Issues with vpn?

Hi everyone, so I got my vpn working, and will post that log. However, on HTB for active machines I cannot ping nor visit any URLs for the active machines. I tried TCP and UDP to no avail, not sure what’s going on.

2020-09-30 17:17:13 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless “allow-compression yes” is also set.
2020-09-30 17:17:13 DEPRECATED OPTION: --cipher set to ‘AES-128-CBC’ but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add ‘AES-128-CBC’ to --data-ciphers or change --cipher ‘AES-128-CBC’ to --data-ciphers-fallback ‘AES-128-CBC’ to silence this warning.
2020-09-30 17:17:13 OpenVPN 2.5_beta3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 1 2020
2020-09-30 17:17:13 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10
2020-09-30 17:17:13 Outgoing Control Channel Authentication: Using 256 bit message hash ‘SHA256’ for HMAC authentication
2020-09-30 17:17:13 Incoming Control Channel Authentication: Using 256 bit message hash ‘SHA256’ for HMAC authentication
2020-09-30 17:17:14 TCP/UDP: Preserving recently used remote address: [AF_INET]5.44.235.168:1337
2020-09-30 17:17:14 Socket Buffers: R=[212992->212992] S=[212992->212992]
2020-09-30 17:17:14 UDP link local: (not bound)
2020-09-30 17:17:14 UDP link remote: [AF_INET]5.44.235.168:1337
2020-09-30 17:17:14 TLS: Initial packet from [AF_INET]5.44.235.168:1337, sid=d40ece1e 6186048d
2020-09-30 17:17:14 VERIFY OK: depth=1, C=UK, ST=City, L=London, O=HackTheBox, CN=HackTheBox CA, name=htb, emailAddress=info@hackthebox.eu
2020-09-30 17:17:14 VERIFY KU OK
2020-09-30 17:17:14 Validating certificate extended key usage
2020-09-30 17:17:14 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2020-09-30 17:17:14 VERIFY EKU OK
2020-09-30 17:17:14 VERIFY OK: depth=0, C=UK, ST=City, L=London, O=HackTheBox, CN=htb, name=htb, emailAddress=info@hackthebox.eu
2020-09-30 17:17:14 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
2020-09-30 17:17:14 [htb] Peer Connection Initiated with [AF_INET]5.44.235.168:1337
2020-09-30 17:17:15 SENT CONTROL [htb]: ‘PUSH_REQUEST’ (status=1)
2020-09-30 17:17:15 PUSH: Received control message: ‘PUSH_REPLY,route 10.10.10.0 255.255.254.0,route-ipv6 dead:beef::/64,tun-ipv6,route-gateway 10.10.14.1,topology subnet,ping 10,ping-restart 120,ifconfig-ipv6 dead:beef:2::10c0/64 dead:beef:2::1,ifconfig 10.10.14.194 255.255.254.0,peer-id 38,cipher AES-256-GCM’
2020-09-30 17:17:15 OPTIONS IMPORT: timers and/or timeouts modified
2020-09-30 17:17:15 OPTIONS IMPORT: --ifconfig/up options modified
2020-09-30 17:17:15 OPTIONS IMPORT: route options modified
2020-09-30 17:17:15 OPTIONS IMPORT: route-related options modified
2020-09-30 17:17:15 OPTIONS IMPORT: peer-id set
2020-09-30 17:17:15 OPTIONS IMPORT: adjusting link_mtu to 1625
2020-09-30 17:17:15 OPTIONS IMPORT: data channel crypto options modified
2020-09-30 17:17:15 Data Channel: using negotiated cipher ‘AES-256-GCM’
2020-09-30 17:17:15 Outgoing Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key
2020-09-30 17:17:15 Incoming Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key
2020-09-30 17:17:15 net_route_v4_best_gw query: dst 0.0.0.0
2020-09-30 17:17:15 net_route_v4_best_gw result: via 192.168.1.1 dev eth0
2020-09-30 17:17:15 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=eth0 HWADDR=00:0c:29:c6:38:94
2020-09-30 17:17:15 GDG6: remote_host_ipv6=n/a
2020-09-30 17:17:15 net_route_v6_best_gw query: dst ::
2020-09-30 17:17:15 net_route_v6_best_gw result: via fe80::daa7:56ff:fe93:f8a dev eth0
2020-09-30 17:17:15 ROUTE6_GATEWAY fe80::daa7:56ff:fe93:f8a IFACE=eth0
2020-09-30 17:17:15 TUN/TAP device tun6 opened
2020-09-30 17:17:15 net_iface_mtu_set: mtu 1500 for tun6
2020-09-30 17:17:15 net_iface_up: set tun6 up
2020-09-30 17:17:15 net_addr_v4_add: 10.10.14.194/23 dev tun6
2020-09-30 17:17:15 net_iface_mtu_set: mtu 1500 for tun6
2020-09-30 17:17:15 net_iface_up: set tun6 up
2020-09-30 17:17:15 net_addr_v6_add: dead:beef:2::10c0/64 dev tun6
2020-09-30 17:17:15 net_route_v4_add: 10.10.10.0/23 via 10.10.14.1 dev [NULL] table 0 metric -1
2020-09-30 17:17:15 add_route_ipv6(dead:beef::/64 → dead:beef:2::1 metric -1) dev tun6
2020-09-30 17:17:15 net_route_v6_add: dead:beef::/64 via :: dev tun6 table 0 metric -1
2020-09-30 17:17:15 WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
2020-09-30 17:17:15 Initialization Sequence Completed

Last line claims connection is finalized, and on HTB it says i’m connected.

Thanks for the help!

@zylah said:

Hi everyone, so I got my vpn working, and will post that log. However, on HTB for active machines I cannot ping nor visit any URLs for the active machines. I tried TCP and UDP to no avail, not sure what’s going on.

When you check the access page (Login :: Hack The Box :: Penetration Testing Labs) does it say you are connected?

When you run ifconfig what IP address is assigned to tun0?

When you try to connect to a server, what results do you get? Timeout is very different to server not found for example.

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.10.14.93

and yes it does say i’m connected, that’s why i’m lost. I’ll restart the vm, see if that helps any.

thank you for the reply

reboot seems to have worked, not sure what was wrong. thank you again

Awesome.