VPN connected but unstable (keep disconnect/reconnect)

Hello there,

I'm connected to the VPN but the connection isn't stable since yesterday or so even though I regenerated my certificate.
I simply can't work with those disconnection/reconnection all the time and can't figure out why it's happening.

VPN log is there : https://pastebin.com/JG5W4C6m

Thanks for your help!
Goa

Comments

  • The same problem since today.

  • I thought It was just me

  • same problema here, the website and the vpn says im connected but i cant ping any of the active machines :x

  • I think (but not sure) it was a firewall issue. I applied the receommendations stated on the HTB access page to use port 443/TCP instead of 1337/UDP and no more problems :)

    Alternative TCP Connection
    
    In case your firewall/country is restrictive and does not allow UDP/1337, by changing the following two lines in your .ovpn file you can connect using TCP/443
    proto udp > proto tcp
    remote {server}.hackthebox.eu 1337 > remote {server}.hackthebox.eu 443
    <tls-auth> > <tls-crypt>
    </tls-auth> > </tls-crypt>
    

    Hope it helps other.

  • also having the same problem, tried the recommended fix but tcp doesn't change anything. still getting a fatal error

    OpenVPN 2.4.6 x86_64-apple-darwin16.7.0
    [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] 
    built on May  1 2018
    
    openvpn config.ovpn
    ...
    Fri Nov  9 22:49:53 2018 Opening utun (connect(AF_SYS_CONTROL)): Operation not permitted (errno=1)
    Fri Nov  9 22:49:53 2018 Failed to open utun device. Falling back to /dev/tun device
    Fri Nov  9 22:49:53 2018 Cannot allocate TUN/TAP dev dynamically
    Fri Nov  9 22:49:53 2018 Exiting due to fatal error
    
    

    frustrating to be stumped so early on.

  • Looks like a permission issue on your end : "Operation not permitted".. did you try as a privileged user ?

  • edited November 2018

    I merged some openvpn options in from our terraform repository at work, here's a diff:

    +reneg-sec 0
    +tun-ipv6
    +keepalive 5 30
    +route-delay 2
    

    I imported this into NetworkManager so I can connect natively from GNOME's connection list with the following command:
    $ sudo nmcli connection import type openvpn file hackthebox.ovpn

    After importing it I went into the VPN connection settings for my hackthebox profile and enabled "Use this connection only for resources on its network" for both IPV4 and IPv6.

    It should be noted I had to also add these sysctl options because the connection was failing in the middle of attempting to configure ipv6 with RTNETLINK answers: Permission denied

    # tail -3 /etc/sysctl.d/99-local.conf
    net.ipv6.conf.all.disable_ipv6 = 0
    net.ipv6.conf.default.disable_ipv6 = 0
    net.ipv6.conf.lo.disable_ipv6 = 0
    

    methodic

Sign In to comment.