Attempting to use OpenVPN to connect to the TryHackMe server. I downloaded the config file from THM and ran into an error and came across this thread on the forum: viewtopic.php?t=34403
Tried following the thread and adding the data-ciphers line but im still getting an error/hung up.
Here's what prints to terminal
===================================================================================================================
2024-01-26 17:52:32 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2024-01-26 17:52:32 Note: cipher 'AES-256-CBC' in --data-ciphers is not supported by ovpn-dco, disabling data channel offload.
2024-01-26 17:52:32 OpenVPN 2.6.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
2024-01-26 17:52:32 library versions: OpenSSL 3.0.11 19 Sep 2023, LZO 2.10
2024-01-26 17:52:32 DCO version: N/A
2024-01-26 17:52:32 TCP/UDP: Preserving recently used remote address: [AF_INET]52.4.198.155:1194
2024-01-26 17:52:32 Socket Buffers: R=[212992->212992] S=[212992->212992]
2024-01-26 17:52:32 UDPv4 link local: (not bound)
2024-01-26 17:52:32 UDPv4 link remote: [AF_INET]52.4.198.155:1194
2024-01-26 17:52:32 TLS: Initial packet from [AF_INET]52.4.198.155:1194, sid=7455f2e5 37d0e2ca
2024-01-26 17:52:32 VERIFY OK: depth=1, CN=ChangeMe
2024-01-26 17:52:32 VERIFY KU OK
2024-01-26 17:52:32 Validating certificate extended key usage
2024-01-26 17:52:32 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2024-01-26 17:52:32 VERIFY EKU OK
2024-01-26 17:52:32 VERIFY OK: depth=0, CN=server
2024-01-26 17:52:32 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bits RSA, signature: RSA-SHA256, peer temporary key: 253 bits X25519
2024-01-26 17:52:32 [server] Peer Connection Initiated with [AF_INET]52.4.198.155:1194
2024-01-26 17:52:32 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2024-01-26 17:52:32 TLS: tls_multi_process: initial untrusted session promoted to trusted
2024-01-26 17:52:34 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2024-01-26 17:52:34 PUSH: Received control message: 'PUSH_REPLY,route 10.10.0.0 255.255.0.0,route-metric 1000,route-gateway 10.6.0.1,topology subnet,ping 5,ping-restart 120,ifconfig 10.6.27.236 255.255.128.0,peer-id 15'
2024-01-26 17:52:34 OPTIONS IMPORT: --ifconfig/up options modified
2024-01-26 17:52:34 OPTIONS IMPORT: route options modified
2024-01-26 17:52:34 OPTIONS IMPORT: route-related options modified
2024-01-26 17:52:34 Using peer cipher 'AES-256-CBC'
2024-01-26 17:52:34 net_route_v4_best_gw query: dst 0.0.0.0
2024-01-26 17:52:34 net_route_v4_best_gw result: via 10.0.2.2 dev eth0
2024-01-26 17:52:34 ROUTE_GATEWAY 10.0.2.2/255.255.255.0 IFACE=eth0 HWADDR=08:00:27:21:b1:d0
2024-01-26 17:52:34 TUN/TAP device tun0 opened
2024-01-26 17:52:34 net_iface_mtu_set: mtu 1500 for tun0
2024-01-26 17:52:34 net_iface_up: set tun0 up
2024-01-26 17:52:34 net_addr_v4_add: 10.6.27.236/17 dev tun0
2024-01-26 17:52:34 net_route_v4_add: 10.10.0.0/16 via 10.6.0.1 dev [NULL] table 0 metric 1000
2024-01-26 17:52:34 Initialization Sequence Completed
2024-01-26 17:52:34 Data Channel: cipher 'AES-256-CBC', auth 'SHA512', peer-id: 15
2024-01-26 17:52:34 Timers: ping 5, ping-restart 120
2024-01-26 17:52:34 Protocol options: explicit-exit-notify 3
Trouble with openvpn in Kali
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
SpeedyBoy89
- OpenVpn Newbie
- Posts: 1
- Joined: Fri Jan 26, 2024 10:53 pm
-
jakescooch11
- OpenVpn Newbie
- Posts: 1
- Joined: Sun Jan 28, 2024 6:40 pm
Re: Trouble with openvpn in Kali
I have the exact same issue.
I checked for updates, tried multiple regions including the VIP ones, deleted the old ones and restarted the VM every time, I tried following all the troubleshooting steps THM gives, and there are no forums other than this one that show the exact same reply from | sudo openvpn Downloads/xxx.ovpn |
I also tried restarting stopping starting from systemctl, to no avail
My issue is, when i run ifconfig -a it says openvpn is running, active, enabled. It also shows the matching tun0 ip on the top right of my screen saying I am indeed connected.
After 2+ hours, although the Access page says i'm not connected, and the dashboard shows "Access Machines" in red meaning i'm not connected, I clicked on the having problems link "If you can access 10.10.10.10, you're connected."
I can connect just fine to 10.10.10.10 but not my active machine
I checked for updates, tried multiple regions including the VIP ones, deleted the old ones and restarted the VM every time, I tried following all the troubleshooting steps THM gives, and there are no forums other than this one that show the exact same reply from | sudo openvpn Downloads/xxx.ovpn |
I also tried restarting stopping starting from systemctl, to no avail
My issue is, when i run ifconfig -a it says openvpn is running, active, enabled. It also shows the matching tun0 ip on the top right of my screen saying I am indeed connected.
After 2+ hours, although the Access page says i'm not connected, and the dashboard shows "Access Machines" in red meaning i'm not connected, I clicked on the having problems link "If you can access 10.10.10.10, you're connected."
I can connect just fine to 10.10.10.10 but not my active machine
-
maledisability
- OpenVpn Newbie
- Posts: 1
- Joined: Thu Apr 04, 2024 3:02 am
Re: Trouble with openvpn in Kali
I also encountered this problem. It displays the same information. Hopefully someone will help us fix this error.SpeedyBoy89 wrote: ↑Fri Jan 26, 2024 10:59 pmAttempting to use OpenVPN to connect to the TryHackMe server. I downloaded the config file from THM and ran into an error and came across this thread on the forum: viewtopic.php?t=34403
Tried following the thread and adding the data-ciphers line but im still getting an error/hung up.
Here's what prints to terminal
===================================================================================================================
2024-01-26 17:52:32 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2024-01-26 17:52:32 Note: cipher 'AES-256-CBC' in --data-ciphers is not supported by ovpn-dco, disabling data channel offload.
2024-01-26 17:52:32 OpenVPN 2.6.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
2024-01-26 17:52:32 library versions: OpenSSL 3.0.11 19 Sep 2023, LZO 2.10
2024-01-26 17:52:32 DCO version: N/A
2024-01-26 17:52:32 TCP/UDP: Preserving recently used remote address: [AF_INET]52.4.198.155:1194
2024-01-26 17:52:32 Socket Buffers: R=[212992->212992] S=[212992->212992]
2024-01-26 17:52:32 UDPv4 link local: (not bound)
2024-01-26 17:52:32 UDPv4 link remote: [AF_INET]52.4.198.155:1194
2024-01-26 17:52:32 TLS: Initial packet from [AF_INET]52.4.198.155:1194, sid=7455f2e5 37d0e2ca
2024-01-26 17:52:32 VERIFY OK: depth=1, CN=ChangeMe
2024-01-26 17:52:32 VERIFY KU OK
2024-01-26 17:52:32 Validating certificate extended key usage
2024-01-26 17:52:32 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2024-01-26 17:52:32 VERIFY EKU OK
2024-01-26 17:52:32 VERIFY OK: depth=0, CN=server
2024-01-26 17:52:32 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bits RSA, signature: RSA-SHA256, peer temporary key: 253 bits X25519
2024-01-26 17:52:32 [server] Peer Connection Initiated with [AF_INET]52.4.198.155:1194
2024-01-26 17:52:32 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2024-01-26 17:52:32 TLS: tls_multi_process: initial untrusted session promoted to trusted
2024-01-26 17:52:34 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2024-01-26 17:52:34 PUSH: Received control message: 'PUSH_REPLY,route 10.10.0.0 255.255.0.0,route-metric 1000,route-gateway 10.6.0.1,topology subnet,ping 5,ping-restart 120,ifconfig 10.6.27.236 255.255.128.0,peer-id 15'
2024-01-26 17:52:34 OPTIONS IMPORT: --ifconfig/up options modified
2024-01-26 17:52:34 OPTIONS IMPORT: route options modified
2024-01-26 17:52:34 OPTIONS IMPORT: route-related options modified
2024-01-26 17:52:34 Using peer cipher 'AES-256-CBC'
2024-01-26 17:52:34 net_route_v4_best_gw query: dst 0.0.0.0
2024-01-26 17:52:34 net_route_v4_best_gw result: via 10.0.2.2 dev eth0
2024-01-26 17:52:34 ROUTE_GATEWAY 10.0.2.2/255.255.255.0 IFACE=eth0 HWADDR=08:00:27:21:b1:d0
2024-01-26 17:52:34 TUN/TAP device tun0 opened
2024-01-26 17:52:34 net_iface_mtu_set: mtu 1500 for tun0
2024-01-26 17:52:34 net_iface_up: set tun0 up
2024-01-26 17:52:34 net_addr_v4_add: 10.6.27.236/17 dev tun0
2024-01-26 17:52:34 net_route_v4_add: 10.10.0.0/16 via 10.6.0.1 dev [NULL] table 0 metric 1000
2024-01-26 17:52:34 Initialization Sequence Completed
2024-01-26 17:52:34 Data Channel: cipher 'AES-256-CBC', auth 'SHA512', peer-id: 15
2024-01-26 17:52:34 Timers: ping 5, ping-restart 120
2024-01-26 17:52:34 Protocol options: explicit-exit-notify 3