You are not logged in.
I've been working to get an OpenVPN connection set up with VPN Unlimited.
They don't support Arch natively, which means I'm restricted to setting up a manual connection.
I've been following the steps in the ArchWiki OpenVPN tutorial. I've copied the client file sent to me by VPN Unlimited's support staff into my /etc/openvpn/client directory.
When I run
# openvpn /etc/openvpn/client/client.conf
, the connection initialized -- but then I get the following error:
Sat Mar 25 20:13:25 2017 OpenVPN 2.4.1 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [A
Sat Mar 25 20:13:25 2017 library versions: OpenSSL 1.0.2k 26 Jan 2017, LZO 2.10
Sat Mar 25 20:13:25 2017 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
Sat Mar 25 20:13:25 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]95.141.40.107:1194
Sat Mar 25 20:13:25 2017 UDP link local: (not bound)
Sat Mar 25 20:13:25 2017 UDP link remote: [AF_INET]95.141.40.107:1194
Sat Mar 25 20:13:25 2017 [openvpn.vpnunlimitedapp.com] Peer Connection Initiated with [AF_INET]95.141.40.107:1194
Sat Mar 25 20:13:27 2017 Options error: option 'reneg-sec' cannot be used in this context ([PUSH-OPTIONS])
Sat Mar 25 20:13:28 2017 TUN/TAP device tun0 opened
Sat Mar 25 20:13:28 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sat Mar 25 20:13:28 2017 /usr/bin/ip link set dev tun0 up mtu 1500
Sat Mar 25 20:13:28 2017 /usr/bin/ip addr add dev tun0 local 10.200.5.82 peer 10.200.5.81
Sat Mar 25 20:13:28 2017 Initialization Sequence Completed
Sat Mar 25 20:13:28 2017 NOTE: Beginning empirical MTU test -- results should be available in 3 to 4 minutes.
Sat Mar 25 20:16:31 2017 NOTE: Empirical MTU test completed [Tried,Actual] local->remote=[1525,1425] remote->local=[1522,1522]
Sat Mar 25 20:16:31 2017 NOTE: This connection is unable to accommodate a UDP packet size of 1525. Consider using --fragment or --mssfix options as a workaround.
I'm not quite sure what this means. Is OpenVPN working?
When I try to set the MTU fragment size in the config file, as described in the ArchWiki OpenVPN guide, OpenVPN terminates with the following error:
Sat Mar 25 20:20:23 2017 OpenVPN 2.4.1 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 22 2017
Sat Mar 25 20:20:23 2017 library versions: OpenSSL 1.0.2k 26 Jan 2017, LZO 2.10
Sat Mar 25 20:20:23 2017 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
Sat Mar 25 20:20:23 2017 WARNING: using --fragment and --mtu-test together may produce an inaccurate MTU test result
Sat Mar 25 20:20:24 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]95.141.40.107:1194
Sat Mar 25 20:20:24 2017 UDP link local: (not bound)
Sat Mar 25 20:20:24 2017 UDP link remote: [AF_INET]95.141.40.107:1194
Sat Mar 25 20:20:24 2017 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1546', remote='link-mtu 1542'
Sat Mar 25 20:20:24 2017 WARNING: 'mtu-dynamic' is present in local config but missing in remote config, local='mtu-dynamic'
Sat Mar 25 20:20:24 2017 [openvpn.vpnunlimitedapp.com] Peer Connection Initiated with [AF_INET]95.141.40.107:1194
Sat Mar 25 20:20:26 2017 Options error: option 'reneg-sec' cannot be used in this context ([PUSH-OPTIONS])
Sat Mar 25 20:20:26 2017 TUN/TAP device tun1 opened
Sat Mar 25 20:20:26 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sat Mar 25 20:20:26 2017 /usr/bin/ip link set dev tun1 up mtu 1500
Sat Mar 25 20:20:26 2017 /usr/bin/ip addr add dev tun1 local 10.200.5.82 peer 10.200.5.81
RTNETLINK answers: File exists
Sat Mar 25 20:20:26 2017 ERROR: Linux route add command failed: external program exited with error status: 2
RTNETLINK answers: File exists
Sat Mar 25 20:20:26 2017 ERROR: Linux route add command failed: external program exited with error status: 2
RTNETLINK answers: File exists
Sat Mar 25 20:20:26 2017 ERROR: Linux route add command failed: external program exited with error status: 2
RTNETLINK answers: File exists
Sat Mar 25 20:20:26 2017 ERROR: Linux route add command failed: external program exited with error status: 2
Sat Mar 25 20:20:26 2017 Initialization Sequence Completed
Sat Mar 25 20:20:27 2017 NOTE: Beginning empirical MTU test -- results should be available in 3 to 4 minutes.
Sat Mar 25 20:20:31 2017 FRAG_IN error flags=0xfa2a187b: FRAG_TEST not implemented
Sat Mar 25 20:20:36 2017 FRAG_IN error flags=0xfa2a187b: FRAG_TEST not implemented
Sat Mar 25 20:20:41 2017 FRAG_IN error flags=0xfa2a187b: FRAG_TEST not implemented
Sat Mar 25 20:20:46 2017 FRAG_IN error flags=0xfa2a187b: FRAG_TEST not implemented
Sat Mar 25 20:20:51 2017 FRAG_IN error flags=0xfa2a187b: FRAG_TEST not implemented
Sat Mar 25 20:20:56 2017 [openvpn.vpnunlimitedapp.com] Inactivity timeout (--ping-exit), exiting
Sat Mar 25 20:20:56 2017 /usr/bin/ip addr del dev tun1 local 10.200.5.82 peer 10.200.5.81
Sat Mar 25 20:20:56 2017 SIGTERM[soft,ping-exit] received, process exiting
Could someone give me a little insight on what's going on here? Thanks!
Offline
Does removing
mtu-test
without other modifications helps you?
Last edited by QuackDonkey (2017-03-25 21:19:25)
Offline
Also this line "Sat Mar 25 20:20:24 2017 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1546', remote='link-mtu 1542'" should hint you to what you can do to make things work, try setting a fixed mtu of 1542.
R00KIE
Tm90aGluZyB0byBzZWUgaGVyZSwgbW92ZSBhbG9uZy4K
Offline