Connect to VPN server but can't browse the internet

This forum is for general conversation and user-user networking.
Post Reply
stu_mchugh
OpenVpn Newbie
Posts: 1
Joined: Sun Dec 23, 2018 2:51 pm

Connect to VPN server but can't browse the internet

Post by stu_mchugh » Sun Dec 23, 2018 2:55 pm

Hi,

I'm using the OpenVPN client on my tomato router (Linksys E1200) and from what I can see from the logs successfully connect to a VPN server. Once i have connected my client machine can't browse the internet. I can ping the default gateway and can also ping the VPN server I'm connected too but can't browse beyond that. Any ides's?

Many Thanks

Here's the logs:

Dec 23 15:55:37 RT-24f5a216f1b4 user.info kernel: tun: Universal TUN/TAP device driver, 1.6
Dec 23 15:55:37 RT-24f5a216f1b4 user.info kernel: tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
Dec 23 15:55:37 RT-24f5a216f1b4 daemon.notice openvpn[31632]: OpenVPN 2.3.6 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Dec 24 2014
Dec 23 15:55:37 RT-24f5a216f1b4 daemon.notice openvpn[31632]: library versions: OpenSSL 1.0.1j 15 Oct 2014, LZO 2.08
Dec 23 15:55:37 RT-24f5a216f1b4 daemon.warn openvpn[31632]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 23 15:55:37 RT-24f5a216f1b4 daemon.notice openvpn[31632]: Control Channel Authentication: using 'static.key' as a OpenVPN static key file
Dec 23 15:55:37 RT-24f5a216f1b4 daemon.notice openvpn[31632]: Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Dec 23 15:55:37 RT-24f5a216f1b4 daemon.notice openvpn[31632]: Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Dec 23 15:55:37 RT-24f5a216f1b4 daemon.notice openvpn[31632]: Socket Buffers: R=[87380->131072] S=[16384->131072]
Dec 23 15:55:37 RT-24f5a216f1b4 daemon.notice openvpn[31638]: Attempting to establish TCP connection with [AF_INET]81.92.203.37:443 [nonblock]
Dec 23 15:55:38 RT-24f5a216f1b4 daemon.notice openvpn[31638]: TCP connection established with [AF_INET]81.92.203.37:443
Dec 23 15:55:38 RT-24f5a216f1b4 daemon.notice openvpn[31638]: TCPv4_CLIENT link local: [undef]
Dec 23 15:55:38 RT-24f5a216f1b4 daemon.notice openvpn[31638]: TCPv4_CLIENT link remote: [AF_INET]81.92.203.37:443
Dec 23 15:55:38 RT-24f5a216f1b4 daemon.notice openvpn[31638]: TLS: Initial packet from [AF_INET]81.92.203.37:443, sid=799bb7b4 73dcf761
Dec 23 15:55:38 RT-24f5a216f1b4 daemon.warn openvpn[31638]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Dec 23 15:55:38 RT-24f5a216f1b4 daemon.notice openvpn[31638]: VERIFY OK: depth=1, C=PA, ST=PA, L=Panama, O=NordVPN, OU=NordVPN, CN=uk260.nordvpn.com, name=NordVPN, emailAddress=cert@nordvpn.com
Dec 23 15:55:38 RT-24f5a216f1b4 daemon.notice openvpn[31638]: Validating certificate key usage
Dec 23 15:55:38 RT-24f5a216f1b4 daemon.notice openvpn[31638]: ++ Certificate has key usage 00a0, expects 00a0
Dec 23 15:55:38 RT-24f5a216f1b4 daemon.notice openvpn[31638]: VERIFY KU OK
Dec 23 15:55:38 RT-24f5a216f1b4 daemon.notice openvpn[31638]: Validating certificate extended key usage
Dec 23 15:55:38 RT-24f5a216f1b4 daemon.notice openvpn[31638]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Dec 23 15:55:38 RT-24f5a216f1b4 daemon.notice openvpn[31638]: VERIFY EKU OK
Dec 23 15:55:38 RT-24f5a216f1b4 daemon.notice openvpn[31638]: VERIFY OK: depth=0, C=PA, ST=PA, L=Panama, O=NordVPN, OU=NordVPN, CN=uk260.nordvpn.com, name=NordVPN, emailAddress=cert@nordvpn.com
Dec 23 15:55:39 RT-24f5a216f1b4 daemon.notice openvpn[31638]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Dec 23 15:55:39 RT-24f5a216f1b4 daemon.notice openvpn[31638]: Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Dec 23 15:55:39 RT-24f5a216f1b4 daemon.notice openvpn[31638]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Dec 23 15:55:39 RT-24f5a216f1b4 daemon.notice openvpn[31638]: Data Channel Decrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Dec 23 15:55:39 RT-24f5a216f1b4 daemon.notice openvpn[31638]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Dec 23 15:55:39 RT-24f5a216f1b4 daemon.notice openvpn[31638]: [uk260.nordvpn.com] Peer Connection Initiated with [AF_INET]81.92.203.37:443
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.err openvpn[31638]: event_wait : Interrupted system call (code=4)
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: OpenVPN STATISTICS
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: Updated,Sun Dec 23 15:55:41 2018
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: TUN/TAP read bytes,0
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: TUN/TAP write bytes,0
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: TCP/UDP read bytes,4905
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: TCP/UDP write bytes,2001
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: Auth read bytes,0
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: END
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: SENT CONTROL [uk260.nordvpn.com]: 'PUSH_REQUEST' (status=1)
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,sndbuf 524288,rcvbuf 524288,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,comp-lzo no,route-gateway 10.7.7.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.7.7.135 255.255.255.0,peer-id 0'
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: OPTIONS IMPORT: timers and/or timeouts modified
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: Socket Buffers: R=[131072->225280] S=[131072->225280]
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: OPTIONS IMPORT: --ifconfig/up options modified
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: OPTIONS IMPORT: route options modified
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: OPTIONS IMPORT: route-related options modified
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: OPTIONS IMPORT: peer-id set
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: TUN/TAP device tun11 opened
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: TUN/TAP TX queue length set to 100
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: /sbin/ifconfig tun11 10.7.7.135 netmask 255.255.255.0 mtu 1500 broadcast 10.7.7.255
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.notice openvpn[31638]: updown.sh tun11 1500 1635 10.7.7.135 255.255.255.0 init
Dec 23 15:55:41 RT-24f5a216f1b4 daemon.info dnsmasq[26524]: exiting on receipt of SIGTERM
Dec 23 15:55:41 RT-24f5a216f1b4 user.debug init[1]: 182: pptp peerdns disabled
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.info dnsmasq[31698]: started, version 2.71 cachesize 1500
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.info dnsmasq[31698]: compile time options: IPv6 GNU-getopt no-RTC no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset Tomato-helper auth no-DNSSEC
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.info dnsmasq[31698]: asynchronous logging enabled, queue limit is 5 messages
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.info dnsmasq-dhcp[31698]: DHCP, IP range 10.0.0.100 -- 10.0.0.150, lease time 1d
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.info dnsmasq[31698]: reading /etc/resolv.dnsmasq
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.info dnsmasq[31698]: using nameserver 103.86.96.100#53
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.info dnsmasq[31698]: using nameserver 103.86.99.100#53
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.info dnsmasq[31698]: using nameserver 103.86.96.100#53
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.info dnsmasq[31698]: using nameserver 8.8.8.8#53
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.info dnsmasq[31698]: using nameserver 192.168.1.254#53
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.info dnsmasq[31698]: read /etc/hosts - 2 addresses
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.info dnsmasq[31698]: read /etc/dnsmasq/hosts/hosts - 1 addresses
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.info dnsmasq-dhcp[31698]: read /etc/dnsmasq/dhcp/dhcp-hosts
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.notice openvpn[31638]: /sbin/route add -net 81.92.203.37 netmask 255.255.255.255 gw 192.168.1.254
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.notice openvpn[31638]: /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.7.7.1
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.notice openvpn[31638]: /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.7.7.1
Dec 23 15:55:42 RT-24f5a216f1b4 daemon.notice openvpn[31638]: Initialization Sequence Completed

atclaus
OpenVpn Newbie
Posts: 8
Joined: Mon Dec 31, 2018 5:44 pm

Re: Connect to VPN server but can't browse the internet

Post by atclaus » Mon Dec 31, 2018 6:21 pm

what are your NAT forwarding rules in your firewall?

Post Reply