OpenVPN with IPVanish on Linux Mint: Connects but no internet access
Clash Royale CLAN TAG#URR8PPP
I'm trying to connect to an IPVanish server on Linux Mint. IPVanish does not provide software for Linux so it has to be done manually.
I downloaded an ovpn file from IPVanish here. I then went to Mint's Network Settings, hit the + button to add a network, and selected VPN. It prompted me to browse to my VPN config file and when I tried to import it I got this error
The next thing I tried was following this tutorial. Using OpenVPN, I was able to connect to the service using this command as root
openvpn --config newyork.ovpn
in the directory I downloaded the .ovpn and cert files to. It prompted me for my login information and then printed this
Mon Nov 23 13:10:42 2015 DEPRECATED OPTION: --tls-remote, please update your configuration
Mon Nov 23 13:10:42 2015 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
Enter Auth Username:nickgilbert1994
Enter Auth Password:
Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-RSA-AES256-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-256-CBC-SHA'
Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-DSS-AES256-SHA', please use IANA name 'TLS-DHE-DSS-WITH-AES-256-CBC-SHA'
Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'AES256-SHA', please use IANA name 'TLS-RSA-WITH-AES-256-CBC-SHA'
Mon Nov 23 13:11:24 2015 Socket Buffers: R=[212992->131072] S=[212992->131072]
Mon Nov 23 13:11:24 2015 UDPv4 link local: [undef]
Mon Nov 23 13:11:24 2015 UDPv4 link remote: [AF_INET]216.151.180.2:443
Mon Nov 23 13:11:24 2015 TLS: Initial packet from [AF_INET]216.151.180.2:443, sid=aad3ff40 72d53cab
Mon Nov 23 13:11:24 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Nov 23 13:11:25 2015 VERIFY OK: depth=1, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
Mon Nov 23 13:11:25 2015 VERIFY X509NAME OK: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
Mon Nov 23 13:11:25 2015 VERIFY OK: depth=0, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Nov 23 13:11:25 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Mon Nov 23 13:11:25 2015 [nyc-a01.ipvanish.com] Peer Connection Initiated with [AF_INET]216.151.180.2:443
Mon Nov 23 13:11:27 2015 SENT CONTROL [nyc-a01.ipvanish.com]: 'PUSH_REQUEST' (status=1)
Mon Nov 23 13:11:27 2015 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 198.18.0.1,dhcp-option DNS 198.18.0.2,rcvbuf 262144,explicit-exit-notify 5,route-gateway 172.20.32.1,topology subnet,ping 20,ping-restart 40,ifconfig 172.20.32.71 255.255.252.0'
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: timers and/or timeouts modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: explicit notify parm(s) modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Mon Nov 23 13:11:27 2015 Socket Buffers: R=[131072->425984] S=[131072->131072]
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ifconfig/up options modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route options modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route-related options modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Nov 23 13:11:27 2015 ROUTE_GATEWAY 10.0.47.254/255.255.240.0 IFACE=wlan0 HWADDR=48:5a:b6:aa:19:17
Mon Nov 23 13:11:27 2015 TUN/TAP device tun0 opened
Mon Nov 23 13:11:27 2015 TUN/TAP TX queue length set to 100
Mon Nov 23 13:11:27 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Nov 23 13:11:27 2015 /sbin/ip link set dev tun0 up mtu 1500
Mon Nov 23 13:11:27 2015 /sbin/ip addr add dev tun0 172.20.32.71/22 broadcast 172.20.35.255
Mon Nov 23 13:11:27 2015 /sbin/ip route add 216.151.180.2/32 via 10.0.47.254
Mon Nov 23 13:11:27 2015 /sbin/ip route add 0.0.0.0/1 via 172.20.32.1
Mon Nov 23 13:11:27 2015 /sbin/ip route add 128.0.0.0/1 via 172.20.32.1
Mon Nov 23 13:11:27 2015 Initialization Sequence Completed
I assume that means it connected to the IPVanish server successfully but then when I tried to go online or ping www.google.com I realized I had no internet.
Here is the output of ifconfig when I'm connected to the IPVanish server
eth0 Link encap:Ethernet HWaddr 20:1a:06:cd:26:ef
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:18
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:25337 errors:0 dropped:0 overruns:0 frame:0
TX packets:25337 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14440746 (14.4 MB) TX bytes:14440746 (14.4 MB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:172.20.32.71 P-t-P:172.20.32.71 Mask:255.255.252.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:144 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:9401 (9.4 KB)
wlan0 Link encap:Ethernet HWaddr 48:5a:b6:aa:19:17
inet addr:10.0.42.167 Bcast:10.0.47.255 Mask:255.255.240.0
inet6 addr: fe80::4a5a:b6ff:feaa:1917/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:459377 errors:0 dropped:1 overruns:0 frame:0
TX packets:18214 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:71371126 (71.3 MB) TX bytes:3267392 (3.2 MB)
I'm fairly new to Linux and would really appreciate any help I can get on this. Thanks so much!
UPDATE
Traceroute to Google with VPN on
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 172.20.32.1 (172.20.32.1) 23.133 ms 25.232 ms 25.521 ms
2 64.145.79.1 (64.145.79.1) 26.103 ms 26.134 ms 26.165 ms
3 206.130.10.41 (206.130.10.41) 26.187 ms 26.210 ms 26.232 ms
4 209.85.244.157 (209.85.244.157) 26.357 ms 209.85.244.145 (209.85.244.145) 26.481 ms 209.85.244.153 (209.85.244.153) 26.444 ms
5 8.8.8.8 (8.8.8.8) 26.225 ms 26.255 ms 26.281 ms
Result of route command with VPN on
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
default 10.0.47.254 0.0.0.0 UG 0 0 0 wlan0
10.0.32.0 * 255.255.240.0 U 9 0 0 wlan0
128.0.0.0 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
172.20.32.0 * 255.255.252.0 U 0 0 0 tun0
216.151.180.2 10.0.47.254 255.255.255.255 UGH 0 0 0 wlan0
linux debian linux-mint vpn openvpn
add a comment |
I'm trying to connect to an IPVanish server on Linux Mint. IPVanish does not provide software for Linux so it has to be done manually.
I downloaded an ovpn file from IPVanish here. I then went to Mint's Network Settings, hit the + button to add a network, and selected VPN. It prompted me to browse to my VPN config file and when I tried to import it I got this error
The next thing I tried was following this tutorial. Using OpenVPN, I was able to connect to the service using this command as root
openvpn --config newyork.ovpn
in the directory I downloaded the .ovpn and cert files to. It prompted me for my login information and then printed this
Mon Nov 23 13:10:42 2015 DEPRECATED OPTION: --tls-remote, please update your configuration
Mon Nov 23 13:10:42 2015 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
Enter Auth Username:nickgilbert1994
Enter Auth Password:
Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-RSA-AES256-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-256-CBC-SHA'
Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-DSS-AES256-SHA', please use IANA name 'TLS-DHE-DSS-WITH-AES-256-CBC-SHA'
Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'AES256-SHA', please use IANA name 'TLS-RSA-WITH-AES-256-CBC-SHA'
Mon Nov 23 13:11:24 2015 Socket Buffers: R=[212992->131072] S=[212992->131072]
Mon Nov 23 13:11:24 2015 UDPv4 link local: [undef]
Mon Nov 23 13:11:24 2015 UDPv4 link remote: [AF_INET]216.151.180.2:443
Mon Nov 23 13:11:24 2015 TLS: Initial packet from [AF_INET]216.151.180.2:443, sid=aad3ff40 72d53cab
Mon Nov 23 13:11:24 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Nov 23 13:11:25 2015 VERIFY OK: depth=1, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
Mon Nov 23 13:11:25 2015 VERIFY X509NAME OK: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
Mon Nov 23 13:11:25 2015 VERIFY OK: depth=0, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Nov 23 13:11:25 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Mon Nov 23 13:11:25 2015 [nyc-a01.ipvanish.com] Peer Connection Initiated with [AF_INET]216.151.180.2:443
Mon Nov 23 13:11:27 2015 SENT CONTROL [nyc-a01.ipvanish.com]: 'PUSH_REQUEST' (status=1)
Mon Nov 23 13:11:27 2015 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 198.18.0.1,dhcp-option DNS 198.18.0.2,rcvbuf 262144,explicit-exit-notify 5,route-gateway 172.20.32.1,topology subnet,ping 20,ping-restart 40,ifconfig 172.20.32.71 255.255.252.0'
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: timers and/or timeouts modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: explicit notify parm(s) modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Mon Nov 23 13:11:27 2015 Socket Buffers: R=[131072->425984] S=[131072->131072]
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ifconfig/up options modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route options modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route-related options modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Nov 23 13:11:27 2015 ROUTE_GATEWAY 10.0.47.254/255.255.240.0 IFACE=wlan0 HWADDR=48:5a:b6:aa:19:17
Mon Nov 23 13:11:27 2015 TUN/TAP device tun0 opened
Mon Nov 23 13:11:27 2015 TUN/TAP TX queue length set to 100
Mon Nov 23 13:11:27 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Nov 23 13:11:27 2015 /sbin/ip link set dev tun0 up mtu 1500
Mon Nov 23 13:11:27 2015 /sbin/ip addr add dev tun0 172.20.32.71/22 broadcast 172.20.35.255
Mon Nov 23 13:11:27 2015 /sbin/ip route add 216.151.180.2/32 via 10.0.47.254
Mon Nov 23 13:11:27 2015 /sbin/ip route add 0.0.0.0/1 via 172.20.32.1
Mon Nov 23 13:11:27 2015 /sbin/ip route add 128.0.0.0/1 via 172.20.32.1
Mon Nov 23 13:11:27 2015 Initialization Sequence Completed
I assume that means it connected to the IPVanish server successfully but then when I tried to go online or ping www.google.com I realized I had no internet.
Here is the output of ifconfig when I'm connected to the IPVanish server
eth0 Link encap:Ethernet HWaddr 20:1a:06:cd:26:ef
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:18
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:25337 errors:0 dropped:0 overruns:0 frame:0
TX packets:25337 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14440746 (14.4 MB) TX bytes:14440746 (14.4 MB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:172.20.32.71 P-t-P:172.20.32.71 Mask:255.255.252.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:144 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:9401 (9.4 KB)
wlan0 Link encap:Ethernet HWaddr 48:5a:b6:aa:19:17
inet addr:10.0.42.167 Bcast:10.0.47.255 Mask:255.255.240.0
inet6 addr: fe80::4a5a:b6ff:feaa:1917/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:459377 errors:0 dropped:1 overruns:0 frame:0
TX packets:18214 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:71371126 (71.3 MB) TX bytes:3267392 (3.2 MB)
I'm fairly new to Linux and would really appreciate any help I can get on this. Thanks so much!
UPDATE
Traceroute to Google with VPN on
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 172.20.32.1 (172.20.32.1) 23.133 ms 25.232 ms 25.521 ms
2 64.145.79.1 (64.145.79.1) 26.103 ms 26.134 ms 26.165 ms
3 206.130.10.41 (206.130.10.41) 26.187 ms 26.210 ms 26.232 ms
4 209.85.244.157 (209.85.244.157) 26.357 ms 209.85.244.145 (209.85.244.145) 26.481 ms 209.85.244.153 (209.85.244.153) 26.444 ms
5 8.8.8.8 (8.8.8.8) 26.225 ms 26.255 ms 26.281 ms
Result of route command with VPN on
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
default 10.0.47.254 0.0.0.0 UG 0 0 0 wlan0
10.0.32.0 * 255.255.240.0 U 9 0 0 wlan0
128.0.0.0 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
172.20.32.0 * 255.255.252.0 U 0 0 0 tun0
216.151.180.2 10.0.47.254 255.255.255.255 UGH 0 0 0 wlan0
linux debian linux-mint vpn openvpn
add a comment |
I'm trying to connect to an IPVanish server on Linux Mint. IPVanish does not provide software for Linux so it has to be done manually.
I downloaded an ovpn file from IPVanish here. I then went to Mint's Network Settings, hit the + button to add a network, and selected VPN. It prompted me to browse to my VPN config file and when I tried to import it I got this error
The next thing I tried was following this tutorial. Using OpenVPN, I was able to connect to the service using this command as root
openvpn --config newyork.ovpn
in the directory I downloaded the .ovpn and cert files to. It prompted me for my login information and then printed this
Mon Nov 23 13:10:42 2015 DEPRECATED OPTION: --tls-remote, please update your configuration
Mon Nov 23 13:10:42 2015 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
Enter Auth Username:nickgilbert1994
Enter Auth Password:
Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-RSA-AES256-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-256-CBC-SHA'
Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-DSS-AES256-SHA', please use IANA name 'TLS-DHE-DSS-WITH-AES-256-CBC-SHA'
Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'AES256-SHA', please use IANA name 'TLS-RSA-WITH-AES-256-CBC-SHA'
Mon Nov 23 13:11:24 2015 Socket Buffers: R=[212992->131072] S=[212992->131072]
Mon Nov 23 13:11:24 2015 UDPv4 link local: [undef]
Mon Nov 23 13:11:24 2015 UDPv4 link remote: [AF_INET]216.151.180.2:443
Mon Nov 23 13:11:24 2015 TLS: Initial packet from [AF_INET]216.151.180.2:443, sid=aad3ff40 72d53cab
Mon Nov 23 13:11:24 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Nov 23 13:11:25 2015 VERIFY OK: depth=1, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
Mon Nov 23 13:11:25 2015 VERIFY X509NAME OK: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
Mon Nov 23 13:11:25 2015 VERIFY OK: depth=0, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Nov 23 13:11:25 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Mon Nov 23 13:11:25 2015 [nyc-a01.ipvanish.com] Peer Connection Initiated with [AF_INET]216.151.180.2:443
Mon Nov 23 13:11:27 2015 SENT CONTROL [nyc-a01.ipvanish.com]: 'PUSH_REQUEST' (status=1)
Mon Nov 23 13:11:27 2015 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 198.18.0.1,dhcp-option DNS 198.18.0.2,rcvbuf 262144,explicit-exit-notify 5,route-gateway 172.20.32.1,topology subnet,ping 20,ping-restart 40,ifconfig 172.20.32.71 255.255.252.0'
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: timers and/or timeouts modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: explicit notify parm(s) modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Mon Nov 23 13:11:27 2015 Socket Buffers: R=[131072->425984] S=[131072->131072]
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ifconfig/up options modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route options modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route-related options modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Nov 23 13:11:27 2015 ROUTE_GATEWAY 10.0.47.254/255.255.240.0 IFACE=wlan0 HWADDR=48:5a:b6:aa:19:17
Mon Nov 23 13:11:27 2015 TUN/TAP device tun0 opened
Mon Nov 23 13:11:27 2015 TUN/TAP TX queue length set to 100
Mon Nov 23 13:11:27 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Nov 23 13:11:27 2015 /sbin/ip link set dev tun0 up mtu 1500
Mon Nov 23 13:11:27 2015 /sbin/ip addr add dev tun0 172.20.32.71/22 broadcast 172.20.35.255
Mon Nov 23 13:11:27 2015 /sbin/ip route add 216.151.180.2/32 via 10.0.47.254
Mon Nov 23 13:11:27 2015 /sbin/ip route add 0.0.0.0/1 via 172.20.32.1
Mon Nov 23 13:11:27 2015 /sbin/ip route add 128.0.0.0/1 via 172.20.32.1
Mon Nov 23 13:11:27 2015 Initialization Sequence Completed
I assume that means it connected to the IPVanish server successfully but then when I tried to go online or ping www.google.com I realized I had no internet.
Here is the output of ifconfig when I'm connected to the IPVanish server
eth0 Link encap:Ethernet HWaddr 20:1a:06:cd:26:ef
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:18
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:25337 errors:0 dropped:0 overruns:0 frame:0
TX packets:25337 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14440746 (14.4 MB) TX bytes:14440746 (14.4 MB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:172.20.32.71 P-t-P:172.20.32.71 Mask:255.255.252.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:144 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:9401 (9.4 KB)
wlan0 Link encap:Ethernet HWaddr 48:5a:b6:aa:19:17
inet addr:10.0.42.167 Bcast:10.0.47.255 Mask:255.255.240.0
inet6 addr: fe80::4a5a:b6ff:feaa:1917/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:459377 errors:0 dropped:1 overruns:0 frame:0
TX packets:18214 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:71371126 (71.3 MB) TX bytes:3267392 (3.2 MB)
I'm fairly new to Linux and would really appreciate any help I can get on this. Thanks so much!
UPDATE
Traceroute to Google with VPN on
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 172.20.32.1 (172.20.32.1) 23.133 ms 25.232 ms 25.521 ms
2 64.145.79.1 (64.145.79.1) 26.103 ms 26.134 ms 26.165 ms
3 206.130.10.41 (206.130.10.41) 26.187 ms 26.210 ms 26.232 ms
4 209.85.244.157 (209.85.244.157) 26.357 ms 209.85.244.145 (209.85.244.145) 26.481 ms 209.85.244.153 (209.85.244.153) 26.444 ms
5 8.8.8.8 (8.8.8.8) 26.225 ms 26.255 ms 26.281 ms
Result of route command with VPN on
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
default 10.0.47.254 0.0.0.0 UG 0 0 0 wlan0
10.0.32.0 * 255.255.240.0 U 9 0 0 wlan0
128.0.0.0 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
172.20.32.0 * 255.255.252.0 U 0 0 0 tun0
216.151.180.2 10.0.47.254 255.255.255.255 UGH 0 0 0 wlan0
linux debian linux-mint vpn openvpn
I'm trying to connect to an IPVanish server on Linux Mint. IPVanish does not provide software for Linux so it has to be done manually.
I downloaded an ovpn file from IPVanish here. I then went to Mint's Network Settings, hit the + button to add a network, and selected VPN. It prompted me to browse to my VPN config file and when I tried to import it I got this error
The next thing I tried was following this tutorial. Using OpenVPN, I was able to connect to the service using this command as root
openvpn --config newyork.ovpn
in the directory I downloaded the .ovpn and cert files to. It prompted me for my login information and then printed this
Mon Nov 23 13:10:42 2015 DEPRECATED OPTION: --tls-remote, please update your configuration
Mon Nov 23 13:10:42 2015 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
Enter Auth Username:nickgilbert1994
Enter Auth Password:
Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-RSA-AES256-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-256-CBC-SHA'
Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'DHE-DSS-AES256-SHA', please use IANA name 'TLS-DHE-DSS-WITH-AES-256-CBC-SHA'
Mon Nov 23 13:11:24 2015 Deprecated TLS cipher name 'AES256-SHA', please use IANA name 'TLS-RSA-WITH-AES-256-CBC-SHA'
Mon Nov 23 13:11:24 2015 Socket Buffers: R=[212992->131072] S=[212992->131072]
Mon Nov 23 13:11:24 2015 UDPv4 link local: [undef]
Mon Nov 23 13:11:24 2015 UDPv4 link remote: [AF_INET]216.151.180.2:443
Mon Nov 23 13:11:24 2015 TLS: Initial packet from [AF_INET]216.151.180.2:443, sid=aad3ff40 72d53cab
Mon Nov 23 13:11:24 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Nov 23 13:11:25 2015 VERIFY OK: depth=1, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
Mon Nov 23 13:11:25 2015 VERIFY X509NAME OK: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
Mon Nov 23 13:11:25 2015 VERIFY OK: depth=0, /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=nyc-a01.ipvanish.com/emailAddress=support@ipvanish.com
Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Nov 23 13:11:25 2015 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Nov 23 13:11:25 2015 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Nov 23 13:11:25 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Mon Nov 23 13:11:25 2015 [nyc-a01.ipvanish.com] Peer Connection Initiated with [AF_INET]216.151.180.2:443
Mon Nov 23 13:11:27 2015 SENT CONTROL [nyc-a01.ipvanish.com]: 'PUSH_REQUEST' (status=1)
Mon Nov 23 13:11:27 2015 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 198.18.0.1,dhcp-option DNS 198.18.0.2,rcvbuf 262144,explicit-exit-notify 5,route-gateway 172.20.32.1,topology subnet,ping 20,ping-restart 40,ifconfig 172.20.32.71 255.255.252.0'
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: timers and/or timeouts modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: explicit notify parm(s) modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Mon Nov 23 13:11:27 2015 Socket Buffers: R=[131072->425984] S=[131072->131072]
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ifconfig/up options modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route options modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: route-related options modified
Mon Nov 23 13:11:27 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Nov 23 13:11:27 2015 ROUTE_GATEWAY 10.0.47.254/255.255.240.0 IFACE=wlan0 HWADDR=48:5a:b6:aa:19:17
Mon Nov 23 13:11:27 2015 TUN/TAP device tun0 opened
Mon Nov 23 13:11:27 2015 TUN/TAP TX queue length set to 100
Mon Nov 23 13:11:27 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Nov 23 13:11:27 2015 /sbin/ip link set dev tun0 up mtu 1500
Mon Nov 23 13:11:27 2015 /sbin/ip addr add dev tun0 172.20.32.71/22 broadcast 172.20.35.255
Mon Nov 23 13:11:27 2015 /sbin/ip route add 216.151.180.2/32 via 10.0.47.254
Mon Nov 23 13:11:27 2015 /sbin/ip route add 0.0.0.0/1 via 172.20.32.1
Mon Nov 23 13:11:27 2015 /sbin/ip route add 128.0.0.0/1 via 172.20.32.1
Mon Nov 23 13:11:27 2015 Initialization Sequence Completed
I assume that means it connected to the IPVanish server successfully but then when I tried to go online or ping www.google.com I realized I had no internet.
Here is the output of ifconfig when I'm connected to the IPVanish server
eth0 Link encap:Ethernet HWaddr 20:1a:06:cd:26:ef
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:18
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:25337 errors:0 dropped:0 overruns:0 frame:0
TX packets:25337 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14440746 (14.4 MB) TX bytes:14440746 (14.4 MB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:172.20.32.71 P-t-P:172.20.32.71 Mask:255.255.252.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:144 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:9401 (9.4 KB)
wlan0 Link encap:Ethernet HWaddr 48:5a:b6:aa:19:17
inet addr:10.0.42.167 Bcast:10.0.47.255 Mask:255.255.240.0
inet6 addr: fe80::4a5a:b6ff:feaa:1917/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:459377 errors:0 dropped:1 overruns:0 frame:0
TX packets:18214 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:71371126 (71.3 MB) TX bytes:3267392 (3.2 MB)
I'm fairly new to Linux and would really appreciate any help I can get on this. Thanks so much!
UPDATE
Traceroute to Google with VPN on
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 172.20.32.1 (172.20.32.1) 23.133 ms 25.232 ms 25.521 ms
2 64.145.79.1 (64.145.79.1) 26.103 ms 26.134 ms 26.165 ms
3 206.130.10.41 (206.130.10.41) 26.187 ms 26.210 ms 26.232 ms
4 209.85.244.157 (209.85.244.157) 26.357 ms 209.85.244.145 (209.85.244.145) 26.481 ms 209.85.244.153 (209.85.244.153) 26.444 ms
5 8.8.8.8 (8.8.8.8) 26.225 ms 26.255 ms 26.281 ms
Result of route command with VPN on
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
default 10.0.47.254 0.0.0.0 UG 0 0 0 wlan0
10.0.32.0 * 255.255.240.0 U 9 0 0 wlan0
128.0.0.0 172.20.32.1 128.0.0.0 UG 0 0 0 tun0
172.20.32.0 * 255.255.252.0 U 0 0 0 tun0
216.151.180.2 10.0.47.254 255.255.255.255 UGH 0 0 0 wlan0
linux debian linux-mint vpn openvpn
linux debian linux-mint vpn openvpn
edited Nov 23 '15 at 20:07
Nick Gilbert
asked Nov 23 '15 at 18:21
Nick GilbertNick Gilbert
10817
10817
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
First thing I'd do is a traceroute to a common internet server. 8.8.8.8 for google DNS is usually something you can always hit. I'd then suggest posting your routing table. ip r s
or simply route
It says it's configuring the routes but it would be good to see if those changes are being applied properly; and of course Traceroute will actually give you an indication of where the packets are also going.
Another thing of note is that it looks suspicious that your tunnel is sending packets but receiving.
Updated question
– Nick Gilbert
Nov 23 '15 at 20:07
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f244975%2fopenvpn-with-ipvanish-on-linux-mint-connects-but-no-internet-access%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
First thing I'd do is a traceroute to a common internet server. 8.8.8.8 for google DNS is usually something you can always hit. I'd then suggest posting your routing table. ip r s
or simply route
It says it's configuring the routes but it would be good to see if those changes are being applied properly; and of course Traceroute will actually give you an indication of where the packets are also going.
Another thing of note is that it looks suspicious that your tunnel is sending packets but receiving.
Updated question
– Nick Gilbert
Nov 23 '15 at 20:07
add a comment |
First thing I'd do is a traceroute to a common internet server. 8.8.8.8 for google DNS is usually something you can always hit. I'd then suggest posting your routing table. ip r s
or simply route
It says it's configuring the routes but it would be good to see if those changes are being applied properly; and of course Traceroute will actually give you an indication of where the packets are also going.
Another thing of note is that it looks suspicious that your tunnel is sending packets but receiving.
Updated question
– Nick Gilbert
Nov 23 '15 at 20:07
add a comment |
First thing I'd do is a traceroute to a common internet server. 8.8.8.8 for google DNS is usually something you can always hit. I'd then suggest posting your routing table. ip r s
or simply route
It says it's configuring the routes but it would be good to see if those changes are being applied properly; and of course Traceroute will actually give you an indication of where the packets are also going.
Another thing of note is that it looks suspicious that your tunnel is sending packets but receiving.
First thing I'd do is a traceroute to a common internet server. 8.8.8.8 for google DNS is usually something you can always hit. I'd then suggest posting your routing table. ip r s
or simply route
It says it's configuring the routes but it would be good to see if those changes are being applied properly; and of course Traceroute will actually give you an indication of where the packets are also going.
Another thing of note is that it looks suspicious that your tunnel is sending packets but receiving.
answered Nov 23 '15 at 19:52
c4iffordc4ifford
1
1
Updated question
– Nick Gilbert
Nov 23 '15 at 20:07
add a comment |
Updated question
– Nick Gilbert
Nov 23 '15 at 20:07
Updated question
– Nick Gilbert
Nov 23 '15 at 20:07
Updated question
– Nick Gilbert
Nov 23 '15 at 20:07
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f244975%2fopenvpn-with-ipvanish-on-linux-mint-connects-but-no-internet-access%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown