Cannot navigate once connected to VPN

tehsoto · 2014-01-17 15:55:14

I need all my traffic to go through the VPN when i'm connected to it, unfortunately, when i do connect, if i check the box (i'm on OpenBox btw) "Use this connection only for resources on it's network" i have internet connection, but i cannot browse the VPN resources, if i uncheck it, i lose all kinds of connection.

Here are my results of "route -n"

Without being connected to VPN

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.0.1     0.0.0.0         UG    0      0        0 wlp6s0
192.168.0.0     0.0.0.0         255.255.255.0   U     303    0        0 wlp6s0
192.168.0.1     0.0.0.0         255.255.255.255 UH    0      0        0 wlp6s0
192.168.0.4     127.0.0.1       255.255.255.255 UGH   303    0        0 lo

being connected to VPN

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 tun0
172.40.0.0      0.0.0.0         255.255.255.0   U     0      0        0 tun0
192.168.0.0     0.0.0.0         255.255.255.0   U     303    0        0 wlp6s0
192.168.0.1     0.0.0.0         255.255.255.255 UH    0      0        0 wlp6s0
192.168.0.4     127.0.0.1       255.255.255.255 UGH   303    0        0 lo
195.59.xx.xx   192.168.0.1     255.255.255.255 UGH   0      0        0 wlp6s0

being 195.59.xx.xx my VPN ip.

Any ideas? Suggestions?

Thanks.

Spider.007 · 2014-01-17 18:02:58

Is the destination correct; is the network you connect to located at 172.40.0.x? If so; 'browse' doesn't really tell us much, can you ping to a host on the target network? Can you connect to it?

tehsoto · 2014-01-17 18:21:53

Hi Spider.007, thanks for replying,

The network i connect to is NOT located at 172.40.0.x, it's at 195.59.xx.xx, i have no idea where or why 172.40.0.x is even there nor where it's getting that addr.
I am unable to ping anything.

Spider.007 · 2014-01-17 18:34:55

ewaller (below) is right, I misread the ip-address

Last edited by Spider.007 (2014-01-17 18:39:43)

ewaller · 2014-01-17 18:37:46

172.x.x.x. is a private network address. It is probably being assigned by a DHCP server on the private network into which you are making a VPN connection.

195.59.xx.xx is the address to which you are establishing a VPN. It then tunnels you into the private network. You are connecting to that network since you are receiving an address on that network.

Conceptually, you are now behind the target's firewall and can access all of the machines on that network. To get to the public internet, you have to come out through the firewall, just like you were there (subject to any rules, restrictions, monitoring, and expectation of privacy you which you are subject were you are physically there)

Your real problem is probably a bad default route, or a bad DNS setting. What is the output of ip route whilst connected to the VPN.
Can you ping 172.40.0.1 ? That is likely to be the gateway on the 172.40.0.x subnet.

ewaller · 2014-01-17 18:40:06

Spider.007 wrote:

You might try adding the correct route manually for testing purpose eg:
ip route add 195.59.xx.0/24 dev tun0
does that fix things?

I think we were posting at the same time. I think he needs the gateway on the private network subnet, not the public address of the VPN. IOW, 172.40.0/24

tehsoto · 2014-01-17 18:46:47

Hey, thanks for your help guys, however i still have the issues, i believe ewaller is correct and this route is being added when i connect to the VPN, here is the "ip route" output

[soto@arch ~]$ ip route
default dev tun0  proto static 
172.40.0.0/24 dev tun0  proto kernel  scope link  src 172.40.0.99 
192.168.0.0/24 dev wlp6s0  proto kernel  scope link  src 192.168.0.4  metric 9 
192.168.0.4 via 127.0.0.1 dev lo  metric 303 
195.59.xx.62 via 192.168.0.1 dev wlp6s0  proto static

if i try to add another route i get

[soto@arch ~]$ sudo ip route add 172.40.0.0/24 dev tun0
RTNETLINK answers: File exists

pinging 172.40.0.1 is not responding

[soto@arch ~]$ sudo ping 172.40.0.1
PING 172.40.0.1 (172.40.0.1) 56(84) bytes of data.
--- 172.40.0.1 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2007ms

=/

Last edited by tehsoto (2014-01-17 18:50:19)

ewaller · 2014-01-17 18:53:49

That looks wrong somehow. I think you need the default to point 172.40.0.0/24, but I am not certain. Can you ping 172.40.0.1 ?

Edit: Never mind -- Our posts passed in the ether.

Last edited by ewaller (2014-01-17 21:15:28)

tehsoto · 2014-01-17 18:59:51

No response while connected to VPN from 172.40.0.1

 
[soto@arch ~]$ sudo ping 172.40.0.1
PING 172.40.0.1 (172.40.0.1) 56(84) bytes of data.

--- 172.40.0.1 ping statistics ---
8 packets transmitted, 0 received, 100% packet loss, time 6999ms

This VPN works fine when i connect through Windows's Cisco VPN Client. =/

tehsoto · 2014-01-17 20:20:20

I was able to solve this by using pcf2vpnc and connected using vpnc from the terminal, but i was unable to configure it properly from the networkmanager's vpnc.

[soto@arch Downloads]$ pcf2vpnc CiscoVPNconf.pcf tc.conf
[soto@arch Downloads]$ sudo vpnc ./tc.conf
Enter username for 195.59.xx.xx: yourusername
Enter password for yourusername@195.59.xx.xx: 
VPNC started in background (pid: 2106)...
[soto@arch Downloads]$

After this i'm able to browse internet as if i were on the place, however i have no idea what was going on when using the networkmanager's vpnc config, i'l stick to the terminal for now.

Thanks.

Last edited by tehsoto (2014-01-17 20:21:06)

Arch Linux

#1 2014-01-17 15:55:14

Cannot navigate once connected to VPN

#2 2014-01-17 18:02:58

Re: Cannot navigate once connected to VPN

#3 2014-01-17 18:21:53

Re: Cannot navigate once connected to VPN

#4 2014-01-17 18:34:55

Re: Cannot navigate once connected to VPN

#5 2014-01-17 18:37:46

Re: Cannot navigate once connected to VPN

#6 2014-01-17 18:40:06

Re: Cannot navigate once connected to VPN

#7 2014-01-17 18:46:47

Re: Cannot navigate once connected to VPN

#8 2014-01-17 18:53:49

Re: Cannot navigate once connected to VPN

#9 2014-01-17 18:59:51

Re: Cannot navigate once connected to VPN

#10 2014-01-17 20:20:20

Re: Cannot navigate once connected to VPN

Board footer