[SOLVED] VPN suddenly stops connecting

[SOLVED] VPN suddenly stops connecting

Postby mark9117 » Jul 5th, '13, 09:43

I have my desktop configured to use a vpn. I have two vpn's that I use from time to time. Suddenly two days ago, the machine stops connecting.

The tun0 device shows in ifconfig, but it has no ip address.

Code: Select all
# ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:19:D1:71:DD:E7 
          inet addr:192.168.1.106  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::219:d1ff:fe71:dde7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:17604 errors:0 dropped:0 overruns:0 frame:0
          TX packets:18377 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:10906653 (10.4 MiB)  TX bytes:3141598 (2.9 MiB)
          Interrupt:20 Memory:e0300000-e0320000

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:3285 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3285 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:265706 (259.4 KiB)  TX bytes:265706 (259.4 KiB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)


I was starting the vpn via the net applet, but that stopped working. I'm troubleshooting this thing from the command line running openvpn with the config files I've been using. The console shows nothing unusual -- the connections were working fine prior to a couple of days ago. At this point, I get a tun0 device in my ifconfig, but it never connects and never shows the tun0 interface in gkrellm. I am finding nothing in the log files -- it's just not connecting the tun0.

Here is the route:

Code: Select all
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.1.1     0.0.0.0         UG    10     0        0 eth0
anon-38-2.vpn.i 192.168.1.1     255.255.255.255 UGH   0      0        0 eth0
link-local      *               255.255.0.0     U     10     0        0 eth0
192.168.1.0     *               255.255.255.0   U     10     0        0 eth0


I'm pulling my hair out over this and not finding any help anywhere.
Can anyone help me?

Thanks.

Mark
Last edited by isadora on Jul 6th, '13, 07:55, edited 2 times in total.
Reason: Cosmetical alteration in subject. ;)
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.

Re: VPN suddenly stops connecting

Postby mark9117 » Jul 5th, '13, 10:15

This is a sample of what I'm talking about:

Code: Select all
# tcpdump -i tun0
tcpdump: WARNING: tun0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tun0, link-type RAW (Raw IP), capture size 65535 bytes
02:11:05.097502 IP anon-41-232.vpn.ipredator.se.58028 > all-systems.mcast.net.8612: UDP, length 16
02:11:06.054559 IP anon-41-223.vpn.ipredator.se.57278 > 239.255.255.250.1900: UDP, length 301
02:11:06.086725 IP anon-41-223.vpn.ipredator.se.57278 > 239.255.255.250.1900: UDP, length 301
02:11:06.112681 IP anon-41-223.vpn.ipredator.se.57278 > 239.255.255.250.1900: UDP, length 310
02:11:06.141735 IP anon-41-223.vpn.ipredator.se.57278 > 239.255.255.250.1900: UDP, length 310
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.

Re: VPN suddenly stops connecting

Postby digigold » Jul 5th, '13, 16:05

Have you checked the config files under /etc/sysconfig/network-scripts/vpn.d/openvpn/

If so post their contents.
"A mind that is stretched by a new experience can never go back to its old dimensions."
~Oliver Wendell Holmes, Jr.
User avatar
digigold
 
Posts: 150
Joined: May 9th, '12, 14:50
Location: Northern U.S.

Re: VPN suddenly stops connecting

Postby mark9117 » Jul 5th, '13, 19:44

I am currently trying to start these connections via the command line with those scripts. Everything looks good, no obvious, serious errors showing in standard output. The tun0 is assigned an ip address, but the tun0 in ifconfig has no ip address.

Here is the command:

Code: Select all
openvpn --config /etc/sysconfig/network-scripts/vpn.d/openvpn/Riseup.conf


The conf file looks a lot like this:

Code: Select all
client
dev tun
remote seattle.vpn.riseup.net
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/Riseup.ca.pem
verb 3


Understand there are other options in the conf, but this configuration worked for months until it quit. Increasing verbosity hasn't shown me anything.

The same config works on my laptop just fine.

I've fiddled with those setitings (compression, protocol, etc.) but they have no effect.

Tun0 is simply not getting an ip address.

I'm looking at a full reinstall unless I stumble onto a better idea.

Anybody got one?

Thanks.

Mark
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.

Re: VPN suddenly stops connecting

Postby mark9117 » Jul 6th, '13, 01:50

More info.

Starting the vpn shows this:
Code: Select all
# openvpn --config Riseup.conf
Fri Jul  5 17:41:10 2013 OpenVPN 2.3.1 i586-mageia-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [eurephia] [MH] [IPv6] built on Apr 16 2013
Fri Jul  5 17:41:10 2013 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Fri Jul  5 17:41:10 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Jul  5 17:41:10 2013 Socket Buffers: R=[180224->131072] S=[180224->131072]
Fri Jul  5 17:41:10 2013 UDPv4 link local: [undef]
Fri Jul  5 17:41:10 2013 UDPv4 link remote: [AF_INET]198.252.153.26:1194
Fri Jul  5 17:41:11 2013 TLS: Initial packet from [AF_INET]198.252.153.26:1194, sid=88d1f793 4102a927
Fri Jul  5 17:41:11 2013 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Jul  5 17:41:13 2013 VERIFY OK: depth=1, C=US, O=Riseup Networks, L=Seattle, ST=WA, CN=Riseup Networks, emailAddress=collective@riseup.net
Fri Jul  5 17:41:13 2013 VERIFY OK: depth=0, C=US, O=Riseup Networks, L=Seattle, ST=WA, CN=vpn.riseup.net
Fri Jul  5 17:41:14 2013 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Jul  5 17:41:14 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jul  5 17:41:14 2013 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Jul  5 17:41:14 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jul  5 17:41:14 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Fri Jul  5 17:41:14 2013 [vpn.riseup.net] Peer Connection Initiated with [AF_INET]198.252.153.26:1194
Fri Jul  5 17:41:17 2013 SENT CONTROL [vpn.riseup.net]: 'PUSH_REQUEST' (status=1)
Fri Jul  5 17:41:17 2013 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 172.27.0.1,route-gateway 172.27.0.1,topology subnet,ping 7,ping-restart 35,ifconfig 172.27.0.85 255.255.252.0'
Fri Jul  5 17:41:17 2013 OPTIONS IMPORT: timers and/or timeouts modified
Fri Jul  5 17:41:17 2013 OPTIONS IMPORT: --ifconfig/up options modified
Fri Jul  5 17:41:17 2013 OPTIONS IMPORT: route options modified
Fri Jul  5 17:41:17 2013 OPTIONS IMPORT: route-related options modified
Fri Jul  5 17:41:17 2013 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Jul  5 17:41:17 2013 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=eth0 HWADDR=00:19:d1:71:dd:e7
Fri Jul  5 17:41:17 2013 TUN/TAP device tun0 opened
Fri Jul  5 17:41:17 2013 TUN/TAP TX queue length set to 100
Fri Jul  5 17:41:17 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Jul  5 17:41:17 2013 /usr/sbin/ifconfig tun0 172.27.0.85 netmask 255.255.252.0 mtu 1500 broadcast 172.27.3.255
Fri Jul  5 17:41:17 2013 /usr/sbin/route add -net 198.252.153.26 netmask 255.255.255.255 gw 192.168.1.1
Fri Jul  5 17:41:17 2013 /usr/sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 172.27.0.1
Fri Jul  5 17:41:17 2013 /usr/sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 172.27.0.1
Fri Jul  5 17:41:17 2013 Initialization Sequence Completed


Attempts to ping the ip address assigned, 172.27.0.85 fails:

Code: Select all
# ping 172.27.0.85
PING 172.27.0.85 (172.27.0.85) 56(84) bytes of data.

--- 172.27.0.85 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4003ms


Route appears to be assigned:

Code: Select all
# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.1.1     0.0.0.0         UG    10     0        0 eth0
link-local      *               255.255.0.0     U     10     0        0 eth0
192.168.1.0     *               255.255.255.0   U     10     0        0 eth0
kite.riseup.net 192.168.1.1     255.255.255.255 UGH   0      0        0 eth0


I have no idea where to go with this.


Mark
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.

Re: VPN suddenly stops connecting

Postby mark9117 » Jul 6th, '13, 02:18

Another update.

I was able to get a tun1 to show up after doing

Code: Select all
ip addr add 172.27.0.2/24 dev tun0


This did not have the desired effect of connected the vpn, but when I ran the openvpn command to connect to the Riseup vpn, I got a tun1 interface. I didn't test it -- I don't want a tun1 interface, I want it to connect at tun0.

At any rate, I thought I'd mention that. Is a "tun0" device hung up somewhere?

Wondering.

Oh! Almost forgot. subsequent attempts to connect to the vpn after doing "ip addr del 172.27.0.2/24 dev tun0" produced this output in the standard out for the openvpn command:

Code: Select all
[63589.091043] IPv4: martian source 172.27.0.49 from 69.171.224.42, on dev tun0
[63592.324464] IPv4: martian source 172.27.0.49 from 117.80.62.50, on dev tun0
[63593.148272] IPv4: martian source 172.27.0.49 from 117.80.62.50, on dev tun0


What's that all about do you suppose?

Mark
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.

Re: VPN suddenly stops connecting

Postby mark9117 » Jul 6th, '13, 02:25

Should this file exist without a tun0 interface present?

Code: Select all
# ll /var/lib/dhclient/dhclient--tun0*
-rw-r--r-- 1 root root 0 Jul  5 18:22 /var/lib/dhclient/dhclient--tun0.lease


Mark

Never mind. I deleted it and it made no difference.
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.

Re: [Solved]VPN suddenly stops connecting

Postby mark9117 » Jul 6th, '13, 03:18

Okay, stand down. I repeat, stand down.

I went to the networking section of mcc with the intention of deleting my network connection and rebuilding it and I discovered that there was a "tun0" connection available. I deleted it. I was then able to start my vpn connections as per usual.

I don't know how that got stuck and I'd really like to have the 2 days I spent on it beck, but it is resolved as of now.

More later.

As you were.

Mark
Let's just reboot everything all the time.
User avatar
mark9117
 
Posts: 395
Joined: Sep 12th, '11, 20:32
Location: Eastern New Mexico -- Not Hell, but you can see it from here.

Re: [SOLVED] VPN suddenly stops connecting

Postby justlikened » Nov 27th, '15, 10:14

This tread is kind of old, but I have been having the same trouble with my openVPN-connection on Mageia 5. Deleting the all ready existing tun0 from the network section and setting up the firewall over again in MCC did the trick for me too.

Thank you mark9117.
justlikened
 
Posts: 1
Joined: Nov 8th, '15, 18:10


Return to Networking

Who is online

Users browsing this forum: No registered users and 1 guest