Cant activate openVPN

dongon104 · 2018-09-05 11:14:36

I am not able to start the VPN. I installed openvpn, networkmanager-openvpn and networkmanager-openvpnc. Loaded tun kernel module. Downloaded .ovpn and run the below code,

> openvpn --config <.ovpn-file>

The output I get is,

Wed Sep 5 16:41:55 2018 OpenVPN 2.4.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 24 2018
Wed Sep 5 16:41:55 2018 library versions: OpenSSL 1.1.0i 14 Aug 2018, LZO 2.10
Enter Auth Username: vpnbook
Enter Auth Password: *******
Wed Sep 5 16:42:08 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Sep 5 16:42:08 2018 NOTE: --fast-io is disabled since we are not using UDP
Wed Sep 5 16:42:08 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]178.162.193.233:443
Wed Sep 5 16:42:08 2018 Socket Buffers: R=[87380->87380] S=[16384->16384]
Wed Sep 5 16:42:08 2018 Attempting to establish TCP connection with [AF_INET]178.162.193.233:443 [nonblock]
Wed Sep 5 16:42:09 2018 TCP connection established with [AF_INET]178.162.193.233:443
Wed Sep 5 16:42:09 2018 TCP_CLIENT link local: (not bound)
Wed Sep 5 16:42:09 2018 TCP_CLIENT link remote: [AF_INET]178.162.193.233:443
Wed Sep 5 16:42:11 2018 TLS: Initial packet from [AF_INET]178.162.193.233:443, sid=63d5bfdd 99fc741c
Wed Sep 5 16:42:11 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Sep 5 16:42:13 2018 VERIFY OK: depth=1, C=CH, ST=Zurich, L=Zurich, O=vpnbook.com, OU=IT, CN=vpnbook.com, name=vpnbook.com, emailAddress=admin@vpnbook.com
Wed Sep 5 16:42:13 2018 VERIFY OK: depth=0, C=CH, ST=Zurich, L=Zurich, O=vpnbook.com, OU=IT, CN=vpnbook.com, name=vpnbook.com, emailAddress=admin@vpnbook.com
Wed Sep 5 16:42:18 2018 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
Wed Sep 5 16:42:18 2018 [vpnbook.com] Peer Connection Initiated with [AF_INET]178.162.193.233:443
Wed Sep 5 16:42:19 2018 SENT CONTROL [vpnbook.com]: 'PUSH_REQUEST' (status=1)
Wed Sep 5 16:42:20 2018 AUTH: Received control message: AUTH_FAILED
Wed Sep 5 16:42:20 2018 SIGTERM[soft,auth-failure] received, process exiting

I tried the same code with sudo but no change. My IP is not changing. I am noobe in Arch and there are actually no tutorials in the net for my issue. Please help.

sincomil · 2018-09-05 13:24:36

Wed Sep  5 16:42:20 2018 AUTH: Received control message: AUTH_FAILED
Wed Sep  5 16:42:20 2018 SIGTERM[soft,auth-failure] received, process exiting

VPN server does not authorize you. Check your *.ovpn config file

graysky · 2018-09-05 13:55:34

https://aur.archlinux.org/packages/ovpngen/

dongon104 · 2018-09-06 10:40:42

@sincomil Thanks for the reply
I tried changing the .ovpn files and downloading it from different sites but still no effect. The output is somewhat different, though.

sincomil · 2018-09-06 10:49:43

@dongon104 I have tried that provider too, but it refuses my connections, but I think it caused by Law in Russian Federation (it forces Internet providers to block VPN-services). So I can't help to check what is going on with that VPN-provider...
But in your case it writes that it can't authenticate you.

mxfm · 2018-09-06 16:07:52

I have just tested this free service (server euro-1 "Download Euro1 Server OpenVPN Certificate Bundle") with specified login and password. The server replied with "Connection refused" messages (it sent tcp reset for tcp servers and icmp port unreachable for udp service). This indicates that host euro-1 is alive but does not service request (put it simply, the vpn server seems to be shut down). I did not test other servers.

sincomil wrote:

@dongon104 I have tried that provider too, but it refuses my connections, but I think it caused by Law in Russian Federation (it forces Internet providers to block VPN-services). So I can't help to check what is going on with that VPN-provider...
But in your case it writes that it can't authenticate you.

I am surprised to hear that such blocks work. Why did you decide that it is isp companies blocking vpn services and not just non-working service?

I closely monitor local news regarding IT and freedom sites belonging to "free civil communities". Indeed, recently law was amended (enacted since 1 October 2017) to block vpn providers not cooperating with national internet agency, but no vpn provider has been blocked, so that legislation is effectively dead. I have not met any news (including national IT tech forum threads) where somebody complains about blocked vpn. On top of my head, I remember <5 threads for the last 10 years at different tech forums where users complain about isp blocking vpn (some of those threads were from users not from Russia, but former USSR republics).

To test isp blocking hypothesis, I tried to connect to the vpn euro server from existing vpn connection (I am happy user of vpn for many years and I have not faced any technical issues so far) - vpn server euro-1 does not work either, so this is definitely has nothing to do with isp blocks.

P.S. I barely remember one anonimising service (technically, not vpn) was targeted by internet agency but the story was somehow resolved.

Last edited by mxfm (2018-09-06 16:10:06)

Arch Linux

#1 2018-09-05 11:14:36

Cant activate openVPN

#2 2018-09-05 13:24:36

Re: Cant activate openVPN

#3 2018-09-05 13:55:34

Re: Cant activate openVPN

#4 2018-09-06 10:40:42

Re: Cant activate openVPN

#5 2018-09-06 10:49:43

Re: Cant activate openVPN

#6 2018-09-06 16:07:52

Re: Cant activate openVPN

Board footer