So I have a few problems with my setup currently. Half the time the openVPN connection logs say "Cannot resolve host address: ca-tr.vpnunlimitedapp.com: Name or service not known" and when it does connect (which i cant figure out what is changing that sometimes it does, sometimes not) it says
Quote:
20190803 07:12:32 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190803 07:12:32 D MANAGEMENT: CMD 'state'
20190803 07:12:32 MANAGEMENT: Client disconnected
20190803 07:12:32 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190803 07:12:32 D MANAGEMENT: CMD 'state'
20190803 07:12:32 MANAGEMENT: Client disconnected
20190803 07:12:32 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190803 07:12:32 D MANAGEMENT: CMD 'state'
20190803 07:12:32 MANAGEMENT: Client disconnected
20190803 07:12:33 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190803 07:12:33 D MANAGEMENT: CMD 'log 500'
I have followed the guide provided by VPNUnlimited to the letter. I got it to connect the first time by using the exact additional config info in their openVPN config file rather than the one provided in their guide.
I have seen other threads with this same issue saying to remove all of the additional config but when I try that it doesnt even attempt to establish a connection.
I have made sure all firewalls are off, all pass-through enabled (though I have read that openVPN doesnt require pass-through), tried adding my DDWRT router to my arris' MAC pass-through, I tried changing LZO to disabled and adaptive as Ive seen in other threads.
I am completely stumped.
From the setup manual:
Quote:
Server IP or DNS Name: ca-tr.vpnunlimitedapp.com
Port and Protocol: You can select 1194 udp (ovpn default)
Tunnel device: Select TUN
Encryption Cipher: AES-256-CBC
Hash Algorithm: SHA512
Advanced Options: Enabled
TLS Cipher: TLS-DHE-RSA-WITH-AES-128-CBC-SHA or higher
LZO Compression: No
NAT: Enabled
Firewall Protection: Disabled
Tunnel UDP MSS-Fix: Disabled
Additional Config section: Paste the below data
reneg-sec 0
persist-tun
persist-key
ping 5
ping-exit 30
nobind
remote-random
remote-cert-tls server
route-metric 1
Additional Config as seen in the config file generated by VPNUnlimited for the Certificates and Key:
Quote:
client
dev
tun
reneg-sec 0
persist-tun
persist-key
ping 5
ping-exit 30
nobind
comp-lzo no
remote-random
remote-cert-tls server
auth-nocache
route-metric 1
cipher AES-256-CBC
auth SHA512
Full VPN log most recent attempt:
Quote:
Serverlog Clientlog 20190803 07:12:30 I OpenVPN 2.3.2 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Aug 7 2014
20190803 07:12:30 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16
20190803 07:12:30 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20190803 07:12:30 W WARNING: file '/tmp/openvpncl/client.key' is group or others accessible
20190803 07:12:30 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400)
20190803 07:12:30 Socket Buffers: R=[180224->131072] S=[180224->131072]
20190803 07:12:30 N RESOLVE: Cannot resolve host address: ca-tr.vpnunlimitedapp.com: Name or service not known
20190803 07:12:30 N RESOLVE: Cannot resolve host address: ca-tr.vpnunlimitedapp.com: Name or service not known
20190803 07:12:32 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190803 07:12:32 D MANAGEMENT: CMD 'state'
20190803 07:12:32 MANAGEMENT: Client disconnected
20190803 07:12:32 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190803 07:12:32 D MANAGEMENT: CMD 'state'
20190803 07:12:32 MANAGEMENT: Client disconnected
20190803 07:12:32 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190803 07:12:32 D MANAGEMENT: CMD 'state'
20190803 07:12:32 MANAGEMENT: Client disconnected
20190803 07:12:33 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190803 07:12:33 D MANAGEMENT: CMD 'log 500'
Any help would be greatly appreciated, trying to work with VPNUnlimited customer service has been time consuming and achieved nothing.
Thanks.
EDIT:
I converted the domain for ca-tr.vpnunlimitedapp.com to its IP and put that in, now its connecting reliably but the 'state'/disconnect issue persists.
Full Log when connecting:
Quote:
Serverlog Clientlog 20190803 07:32:02 I OpenVPN 2.3.2 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Aug 7 2014
20190803 07:32:02 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16
20190803 07:32:02 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20190803 07:32:02 W WARNING: file '/tmp/openvpncl/client.key' is group or others accessible
20190803 07:32:02 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400)
20190803 07:32:02 Socket Buffers: R=[180224->131072] S=[180224->131072]
20190803 07:32:02 I UDPv4 link local: [undef]
20190803 07:32:02 I UDPv4 link remote: [AF_INET]204.187.100.82:1194
20190803 07:32:02 TLS: Initial packet from [AF_INET]204.187.100.82:1194 sid=c7390ede fd257b29
20190803 07:32:02 VERIFY OK: depth=1 C=US ST=NY L=New York O=Simplex Solutions Inc. OU=Vpn Unlimited CN=server.vpnunlimitedapp.com name=server.vpnunlimitedapp.com emailAddress=support@simplexsolutionsinc.com
20190803 07:32:02 Validating certificate key usage
20190803 07:32:02 NOTE: --mute triggered...
20190803 07:32:06 6 variation(s) on previous 3 message(s) suppressed by --mute
20190803 07:32:06 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190803 07:32:06 D MANAGEMENT: CMD 'state'
20190803 07:32:06 MANAGEMENT: Client disconnected
20190803 07:32:06 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190803 07:32:06 D MANAGEMENT: CMD 'state'
20190803 07:32:06 MANAGEMENT: Client disconnected
20190803 07:32:06 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190803 07:32:06 D MANAGEMENT: CMD 'state'
20190803 07:32:06 MANAGEMENT: Client disconnected
20190803 07:32:07 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190803 07:32:07 D MANAGEMENT: CMD 'log 500'
Differences are not important LZO compression is overrided by server unless you disable it (which you should probably not do)
The VPN unlimited guide uses an address which will hand out the real addresses you are going to use (like a DNS server for VPN servers) therefore you need the remote-random.
The flashrouter guide specifies the real name and sometimes name resolving is troublesome and you can use the IP address.
the differences between both guides are minor
If you setup and it is not working:
Post a picture of the OVPN settings page, and a picture of the OVPN status page, we need the whole page to have a look
Posted: Wed Aug 07, 2019 19:55 Post subject: Dual Router Set-up problems
Attached is a screen shot of my VPN settings. The certs and key are exactly what was provided by the VPN Unlimited config generator. These settings are from the flashrouters setup guide, and the OpenVPN Server/Daemon is enabled as well per that guide. The other screenshot is of the VPN connection Log.