Page 1 of 1
Destination Host Unreachable
Posted: Sun Sep 20, 2015 7:04 am
by danbo
i'm trying to connect to a company net with a client.ovpn that works on Windows systems but not in Ubuntu (12.04).
I normally use Windows to connect the company VPN, but now I need to use Ubuntu
note: i can just operate client side (and i don't know server side settings), i've just the client.ovpn (with certificates) to connect
after running the "sudo openvpn client.ovpn"
- the client connect ("Initialization Sequence Complete")
- the traffic (on tun0) flows
- whatismyip gives me the right IP (IP of the server)
BUT when i try to ping the address I need through the tunnel i have this (example):
PING 192.168.1.251 (192.168.1.251) 56(84) bytes of data.
From 192.168.1.17 icmp_seq=1 Destination Host Unreachable
From 192.168.1.17 icmp_seq=2 Destination Host Unreachable
From 192.168.1.17 icmp_seq=3 Destination Host Unreachable
with Windows this is just fine, and I can reach to the address I need, with the same client.ovpn
trying to solve this i looked into the forum and man for:
- iptables (disabling it)
- ip forwarding (enabling it)
- dns with update-resolv.conf (messing it:)
before posting pages and pages of verbose terminal lines...
I'm missing something?
does someone have any idea?
thank you in advance
Re: Destination Host Unreachable
Posted: Mon Sep 21, 2015 10:51 am
by Traffic
danbo wrote:I normally use Windows to connect the company VPN, but now I need to use Ubuntu
You would be better off asking the network admins at
the Company ..
danbo wrote:BUT when i try to ping the address I need through the tunnel i have this (example):
PING 192.168.1.251 (192.168.1.251) 56(84) bytes of data.
From 192.168.1.17 icmp_seq=1 Destination Host Unreachable
This
suggests 192.168.1.251 has been turned off.
Re: Destination Host Unreachable
Posted: Mon Sep 21, 2015 11:40 am
by danbo
thank you for your reply
I've asked the adimns too, indeed, but we can't sort it out.
It seems to be a Linux related problem, because we tried to connect with a Windows notebook from the same place (and same router), and the connection works, so I'm sure 192.168.1.251 is not turned off.
the company solution is to use Windows, but it's a problem to me.
I spent hours googling about this issue, but I can't find a solution...
Re: Destination Host Unreachable
Posted: Tue Sep 22, 2015 10:17 am
by danbo
thank you for your reply
we assume it's a Linux related problem because I can connect with a Windows notebook from the same place (and same router), so the host is surely not turned off.
I spent hours googlin' trying to find a solution, but no way to make it work...
I can post some log if useful.
thank you!
Re: Destination Host Unreachable
Posted: Tue Sep 22, 2015 11:24 am
by Traffic
danbo wrote:I can post some log if useful
You could .. but server config is more important.
Please see the
Forum rules (top of page)
Re: Destination Host Unreachable
Posted: Tue Sep 22, 2015 8:24 pm
by danbo
Code: Select all
sudo openvpn client.ovpn
[sudo] password for danilo:
Tue Sep 22 22:07:56 2015 us=759793 Current Parameter Settings:
Tue Sep 22 22:07:56 2015 us=759990 config = 'client.ovpn'
Tue Sep 22 22:07:56 2015 us=760093 mode = 0
Tue Sep 22 22:07:56 2015 us=760130 persist_config = DISABLED
Tue Sep 22 22:07:56 2015 us=760168 persist_mode = 1
Tue Sep 22 22:07:56 2015 us=760222 show_ciphers = DISABLED
Tue Sep 22 22:07:56 2015 us=760277 show_digests = DISABLED
Tue Sep 22 22:07:56 2015 us=760328 show_engines = DISABLED
Tue Sep 22 22:07:56 2015 us=760365 genkey = DISABLED
Tue Sep 22 22:07:56 2015 us=760418 key_pass_file = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=760471 show_tls_ciphers = DISABLED
Tue Sep 22 22:07:56 2015 us=760519 Connection profiles [default]:
Tue Sep 22 22:07:56 2015 us=760561 proto = udp
Tue Sep 22 22:07:56 2015 us=760601 local = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=760641 local_port = 0
Tue Sep 22 22:07:56 2015 us=760680 remote = '188.15.62.196'
Tue Sep 22 22:07:56 2015 us=760723 remote_port = 1194
Tue Sep 22 22:07:56 2015 us=760761 remote_float = DISABLED
Tue Sep 22 22:07:56 2015 us=760796 bind_defined = DISABLED
Tue Sep 22 22:07:56 2015 us=760835 bind_local = DISABLED
Tue Sep 22 22:07:56 2015 us=760876 connect_retry_seconds = 5
Tue Sep 22 22:07:56 2015 us=760917 connect_timeout = 10
Tue Sep 22 22:07:56 2015 us=760957 connect_retry_max = 0
Tue Sep 22 22:07:56 2015 us=761000 socks_proxy_server = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=761037 socks_proxy_port = 0
Tue Sep 22 22:07:56 2015 us=761072 socks_proxy_retry = DISABLED
Tue Sep 22 22:07:56 2015 us=761113 Connection profiles END
Tue Sep 22 22:07:56 2015 us=761157 remote_random = DISABLED
Tue Sep 22 22:07:56 2015 us=761195 ipchange = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=761238 dev = 'tun'
Tue Sep 22 22:07:56 2015 us=761274 dev_type = 'tun'
Tue Sep 22 22:07:56 2015 us=761313 dev_node = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=761354 lladdr = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=761393 topology = 1
Tue Sep 22 22:07:56 2015 us=761435 tun_ipv6 = DISABLED
Tue Sep 22 22:07:56 2015 us=761476 ifconfig_local = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=761519 ifconfig_remote_netmask = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=761558 ifconfig_noexec = DISABLED
Tue Sep 22 22:07:56 2015 us=761600 ifconfig_nowarn = DISABLED
Tue Sep 22 22:07:56 2015 us=761640 ifconfig_ipv6_local = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=761682 ifconfig_ipv6_netbits = 0
Tue Sep 22 22:07:56 2015 us=761719 ifconfig_ipv6_remote = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=761758 shaper = 0
Tue Sep 22 22:07:56 2015 us=761800 tun_mtu = 1500
Tue Sep 22 22:07:56 2015 us=761838 tun_mtu_defined = ENABLED
Tue Sep 22 22:07:56 2015 us=761880 link_mtu = 1500
Tue Sep 22 22:07:56 2015 us=761916 link_mtu_defined = DISABLED
Tue Sep 22 22:07:56 2015 us=761955 tun_mtu_extra = 0
Tue Sep 22 22:07:56 2015 us=761990 tun_mtu_extra_defined = DISABLED
Tue Sep 22 22:07:56 2015 us=762029 fragment = 0
Tue Sep 22 22:07:56 2015 us=762071 mtu_discover_type = -1
Tue Sep 22 22:07:56 2015 us=762114 mtu_test = 0
Tue Sep 22 22:07:56 2015 us=762153 mlock = DISABLED
Tue Sep 22 22:07:56 2015 us=762194 keepalive_ping = 0
Tue Sep 22 22:07:56 2015 us=762233 keepalive_timeout = 0
Tue Sep 22 22:07:56 2015 us=762275 inactivity_timeout = 0
Tue Sep 22 22:07:56 2015 us=762313 ping_send_timeout = 0
Tue Sep 22 22:07:56 2015 us=762351 ping_rec_timeout = 0
Tue Sep 22 22:07:56 2015 us=762397 ping_rec_timeout_action = 0
Tue Sep 22 22:07:56 2015 us=762439 ping_timer_remote = DISABLED
Tue Sep 22 22:07:56 2015 us=762482 remap_sigusr1 = 0
Tue Sep 22 22:07:56 2015 us=762520 explicit_exit_notification = 0
Tue Sep 22 22:07:56 2015 us=762564 persist_tun = DISABLED
Tue Sep 22 22:07:56 2015 us=762605 persist_local_ip = DISABLED
Tue Sep 22 22:07:56 2015 us=762643 persist_remote_ip = DISABLED
Tue Sep 22 22:07:56 2015 us=762685 persist_key = DISABLED
Tue Sep 22 22:07:56 2015 us=762724 mssfix = 1450
Tue Sep 22 22:07:56 2015 us=762766 passtos = DISABLED
Tue Sep 22 22:07:56 2015 us=762805 resolve_retry_seconds = 1000000000
Tue Sep 22 22:07:56 2015 us=762840 username = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=762872 groupname = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=762905 chroot_dir = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=762938 cd_dir = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=762971 writepid = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=763005 up_script = '/etc/openvpn/update-resolv-conf'
Tue Sep 22 22:07:56 2015 us=763039 down_script = '/etc/openvpn/update-resolv-conf'
Tue Sep 22 22:07:56 2015 us=763073 down_pre = DISABLED
Tue Sep 22 22:07:56 2015 us=763105 up_restart = DISABLED
Tue Sep 22 22:07:56 2015 us=763138 up_delay = DISABLED
Tue Sep 22 22:07:56 2015 us=763171 daemon = DISABLED
Tue Sep 22 22:07:56 2015 us=763204 inetd = 0
Tue Sep 22 22:07:56 2015 us=763237 log = DISABLED
Tue Sep 22 22:07:56 2015 us=763271 suppress_timestamps = DISABLED
Tue Sep 22 22:07:56 2015 us=763307 nice = 0
Tue Sep 22 22:07:56 2015 us=763340 verbosity = 5
Tue Sep 22 22:07:56 2015 us=763373 mute = 0
Tue Sep 22 22:07:56 2015 us=763405 gremlin = 0
Tue Sep 22 22:07:56 2015 us=763438 status_file = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=763471 status_file_version = 1
Tue Sep 22 22:07:56 2015 us=763505 status_file_update_freq = 60
Tue Sep 22 22:07:56 2015 us=763560 occ = ENABLED
Tue Sep 22 22:07:56 2015 us=763596 rcvbuf = 100000
Tue Sep 22 22:07:56 2015 us=763629 sndbuf = 100000
Tue Sep 22 22:07:56 2015 us=763661 sockflags = 0
Tue Sep 22 22:07:56 2015 us=763694 fast_io = DISABLED
Tue Sep 22 22:07:56 2015 us=763728 lzo = 1
Tue Sep 22 22:07:56 2015 us=763760 route_script = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=763794 route_default_gateway = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=763827 route_default_metric = 0
Tue Sep 22 22:07:56 2015 us=763860 route_noexec = DISABLED
Tue Sep 22 22:07:56 2015 us=763893 route_delay = 0
Tue Sep 22 22:07:56 2015 us=763926 route_delay_window = 30
Tue Sep 22 22:07:56 2015 us=763959 route_delay_defined = DISABLED
Tue Sep 22 22:07:56 2015 us=763993 route_nopull = DISABLED
Tue Sep 22 22:07:56 2015 us=764026 route_gateway_via_dhcp = DISABLED
Tue Sep 22 22:07:56 2015 us=764060 max_routes = 100
Tue Sep 22 22:07:56 2015 us=764093 allow_pull_fqdn = DISABLED
Tue Sep 22 22:07:56 2015 us=764127 management_addr = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=764160 management_port = 0
Tue Sep 22 22:07:56 2015 us=764193 management_user_pass = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=764227 management_log_history_cache = 250
Tue Sep 22 22:07:56 2015 us=764260 management_echo_buffer_size = 100
Tue Sep 22 22:07:56 2015 us=764294 management_write_peer_info_file = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=764328 management_client_user = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=764362 management_client_group = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=764395 management_flags = 0
Tue Sep 22 22:07:56 2015 us=764429 shared_secret_file = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=764463 key_direction = 2
Tue Sep 22 22:07:56 2015 us=764496 ciphername_defined = ENABLED
Tue Sep 22 22:07:56 2015 us=764529 ciphername = 'BF-CBC'
Tue Sep 22 22:07:56 2015 us=764562 authname_defined = ENABLED
Tue Sep 22 22:07:56 2015 us=764596 authname = 'SHA1'
Tue Sep 22 22:07:56 2015 us=764629 prng_hash = 'SHA1'
Tue Sep 22 22:07:56 2015 us=764662 prng_nonce_secret_len = 16
Tue Sep 22 22:07:56 2015 us=764695 keysize = 0
Tue Sep 22 22:07:56 2015 us=764728 engine = DISABLED
Tue Sep 22 22:07:56 2015 us=764761 replay = ENABLED
Tue Sep 22 22:07:56 2015 us=764795 mute_replay_warnings = DISABLED
Tue Sep 22 22:07:56 2015 us=764828 replay_window = 64
Tue Sep 22 22:07:56 2015 us=764861 replay_time = 15
Tue Sep 22 22:07:56 2015 us=764893 packet_id_file = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=764926 use_iv = ENABLED
Tue Sep 22 22:07:56 2015 us=764959 test_crypto = DISABLED
Tue Sep 22 22:07:56 2015 us=764994 tls_server = DISABLED
Tue Sep 22 22:07:56 2015 us=765027 tls_client = ENABLED
Tue Sep 22 22:07:56 2015 us=765061 key_method = 2
Tue Sep 22 22:07:56 2015 us=765093 ca_file = '[[INLINE]]'
Tue Sep 22 22:07:56 2015 us=765125 ca_path = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=765157 dh_file = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=765189 cert_file = '[[INLINE]]'
Tue Sep 22 22:07:56 2015 us=765223 priv_key_file = '[[INLINE]]'
Tue Sep 22 22:07:56 2015 us=765255 pkcs12_file = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=765287 cipher_list = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=765319 tls_verify = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=765352 tls_export_cert = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=765384 tls_remote = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=765416 crl_file = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=765449 ns_cert_type = 64
Tue Sep 22 22:07:56 2015 us=765481 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765513 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765545 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765577 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765609 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765641 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765673 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765704 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765737 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765768 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765800 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765832 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765865 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765897 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765929 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765961 remote_cert_ku[i] = 0
Tue Sep 22 22:07:56 2015 us=765993 remote_cert_eku = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=766026 tls_timeout = 2
Tue Sep 22 22:07:56 2015 us=766058 renegotiate_bytes = 0
Tue Sep 22 22:07:56 2015 us=766089 renegotiate_packets = 0
Tue Sep 22 22:07:56 2015 us=766122 renegotiate_seconds = 604800
Tue Sep 22 22:07:56 2015 us=766154 handshake_window = 60
Tue Sep 22 22:07:56 2015 us=766187 transition_window = 3600
Tue Sep 22 22:07:56 2015 us=766219 single_session = DISABLED
Tue Sep 22 22:07:56 2015 us=766251 push_peer_info = DISABLED
Tue Sep 22 22:07:56 2015 us=766284 tls_exit = DISABLED
Tue Sep 22 22:07:56 2015 us=766316 tls_auth_file = '[[INLINE]]'
Tue Sep 22 22:07:56 2015 us=766349 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766383 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766417 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766449 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766482 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766515 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766548 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766581 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766614 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766647 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766682 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766715 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766747 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766781 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766814 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766846 pkcs11_protected_authentication = DISABLED
Tue Sep 22 22:07:56 2015 us=766881 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=766915 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=766948 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=766981 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=767014 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=767046 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=767079 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=767112 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=767144 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=767177 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=767210 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=767242 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=767275 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=767308 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=767340 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=767373 pkcs11_private_mode = 00000000
Tue Sep 22 22:07:56 2015 us=767406 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767438 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767471 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767504 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767563 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767599 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767632 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767664 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767697 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767730 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767763 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767797 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767830 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767863 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767898 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767932 pkcs11_cert_private = DISABLED
Tue Sep 22 22:07:56 2015 us=767965 pkcs11_pin_cache_period = -1
Tue Sep 22 22:07:56 2015 us=767999 pkcs11_id = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=768032 pkcs11_id_management = DISABLED
Tue Sep 22 22:07:56 2015 us=768084 server_network = 0.0.0.0
Tue Sep 22 22:07:56 2015 us=768123 server_netmask = 0.0.0.0
Tue Sep 22 22:07:56 2015 us=768163 server_network_ipv6 = ::
Tue Sep 22 22:07:56 2015 us=768197 server_netbits_ipv6 = 0
Tue Sep 22 22:07:56 2015 us=768232 server_bridge_ip = 0.0.0.0
Tue Sep 22 22:07:56 2015 us=768269 server_bridge_netmask = 0.0.0.0
Tue Sep 22 22:07:56 2015 us=768304 server_bridge_pool_start = 0.0.0.0
Tue Sep 22 22:07:56 2015 us=768340 server_bridge_pool_end = 0.0.0.0
Tue Sep 22 22:07:56 2015 us=768374 ifconfig_pool_defined = DISABLED
Tue Sep 22 22:07:56 2015 us=768411 ifconfig_pool_start = 0.0.0.0
Tue Sep 22 22:07:56 2015 us=768447 ifconfig_pool_end = 0.0.0.0
Tue Sep 22 22:07:56 2015 us=771123 ifconfig_pool_netmask = 0.0.0.0
Tue Sep 22 22:07:56 2015 us=771190 ifconfig_pool_persist_filename = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=771227 ifconfig_pool_persist_refresh_freq = 600
Tue Sep 22 22:07:56 2015 us=771262 ifconfig_ipv6_pool_defined = DISABLED
Tue Sep 22 22:07:56 2015 us=771299 ifconfig_ipv6_pool_base = ::
Tue Sep 22 22:07:56 2015 us=771332 ifconfig_ipv6_pool_netbits = 0
Tue Sep 22 22:07:56 2015 us=771365 n_bcast_buf = 256
Tue Sep 22 22:07:56 2015 us=771399 tcp_queue_limit = 64
Tue Sep 22 22:07:56 2015 us=771431 real_hash_size = 256
Tue Sep 22 22:07:56 2015 us=771463 virtual_hash_size = 256
Tue Sep 22 22:07:56 2015 us=771496 client_connect_script = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=771574 learn_address_script = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=771611 client_disconnect_script = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=771644 client_config_dir = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=771677 ccd_exclusive = DISABLED
Tue Sep 22 22:07:56 2015 us=771710 tmp_dir = '/tmp'
Tue Sep 22 22:07:56 2015 us=771742 push_ifconfig_defined = DISABLED
Tue Sep 22 22:07:56 2015 us=771778 push_ifconfig_local = 0.0.0.0
Tue Sep 22 22:07:56 2015 us=771813 push_ifconfig_remote_netmask = 0.0.0.0
Tue Sep 22 22:07:56 2015 us=771846 push_ifconfig_ipv6_defined = DISABLED
Tue Sep 22 22:07:56 2015 us=771881 push_ifconfig_ipv6_local = ::/0
Tue Sep 22 22:07:56 2015 us=771916 push_ifconfig_ipv6_remote = ::
Tue Sep 22 22:07:56 2015 us=771950 enable_c2c = DISABLED
Tue Sep 22 22:07:56 2015 us=771983 duplicate_cn = DISABLED
Tue Sep 22 22:07:56 2015 us=772015 cf_max = 0
Tue Sep 22 22:07:56 2015 us=772047 cf_per = 0
Tue Sep 22 22:07:56 2015 us=772080 max_clients = 1024
Tue Sep 22 22:07:56 2015 us=772113 max_routes_per_client = 256
Tue Sep 22 22:07:56 2015 us=772146 auth_user_pass_verify_script = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=772180 auth_user_pass_verify_script_via_file = DISABLED
Tue Sep 22 22:07:56 2015 us=772214 ssl_flags = 0
Tue Sep 22 22:07:56 2015 us=772246 port_share_host = '[UNDEF]'
Tue Sep 22 22:07:56 2015 us=772279 port_share_port = 0
Tue Sep 22 22:07:56 2015 us=772312 client = ENABLED
Tue Sep 22 22:07:56 2015 us=772344 pull = ENABLED
Tue Sep 22 22:07:56 2015 us=772377 auth_user_pass_file = 'stdin'
Tue Sep 22 22:07:56 2015 us=772415 OpenVPN 2.2.1 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014
Enter Auth Username:xxxxxxxxxxxx
Enter Auth Password:
Tue Sep 22 22:08:17 2015 us=720705 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Sep 22 22:08:17 2015 us=755618 Control Channel Authentication: tls-auth using INLINE static key file
Tue Sep 22 22:08:17 2015 us=764662 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Sep 22 22:08:17 2015 us=764737 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Sep 22 22:08:17 2015 us=764801 LZO compression initialized
Tue Sep 22 22:08:17 2015 us=764977 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Tue Sep 22 22:08:17 2015 us=765067 Socket Buffers: R=[229376->200000] S=[229376->200000]
Tue Sep 22 22:08:17 2015 us=765117 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Sep 22 22:08:17 2015 us=765181 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Tue Sep 22 22:08:17 2015 us=765204 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Tue Sep 22 22:08:17 2015 us=765254 Local Options hash (VER=V4): '504e774e'
Tue Sep 22 22:08:17 2015 us=765291 Expected Remote Options hash (VER=V4): '14168603'
Tue Sep 22 22:08:17 2015 us=765326 UDPv4 link local: [undef]
Tue Sep 22 22:08:17 2015 us=765353 UDPv4 link remote: [AF_INET]xxx.xx.xx.xxx:1194
WRTue Sep 22 22:08:17 2015 us=815128 TLS: Initial packet from [AF_INET]xxx.xx.xx.xxx:1194, sid=cb10e1cd 1571780d
WTue Sep 22 22:08:17 2015 us=815337 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
WWWRRRWRWRWRWRWRWRWRWRWRTue Sep 22 22:08:17 2015 us=988108 VERIFY OK: depth=1, /CN=OpenVPN_CA
Tue Sep 22 22:08:17 2015 us=988468 VERIFY OK: nsCertType=SERVER
Tue Sep 22 22:08:17 2015 us=988495 VERIFY OK: depth=0, /CN=OpenVPN_Server
WRWRWRWRWRWWWWRWRWRWRWRWRWRWRWRWRRRRWRWRWRWRWRWRWWWWRRRRWRWRTue Sep 22 22:08:18 2015 us=371360 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Sep 22 22:08:18 2015 us=371417 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Sep 22 22:08:18 2015 us=371592 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Sep 22 22:08:18 2015 us=371626 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
WTue Sep 22 22:08:18 2015 us=371699 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Sep 22 22:08:18 2015 us=371755 [OpenVPN_Server] Peer Connection Initiated with [AF_INET][i]xxx.xx.xx.xxx[/i]:1194
Tue Sep 22 22:08:20 2015 us=842471 SENT CONTROL [OpenVPN_Server]: 'PUSH_REQUEST' (status=1)
WRRWRWRWRWRTue Sep 22 22:08:20 2015 us=945169 PUSH: Received control message: 'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5 30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping 5,ping-restart 40,redirect-gateway def1,redirect-gateway bypass-dhcp,redirect-gateway autolocal,route-gateway 5.5.0.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,register-dns,comp-lzo yes,ifconfig 5.5.2.123 255.255.240.0'
Tue Sep 22 22:08:20 2015 us=945307 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:4: dhcp-pre-release (2.2.1)
Tue Sep 22 22:08:20 2015 us=945349 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:5: dhcp-renew (2.2.1)
Tue Sep 22 22:08:20 2015 us=945395 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:6: dhcp-release (2.2.1)
Tue Sep 22 22:08:20 2015 us=945550 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:16: register-dns (2.2.1)
Tue Sep 22 22:08:20 2015 us=945605 OPTIONS IMPORT: timers and/or timeouts modified
Tue Sep 22 22:08:20 2015 us=945627 OPTIONS IMPORT: explicit notify parm(s) modified
Tue Sep 22 22:08:20 2015 us=945644 OPTIONS IMPORT: LZO parms modified
Tue Sep 22 22:08:20 2015 us=945661 OPTIONS IMPORT: --ifconfig/up options modified
Tue Sep 22 22:08:20 2015 us=945678 OPTIONS IMPORT: route options modified
Tue Sep 22 22:08:20 2015 us=945695 OPTIONS IMPORT: route-related options modified
Tue Sep 22 22:08:20 2015 us=945711 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Sep 22 22:08:20 2015 us=946054 ROUTE default_gateway=192.168.1.1
Tue Sep 22 22:08:20 2015 us=947692 TUN/TAP device tun0 opened
Tue Sep 22 22:08:20 2015 us=947748 TUN/TAP TX queue length set to 100
Tue Sep 22 22:08:20 2015 us=947790 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Sep 22 22:08:20 2015 us=947883 /sbin/ifconfig tun0 5.5.2.123 netmask 255.255.240.0 mtu 1500 broadcast 5.5.15.255
Tue Sep 22 22:08:21 2015 us=18092 /etc/openvpn/update-resolv-conf tun0 1500 1542 5.5.2.123 255.255.240.0 init
dhcp-option DNS 8.8.8.8
dhcp-option DNS 8.8.4.4
WRTue Sep 22 22:08:26 2015 us=26331 /sbin/route add -net 188.15.62.196 netmask 255.255.255.255 gw 192.168.1.1
Tue Sep 22 22:08:26 2015 us=79634 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 5.5.0.1
Tue Sep 22 22:08:26 2015 us=82058 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 5.5.0.1
Tue Sep 22 22:08:26 2015 us=84528 Initialization Sequence Completed
ifconfig
Code: Select all
eth0 Link encap:Ethernet IndirizzoHW f4:6d:04:61:46:9e
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisioni:0 txqueuelen:1000
Byte RX:0 (0.0 B) Byte TX:0 (0.0 B)
Interrupt:41
lo Link encap:Loopback locale
indirizzo inet:127.0.0.1 Maschera:255.0.0.0
indirizzo inet6: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:25031 errors:0 dropped:0 overruns:0 frame:0
TX packets:25031 errors:0 dropped:0 overruns:0 carrier:0
collisioni:0 txqueuelen:0
Byte RX:2625401 (2.6 MB) Byte TX:2625401 (2.6 MB)
tun0 Link encap:UNSPEC IndirizzoHW 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
indirizzo inet:5.5.2.123 P-t-P:5.5.2.123 Maschera:255.255.240.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:58 errors:0 dropped:0 overruns:0 frame:0
TX packets:79 errors:0 dropped:0 overruns:0 carrier:0
collisioni:0 txqueuelen:100
Byte RX:34360 (34.3 KB) Byte TX:17417 (17.4 KB)
wlan0 Link encap:Ethernet IndirizzoHW 74:d0:2b:cf:82:22
indirizzo inet:192.168.1.17 Bcast:192.168.1.255 Maschera:255.255.255.0
indirizzo inet6: fe80::76d0:2bff:fecf:8222/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:777346 errors:0 dropped:98773 overruns:0 frame:0
TX packets:548499 errors:0 dropped:24 overruns:0 carrier:0
collisioni:0 txqueuelen:1000
Byte RX:922716339 (922.7 MB) Byte TX:92108866 (92.1 MB)
tcpdump -i tun0
Code: Select all
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tun0, link-type RAW (Raw IP), capture size 65535 bytes
22:10:23.131626 IP PCAsus.local.33280 > wi-in-f189.1e100.net.https: Flags [P.], seq 53564589:53564658, ack 848517041, win 524, options [nop,nop,TS val 56274656 ecr 1314138861], length 69
22:10:23.134954 IP 5.5.2.123.60523 > google-public-dns-a.google.com.domain: 8506+ PTR? 189.67.194.173.in-addr.arpa. (45)
22:10:23.217037 IP google-public-dns-a.google.com.domain > 5.5.2.123.60523: 8506 1/0/0 PTR wi-in-f189.1e100.net. (79)
22:10:23.217501 IP 5.5.2.123.44893 > google-public-dns-a.google.com.domain: 9283+ PTR? 17.1.168.192.in-addr.arpa. (43)
22:10:23.279777 IP google-public-dns-a.google.com.domain > 5.5.2.123.44893: 9283 NXDomain 0/0/0 (43)
22:10:23.432123 IP 5.5.2.123.41087 > google-public-dns-a.google.com.domain: 12066+ PTR? 8.8.8.8.in-addr.arpa. (38)
22:10:23.515370 IP google-public-dns-a.google.com.domain > 5.5.2.123.41087: 12066 1/0/0 PTR google-public-dns-a.google.com. (82)
22:10:23.515817 IP 5.5.2.123.35715 > google-public-dns-a.google.com.domain: 61355+ PTR? 123.2.5.5.in-addr.arpa. (40)
22:10:23.594474 IP google-public-dns-a.google.com.domain > 5.5.2.123.35715: 61355 NXDomain 0/1/0 (100)
22:10:24.433407 IP 5.5.2.123.36767 > google-public-dns-a.google.com.domain: 57051+ A? daisy.ubuntu.com. (34)
22:10:24.500106 IP google-public-dns-a.google.com.domain > 5.5.2.123.36767: 57051 2/0/0 A 91.189.92.57, A 91.189.92.55 (66)
22:10:34.039604 IP 5.5.2.123.57112 > mil02s05-in-f13.1e100.net.https: Flags [.], ack 586921280, win 873, options [nop,nop,TS val 56277383 ecr 2861425520], length 0
22:10:34.039976 IP 5.5.2.123.45440 > google-public-dns-a.google.com.domain: 14137+ PTR? 141.232.125.74.in-addr.arpa. (45)
22:10:34.103755 IP mil02s05-in-f13.1e100.net.https > 5.5.2.123.57112: Flags [.], ack 1, win 358, options [nop,nop,TS val 2861470587 ecr 56266133], length 0
22:10:34.124424 IP google-public-dns-a.google.com.domain > 5.5.2.123.45440: 14137 1/0/0 PTR mil02s05-in-f13.1e100.net. (84)
ping 192.168.1.251
Code: Select all
PING 192.168.1.251 (192.168.1.251) 56(84) bytes of data.
From 192.168.1.17 icmp_seq=1 Destination Host Unreachable
From 192.168.1.17 icmp_seq=2 Destination Host Unreachable
From 192.168.1.17 icmp_seq=3 Destination Host Unreachable
Re: Destination Host Unreachable
Posted: Tue Sep 22, 2015 9:20 pm
by Traffic
What happens if you ping 192.168.1.251 when your VPN is down ?
Re: Destination Host Unreachable
Posted: Tue Sep 22, 2015 9:48 pm
by danbo
same thing
Code: Select all
ping 192.168.1.251
PING 192.168.1.251 (192.168.1.251) 56(84) bytes of data.
From 192.168.1.17 icmp_seq=1 Destination Host Unreachable
From 192.168.1.17 icmp_seq=2 Destination Host Unreachable
From 192.168.1.17 icmp_seq=3 Destination Host Unreachable
From 192.168.1.17 icmp_seq=4 Destination Host Unreachable
From 192.168.1.17 icmp_seq=5 Destination Host Unreachable
From 192.168.1.17 icmp_seq=6 Destination Host Unreachable
Re: Destination Host Unreachable
Posted: Tue Sep 22, 2015 10:27 pm
by Traffic
danbo wrote:I've asked the adimns too, indeed, but we can't sort it out
so the guys that run your VPN don't want to fix it ?
Re: Destination Host Unreachable
Posted: Tue Sep 22, 2015 10:39 pm
by danbo
are you saying it's a server configuration problem?
why do it works on Windows systems and not on Ubuntu?
Re: Destination Host Unreachable
Posted: Thu Sep 24, 2015 10:38 pm
by danbo
fixed it.
thank you for your time
Re: Destination Host Unreachable
Posted: Thu Sep 24, 2015 11:50 pm
by Traffic
Thanks for sharing your experience ...
Re: Destination Host Unreachable
Posted: Sat Sep 26, 2015 8:43 am
by danbo
http://askubuntu.com/questions/554679/c ... vpn-client
we changed the IP class of my home router from 192.168.1.1 to 192.168.0.1
Re: Destination Host Unreachable
Posted: Mon Sep 28, 2015 11:31 am
by Traffic
FYI: 192.168.0.0/24 is probably worse than 192.168.1.0/24 ..
A more suitable change would be to select a rarely used subnet such as 192.168.157.0/24