4ifford

          1




          1












          • Updated question

            – Nick Gilbert
            Nov 23 '15 at 20:07

















          • Updated question

            – Nick Gilbert
            Nov 23 '15 at 20:07
















          Updated question

          – Nick Gilbert
          Nov 23 '15 at 20:07





          Updated question

          – Nick Gilbert
          Nov 23 '15 at 20:07

















          draft saved

          draft discarded
















































          Thanks for contributing an answer to Unix & Linux Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid


          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.

          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f244975%2fopenvpn-with-ipvanish-on-linux-mint-connects-but-no-internet-access%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown






          Popular posts from this blog

          How to check contact read email or not when send email to Individual?

          Displaying single band from multi-band raster using QGIS

          How many registers does an x86_64 CPU actually have?