Split Tunneling isnt working.
|
Posts: 244
Threads: 1
Joined: Jul 2016
Reputation:
12
[Solved]
Nov 18, 2016, 08:07 AM
Excellent, I'm glad it is working now and thanks for reporting back. Sorry that you had to reinstall your server to make it work. There must have been a firewall or some other configuration from your previous settings that prevented proper working of Deluge. In these cases it is very hard and difficult to troubleshoot the reason why it is not working.
Now you can start to implement all your own settings, and if you see that some of them brakes Split Tunnel or Deluge functionality, you will know which area to focus to find the solution.
Posts: 5
Threads: 0
Joined: Jan 2017
Reputation:
0
[Solved]
Jan 10, 2017, 05:47 PM
(Nov 17, 2016, 10:31 AM)drake Wrote: We will try to narrow down what could be the issue.
Do you have static IP set to your server running Split Tunnel from your router?
What is the output of
Code:
sudo systemctl status openvpn@openvpn.service
and
I have a similar problem. Here are my outputs:
sudo systemctl status openvpn@openvpn.service:
Code:
● openvpn@openvpn.service - OpenVPN connection to openvpn Documentation=man:openvpn(8)
Loaded: loaded (/etc/systemd/system/openvpn@openvpn.service; enabled)
Active: active (running) since Tue 2017-01-10 16:39:31 UTC; 51min ago
Docs: https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
https://community.openvpn.net/openvpn/wiki/HOWTO
Process: 17468 ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/%i.conf --writepid /run/openvpn/%i.pid (code=exited, status=0/SUCCESS)
Main PID: 17470 (openvpn)
CGroup: /system.slice/system-openvpn.slice/openvpn@openvpn.service
└─17470 /usr/sbin/openvpn --daemon ovpn-openvpn --status /run/openvpn/openvpn.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/openvpn.conf --writepid /run/openvpn...
Jan 10 16:39:31 raspberrypi ovpn-openvpn[17470]: UDPv4 link local: [undef]
Jan 10 16:39:31 raspberrypi ovpn-openvpn[17470]: UDPv4 link remote: [AF_INET]5.153.233.26:1198
Jan 10 16:39:31 raspberrypi systemd[1]: Started OpenVPN connection to openvpn Documentation=man:openvpn(8).
Jan 10 16:39:32 raspberrypi ovpn-openvpn[17470]: [095f122d5a944ad0806bf010b4e708f2] Peer Connection Initiated with [AF_INET]5.153.233.26:1198
Jan 10 16:39:34 raspberrypi ovpn-openvpn[17470]: TUN/TAP device tun0 opened
Jan 10 16:39:34 raspberrypi ovpn-openvpn[17470]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Jan 10 16:39:34 raspberrypi ovpn-openvpn[17470]: /sbin/ip link set dev tun0 up mtu 1500
Jan 10 16:39:35 raspberrypi ovpn-openvpn[17470]: /sbin/ip addr add dev tun0 local 10.64.10.6 peer 10.64.10.5
Jan 10 16:39:35 raspberrypi ovpn-openvpn[17470]: /etc/openvpn/iptables.sh tun0 1500 1558 10.64.10.6 10.64.10.5 init
Jan 10 16:39:35 raspberrypi ovpn-openvpn[17470]: Initialization Sequence Completed
sudo iptables -S:
Code:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -i tun0 -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A INPUT -i tun0 -j REJECT --reject-with icmp-port-unreachable
-A OUTPUT -o lo -m owner --uid-owner 1001 -j ACCEPT
-A OUTPUT -o tun0 -m owner --uid-owner 1001 -j ACCEPT
-A OUTPUT ! -s 192.168.0.105/32 -o eth0 -j REJECT --reject-with icmp-port-unreachable
sudo iptables -L:
Code:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate ESTABLISHED
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere owner UID match vpn
ACCEPT all -- anywhere anywhere owner UID match vpn
REJECT all -- !192.168.0.105 anywhere reject-with icmp-port-unreachable
also, I followed the instructions at: http://www.htpcguides.com/force-torrent-...ntu-16-04/
one weird thing was that when I was instructed to edit /etc/openvpn/update-resolv-conf, I found that It was blank. Is that right?
Thanks in advance for your help
Posts: 244
Threads: 1
Joined: Jul 2016
Reputation:
12
[Solved]
Jan 10, 2017, 06:13 PM
(This post was last modified: Jan 10, 2017, 06:13 PM by drake.)
Hi elevensies,
based on the output of the commands everything is fine, OpenVPN connects fine, and the iptables rules are loaded properly.
What problem do you have exactly? If you check the IP for regular user and vpn user what IP you get?
Regarding the update-resolv-conf, it should not be empty! What distribution are you using and how did you install OpenVPN?
Posts: 5
Threads: 0
Joined: Jan 2017
Reputation:
0
[Solved]
Jan 10, 2017, 06:42 PM
(This post was last modified: Jan 10, 2017, 06:52 PM by elevensies.
Edit Reason: brevity
)
When I check the IP for the VPN user, It does not resolve and when I check DNS it shows me my router's IP.
Posts: 244
Threads: 1
Joined: Jul 2016
Reputation:
12
[Solved]
Jan 10, 2017, 06:54 PM
I will need the answer from you to be able to help: which distribution are you using, and how did you install OpenVPN?
Are you using PIA?
Posts: 5
Threads: 0
Joined: Jan 2017
Reputation:
0
[Solved]
Jan 10, 2017, 08:38 PM
I hope I'm answering this right... I'm, running Raspbian Jesse and I'm pretty sure I used apt-get to install but i also did "aptitude reinstall" when I got an initial error message. Hoping that didn't make things complicated.
My VPN is PIA.
Posts: 244
Threads: 1
Joined: Jul 2016
Reputation:
12
[Solved]
Jan 10, 2017, 09:05 PM
(This post was last modified: Jan 10, 2017, 09:06 PM by drake.)
Something must have been wrong since the guide should work as is on Raspbian Jessie if you do all the required steps. It should not give you any error messages when you install OpenVPN. It is strange that you don't have anything in update-resolv-conf, as it should be there.
Is it difficult to start from clean install of Raspbian again?
You have two options:
1) install the OpenVPN version from Debian repository, as it is in the guide
or
2) build latest OpenVPN as pointed out in the guide
Make sure you follow all the Debian steps and make a note of any error message if you receive any and let me know.
Posts: 5
Threads: 0
Joined: Jan 2017
Reputation:
0
[Solved]
Jan 11, 2017, 04:42 PM
I've built from source and followed the instructions. Now I have these errors in my log:
Code:
Jan 11 16:38:43 raspberrypi systemd[1]: Starting OpenVPN connection to openvpn Documentation=man:openvpn(8)...
Jan 11 16:38:45 raspberrypi ovpn-openvpn[15237]: WARNING: file '/etc/openvpn/login.txt' is group or others accessible
Jan 11 16:38:45 raspberrypi ovpn-openvpn[15237]: Options error: --writepid fails with '/run/openvpn/openvpn.pid': No such file or directory
Jan 11 16:38:45 raspberrypi ovpn-openvpn[15237]: Options error: --status fails with '/run/openvpn/openvpn.status': No such file or directory
Jan 11 16:38:45 raspberrypi ovpn-openvpn[15237]: Options error: Please correct these errors.
Jan 11 16:38:45 raspberrypi ovpn-openvpn[15237]: Use --help for more information.
should i just try to reinstall on a fresh copy of raspbian?
Posts: 244
Threads: 1
Joined: Jul 2016
Reputation:
12
[Solved]
Jan 12, 2017, 12:57 PM
Did you do this on a clean install or on a system where OpenVPN was already installed?
I did a test and it is working for me. Could you try to start over with a clean install?
Posts: 5
Threads: 0
Joined: Jan 2017
Reputation:
0
[Solved]
Jan 12, 2017, 03:40 PM
all that was not on a clean install. since then i've wiped and run a clean install.
heres my error output from a clean install
sudo systemctl status openvpn@openvpn.service:
Code:
● openvpn@openvpn.service - OpenVPN connection to openvpn
Loaded: loaded (/etc/systemd/system/openvpn@openvpn.service; enabled)
Active: activating (auto-restart) (Result: exit-code) since Thu 2017-01-12 15:18:37 UTC; 2s ago
Docs: man:openvpn(8)
https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
https://community.openvpn.net/openvpn/wiki/HOWTO
Process: 13217 ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/%i.conf --writepid /run/openvpn/%i.pid (code=exited, status=1/FAILURE)
and from the logs:
Code:
Jan 12 14:17:13 raspberrypi systemd[1]: Starting OpenVPN connection to openvpn...
Jan 12 14:17:13 raspberrypi systemd[1]: Starting /etc/rc.local Compatibility...
Jan 12 14:17:13 raspberrypi systemd[1]: Starting Network is Online.
Jan 12 14:17:13 raspberrypi systemd[1]: Reached target Network is Online.
Jan 12 14:17:13 raspberrypi systemd[1]: Starting LSB: Start NTP daemon...
Jan 12 14:17:13 raspberrypi systemd[1]: Starting Permit User Sessions...
Jan 12 14:17:13 raspberrypi systemd[1]: Started OpenVPN service.
Jan 12 14:17:13 raspberrypi systemd[1]: Started /etc/rc.local Compatibility.
Jan 12 14:17:13 raspberrypi systemd[1]: Started Login Service.
Jan 12 14:17:13 raspberrypi systemd[1]: Started Permit User Sessions.
Jan 12 14:17:13 raspberrypi systemd[1]: Starting Light Display Manager...
Jan 12 14:17:13 raspberrypi ovpn-openvpn[628]: Options error: In [CMD-LINE]:1: Error opening configuration file: /etc/openvpn/openvpn.conf
Jan 12 14:17:13 raspberrypi ovpn-openvpn[628]: Use --help for more information.
Jan 12 14:17:13 raspberrypi ntpd[648]: ntpd 4.2.6p5@1.2349-o Mon Jul 25 22:35:28 UTC 2016 (1)
Jan 12 14:17:13 raspberrypi ntpd[657]: proto: precision = 0.521 usec
Jan 12 14:17:13 raspberrypi ntpd[657]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123
Jan 12 14:17:13 raspberrypi systemd[1]: Starting Hold until boot process finishes up...
Jan 12 14:17:13 raspberrypi systemd[1]: Starting Terminate Plymouth Boot Screen...
Jan 12 14:17:13 raspberrypi ntp[630]: Starting NTP server: ntpd.
Jan 12 14:17:13 raspberrypi ntpd[657]: Listen and drop on 1 v6wildcard :: UDP 123
Jan 12 14:17:13 raspberrypi ntpd[657]: Listen normally on 2 lo 127.0.0.1 UDP 123
Jan 12 14:17:13 raspberrypi ntpd[657]: Listen normally on 3 lo ::1 UDP 123
Jan 12 14:17:13 raspberrypi ntpd[657]: peers refreshed
Jan 12 14:17:13 raspberrypi ntpd[657]: Listening on routing socket on fd #20 for interface updates
Jan 12 14:17:13 raspberrypi systemd[1]: openvpn@openvpn.service: control process exited, code=exited status=1
Jan 12 14:17:13 raspberrypi systemd[1]: Failed to start OpenVPN connection to openvpn.
Jan 12 14:17:13 raspberrypi systemd[1]: Unit openvpn@openvpn.service entered failed state.
|
|
Recent Posts
|
About Swap
jonescelinaa Apr 10, 2024, 06:58 AM
|
Tracker Status: Error Connection Time Out
jonesPhedra Apr 04, 2024, 08:17 AM
|
Split Tunnel Docker Containers
jonesPhedra Mar 27, 2024, 03:10 AM
|
Plex server not powerful enough, but only with s...
jonesPhedra Mar 27, 2024, 03:02 AM
|
game Geometry Dash Scratch
jonescelinaa Jan 31, 2024, 04:21 AM
|
Latest unread posts | Unanswered posts |
|