Help: Linux client over 3g modem not connecting right

Scripts with setup, destroy, and modify routing tables and firewall rulesets for client connections.
timonaap1
OpenVPN User
Posts: 20
Joined: Thu Jan 19, 2017 6:46 am

Help: Linux client over 3g modem not connecting right

Postby timonaap1 » Thu Jan 19, 2017 7:24 am

Hello everybody,
To be able to ssh into a remotely located RPI I'm trying to connect it to my Openvpn server.
The server works with both a windows client and the RPI but when I'm trying to connect over a 3g modem on the PI i don't have internet acces anymore.
The connection is also broken after a minute or so and tries to reconnect but fails.
The problem is exactly the same as descibed in:

https://forums.openvpn.net/viewtopic.php?f=4&t=21844
https://forums.openvpn.net/viewtopic.php?t=21913

So I have tried the solution at the end of the second link but i'm stuck at an error running the up script.

Code: Select all

Thu Jan 19 07:48:19 2017 /etc/openvpn/up.sh tun0 1500 1570 10.8.0.2 255.255.255.0 init
Thu Jan 19 07:48:19 2017 WARNING: Failed running command (--up/--down): could not execute external program
Thu Jan 19 07:48:19 2017 Exiting due to fatal error


The solutions of both threads are nearly identical but i can't get the up script to run.
The scripts are executable by the way.
Any help would really be appreciated and don't be affraid to point out the obvious i'm and electronics engineering student so networking isn't really my strongsuit.

I added this at the bottom to the client configuration

Code: Select all

up /etc/openvpn/up.sh
down /etc/openvpn/down.sh


And here are the up and down scripts

Code: Select all

#!/sbin/bash
#up.sh
#Added the following two lines
umts_gateway=$(/sbin/ifconfig ppp0 | grep 'inet addr:' | cut -d: -f2 | awk '{ print $1}')
/sbin/ip route add $trusted_ip/32 via $umts_gateway


Code: Select all

#!/sbin/bash
#down.sh
#Added the line below
/sbin/ip route delete $trusted_ip

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2235
Joined: Fri Jun 03, 2016 1:17 pm

Re: Help: Linux client over 3g modem not connecting right

Postby TinCanTech » Thu Jan 19, 2017 11:10 am

Openvpn does not have $PATH, so all commands must be /full/path/to/command/command

eg: /bin/grep

timonaap1
OpenVPN User
Posts: 20
Joined: Thu Jan 19, 2017 6:46 am

Re: Help: Linux client over 3g modem not connecting right

Postby timonaap1 » Thu Jan 19, 2017 11:39 am

Thanks for the quick reply
Just tried

Code: Select all

#!/sbin/bash
#up.sh
#Added the following two lines
umts_gateway=$(/sbin/ifconfig ppp0 | /bin/grep 'inet addr:' | cut -d: -f2 | awk '{ print $1}')
/sbin/ip route add $trusted_ip/32 via $umts_gateway


and

Code: Select all

#!/sbin/bash
#up.sh
#Added the following two lines
umts_gateway=$(/sbin/ifconfig ppp0 | /bin/grep 'inet addr:' | /usr/bin/cut -d: -f2 | /usr/bin/awk '{ print $1}')
/sbin/ip route add $trusted_ip/32 via $umts_gateway


but i'm still comming up with the same warning

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2235
Joined: Fri Jun 03, 2016 1:17 pm

Re: Help: Linux client over 3g modem not connecting right

Postby TinCanTech » Thu Jan 19, 2017 11:46 am

Please post your server config file.

timonaap1
OpenVPN User
Posts: 20
Joined: Thu Jan 19, 2017 6:46 am

Re: Help: Linux client over 3g modem not connecting right

Postby timonaap1 » Thu Jan 19, 2017 11:56 am

Here is the server configuration and I'm using the following commands to get internet acces on the client side because I had an issue there too.

$ sudo /sbin/iptables -P FORWARD ACCEPT
$ sudo /sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE

Code: Select all

dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/server.crt
key /etc/openvpn/easy-rsa/pki/private/server.key
dh /etc/openvpn/easy-rsa/pki/dh2048.pem
topology subnet
server 10.8.0.0 255.255.255.0
# server and remote endpoints
ifconfig 10.8.0.1 10.8.0.2
# Add route to Client routing table for the OpenVPN Server
#push "route 10.8.0.1 255.255.255.255"
# Add route to Client routing table for the OPenVPN Subnet
#push "route 10.8.0.0 255.255.255.0"
# your local subnet
push "route 0.0.0.0"
# Set your primary domain name server address for clients
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
# Override the Client default gateway by using 0.0.0.0/1 and
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
client-to-client
duplicate-cn
keepalive 10 120
tls-version-min 1.2
tls-auth /etc/openvpn/easy-rsa/pki/ta.key 0
cipher AES-256-CBC
auth SHA256
comp-lzo
user root
group root
persist-key
persist-tun
#crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
log /var/log/openvpn.log
verb 1
# Generated for use by PiVPN.io

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2235
Joined: Fri Jun 03, 2016 1:17 pm

Re: Help: Linux client over 3g modem not connecting right

Postby TinCanTech » Thu Jan 19, 2017 12:09 pm

hehe .. sorry i meant client config file :D

timonaap1
OpenVPN User
Posts: 20
Joined: Thu Jan 19, 2017 6:46 am

Re: Help: Linux client over 3g modem not connecting right

Postby timonaap1 » Thu Jan 19, 2017 12:14 pm

No problemo

Code: Select all

client
dev tun
proto udp
remote x.x.x.x 1194
resolv-retry infinite
nobind
persist-key
persist-tun
key-direction 1
remote-cert-tls server
tls-version-min 1.2
verify-x509-name server name
cipher AES-256-CBC
auth SHA256
comp-lzo
verb 1
<ca>
-----BEGIN CERTIFICATE-----

-----END OpenVPN Static key V1-----
</tls-auth>

up /etc/openvpn/up.sh
down /etc/openvpn/down.sh

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2235
Joined: Fri Jun 03, 2016 1:17 pm

Re: Help: Linux client over 3g modem not connecting right

Postby TinCanTech » Thu Jan 19, 2017 12:32 pm

So what result do you get if you run the script from outside of openvpn ?

I think you need to add this to the client config:

Code: Select all

script-security 2
See --script-security in The Manual v23x -- or the 2.4 manual .. the same applies.

timonaap1
OpenVPN User
Posts: 20
Joined: Thu Jan 19, 2017 6:46 am

Re: Help: Linux client over 3g modem not connecting right

Postby timonaap1 » Thu Jan 19, 2017 12:46 pm

Executing the script gives the following error:
Failed to execute child process "/etc/openvpn/up.sh" (no such file or directory)

and in the terminal i get
ppp0: error fetching interface information: Device not found
Error: an inet prefix is expected rather than "/32".

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2235
Joined: Fri Jun 03, 2016 1:17 pm

Re: Help: Linux client over 3g modem not connecting right

Postby TinCanTech » Thu Jan 19, 2017 12:59 pm

timonaap1 wrote:Executing the script gives the following error:
Failed to execute child process "/etc/openvpn/up.sh" (no such file or directory)
I have no idea what crazy thing you did there ..

timonaap1 wrote:and in the terminal i get
ppp0: error fetching interface information: Device not found
Error: an inet prefix is expected rather than "/32".
I presume the stick is plugged in ?

Also:
TinCanTech wrote:I think you need to add this to the client config:

Code: Select all

script-security 2
See --script-security in The Manual v23x -- or the 2.4 manual .. the same applies.
    :roll:

timonaap1
OpenVPN User
Posts: 20
Joined: Thu Jan 19, 2017 6:46 am

Re: Help: Linux client over 3g modem not connecting right

Postby timonaap1 » Thu Jan 19, 2017 1:12 pm

i switched to ethernet for ssh file transfer but with the stick plugged in i still have this error:

Error: an inet prefix is expected rather than "/32".

And have been opening openvpn with the following command:

sudo openvpn --config client.ovpn --script-security 2

Putting the script-security it into the client config made no difference.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2235
Joined: Fri Jun 03, 2016 1:17 pm

Re: Help: Linux client over 3g modem not connecting right

Postby TinCanTech » Thu Jan 19, 2017 1:17 pm

timonaap1 wrote:i switched to ethernet for ssh file transfer but
Can you not use this setup for openvpn ?

timonaap1 wrote:with the stick plugged in i still have this error:

Error: an inet prefix is expected rather than "/32".
This means the script has not detected your IP address ..

Setup the Pi the way you want it to work and then do ifconfig and post results.

timonaap1
OpenVPN User
Posts: 20
Joined: Thu Jan 19, 2017 6:46 am

Re: Help: Linux client over 3g modem not connecting right

Postby timonaap1 » Thu Jan 19, 2017 1:24 pm

Here's the ifconfig

Code: Select all

eth0      Link encap:Ethernet  HWaddr b8:27:eb:4c:53:c5 
          inet6 addr: fe80::a74d:ae1c:1ba6:71e2/64 Scope:Link
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:289 errors:0 dropped:0 overruns:0 frame:0
          TX packets:289 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:23204 (22.6 KiB)  TX bytes:23204 (22.6 KiB)

ppp0      Link encap:Point-to-Point Protocol 
          inet addr:10.211.41.37  P-t-P:10.64.64.64  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:536 errors:0 dropped:0 overruns:0 frame:0
          TX packets:542 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:63356 (61.8 KiB)  TX bytes:65767 (64.2 KiB)

wwan0     Link encap:Ethernet  HWaddr 58:2c:80:13:92:63 
          inet addr:169.254.169.80  Bcast:169.254.255.255  Mask:255.255.0.0
          inet6 addr: fe80::3d2:b0ae:25df:f0c5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:54 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:13671 (13.3 KiB)

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2235
Joined: Fri Jun 03, 2016 1:17 pm

Re: Help: Linux client over 3g modem not connecting right

Postby TinCanTech » Thu Jan 19, 2017 1:30 pm

And so with this setup:
timonaap1 wrote:

Code: Select all

ppp0      Link encap:Point-to-Point Protocol
          inet addr:10.211.41.37  P-t-P:10.64.64.64  Mask:255.255.255.255
run this command from the script on your terminal .. eg: {as root}

Code: Select all

echo $(/sbin/ifconfig ppp0 | /bin/grep 'inet addr:' | /usr/bin/cut -d: -f2 | /usr/bin/awk '{ print $1}')
I am sure you will be able to debug the resulting output ..

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2235
Joined: Fri Jun 03, 2016 1:17 pm

Re: Help: Linux client over 3g modem not connecting right

Postby TinCanTech » Thu Jan 19, 2017 2:26 pm

TinCanTech wrote:
timonaap1 wrote:with the stick plugged in i still have this error:

Error: an inet prefix is expected rather than "/32".
This means the script has not detected your IP address ...
Hmm .. infact, this error means something else .. looking into it now.


Return to “Routing and Firewall Scripts”

Who is online

Users browsing this forum: No registered users and 1 guest