My local ip with vpn is not working

for now, the only problem is that the local IP is not alive!

I am not sure what you mean by the local IP is not alive?

If you can connect to HTB boxes and do all the normal things, then I don’t get what it is you are trying to solve? What do you want the local IP to do?

When you run traceroute 10.10.14.8 what does it show?

Have you confirmed that is your HTB IP address?

Hi,

I mean that this IP 10.10.14.8 is dead when I ping this IP, its not working, I am not getting any reverse shell because it’s dead, but when I connect to the VPN, machines are working but this IP is dead 10.10.14.8

Regards
Hunter

Hi,

Have you confirmed that is your HTB IP address?

Check out the above pic, you can see the HTB IP (connected to the VPN)

checked with ifconfig too = inet 10.10.14.8 → 10.10.14.8 netmask

Regards
Hunter

Ok - so to double check my understanding:

You are trying to send traffic from a HTB box to your machine but not getting anything? Is that correct?

What are you running on your local machine which you expect to respond to the shell or the pings? The IP address is clearly not dead, it is just that you aren’t getting a response because there may be nothing to respond.

Most OSes will drop ICMP traffic to themselves and if you have any security tooling in place it will block this.

So, rather than try to send ICMP packets from your IP to your IP, it is better to try and look at what is going on.

Open three terminal windows.

In one run nc -nklvp 7811 -e /bin/bash
In the second run tcpdump -nnv port 7811 (or tcpdump -nnv port 7811 -w capture.pcap if you want to store it in a file)
In the third run nc 10.10.14.8 7811

If you get a shell, everything is working as normal. If you don’t, check to see if you get any traffic being logged in the second window.

Hi,

python -m SimpleHTTPServer 1337

![Image](upload://eOr0ggKkFLn5OZSu0Q8aaLIfKOF.png "icon")

when the IP is on listening using Netcat, I tried even with the curl no response on the listening

Regards
Hunter

What does TCPDump show?

Failing anything useful in TCPdump, I’d suggest:

  1. Disconnect from the VPN and check your IP address
  2. Run the tests on your non OpenVPN IP
  3. Connect the VPN and corroborate the IP you get on your machine with the one on the HTB Access page (Login :: Hack The Box :: Penetration Testing Labs)

From there, you really need to be able to send packets from some other machine to your IP to test if it is working. There are lots of weird things if you try to send packets to yourself over a VPN which makes the findings inconclusive - and emphasises the value of checking the raw packet data in Wireshark/TShark.

Hi,

I checked my local machine IP without the VPN, that IP is working perfectly but when I connect to the VPN, HTB box IP is not responding like the local machine IP without the VPN, Same IP 10.10.14.8 is working cool in the PwnBox

Kindly check out the difference

PwnBox (HTB) VS VPN

PwnBox

VPN

![Image](upload://jWGml2f7xPal6mrSMff8sl1C1Jt.jpeg "icon")

Regards
Hunter

Although this is probably quite frustrating, I’d suggest trying to test one thing at a time rather than several and you need tcpdump looking at every connection

  • Are you getting the same IP in pwnbox as you get on Kali over VPN? I’ve never used pwnbox so I don’t know if that is normal.

  • The TCP dump screenshot show traffic is flowing to your listener. If your listener isn’t seeing this is almost certainly down to something like a firewall or other ACL type control. It might be worth double checking that the listener was configured.

If you are on the VPN and you run python -m SimpleHTTPServer 80 or python3 -m http.server 80 then connect to http://localhost/ does it work?

Hi,

Are you getting the same IP in pwnbox as you get on Kali over VPN? I've never used pwnbox so I don't know if that is normal.

yes IP is the same

This works but issue is that I can’t download anything into the vulr machine in the HTB machines; I tried to download a file into the machine but its not possible with the http://localhost/ so this should be HTTP://10.10.14.8 because I tried the same int he pwnbox which works there

If you are on the VPN and you run python -m SimpleHTTPServer 80 or python3 -m http.server 80 then connect to http://localhost/ does it work?

@hackersray said:

This works but issue is that I can’t download anything into the vulr machine in the HTB machines; I tried to download a file into the machine but its not possible with the http://localhost/ so this should be HTTP://10.10.14.8 because I tried the same int he pwnbox which works there

I get that isn’t a solution but you need to eliminate issues on your machine. The chances are high that the cause of this problem is:

  • your connection isn’t working and you need to download a new connection pack.
  • servers on your machine aren’t working
  • security on your machine is blocking the inbound traffic from the VPN

In the unlikely event that you can eliminate all three, then something at HTB has broken - but it is strange that only your IP address is affected. In this case you need to raise a Jira ticket.

Hi,

I tried tryhackme vpn that’s working fine there is no issue with that VPN from the first day I am having issues with the HTB VPN, I downloaded both free and paid VPN non of works fine, I don’t know what’s the problem.

Regards
Hunter

@hackersray said:

I tried tryhackme vpn that’s working fine there is no issue with that VPN from the first day I am having issues with the HTB VPN, I downloaded both free and paid VPN non of works fine, I don’t know what’s the problem.

If you have Free account, the VIP VPN wont work. If you have a VIP account, the VIP VPN should work and if you can connect to remote systems it is working.

The VPN is just a tunnel. Its a way of putting your machine into a remote environment. At the risk of over generalising, all it means is that packets go along that path rather than the one from your machine to the internet.

If you cant access services on your machine from the VPN then something is probably wrong on your machine. Rather than trying lots of different things, you need to try some individual tests and work out what the answer means.

For example:

  • With no VPN, spin up a webserver, and in a browser visit http://localhost/. Check what it looks like in TCPDump
  • Open the HTB VPN, spin up a webserver, and in a browser visit http://localhost/. Check what it looks like in TCPDump
  • Try visiting http://YOURHTBIP/ and see if the TCP traffic looks different.

It sounds tedious but troubleshooting requires a fair amount of methodological checking if you want to find out where the problem is.

I’d also suggest downloading a different connection pack or switching servers just to see - At the very least you’d be able to try a different IP address.

Other things to consider:

  • Double check that you don’t have an IP conflict with your local network.
  • make sure your interfaces are correct (tun0 vs eth0 vs ens33 etc)
  • check your firewall status
  • check if you have any security tools intercepting traffic

I actually have the exact same problem. I use small army of computers for hacking. Mac, Windows, Linux, Linux under VMWare Fusion, Linux under Docker and so on… But native Mac with vpn via Viscosity makes me experience the same problems described in this thread. I actually just reinstalled my Mac Book Pro and set up everything from scratch. Same problem so I would say it’s not an issue with a broken configuration or security addons it does not work on a Mac out of the box. I tried switching servers regenerating vpn configuration and so on. This worked back in 2020 some time before Christmas. My guess is that Apple rolled out something but I can’t for my life figure out what the problem is…

And I have the same problem when I access the internet from home, from my business or via my phone tethering so it’s not a firewall issue either. It used to work from all these places…

Tried installing Open VPN Connect but the same result. Something is broken. Why is my computer trying to go via the gateway at 10.10.14.1 when pinging my own ip 10.10.14.161???

Changing the connection from a tun interface to a tap interface makes it work. Though that’s not a solution it might be a workaround for now… someone with deeper network knowledge than me might be able to see what’s going on here???

EDIT: Well the above was obviously a faulty assumption. Ofcourse I can’t reach to a 10.129 network since routing is not working with tap… but when I switched back to tun it started working. Something is rotten…

EDIT: well that was ping starting to work but still not possible to reach my own interface… Im giving up using HTB from the Mac right now…