How to solve "connect to [AF_INET]127.0.0.1:1080 failed: Unknown error" error?

peter.davis · January 30, 2024, 6:08am

Hello,
I found a similar question at TCP connect to [AF_INET]127.0.0.1:1080 failed: Connection refused and wondered if can anyone help me with this error here?
Please consider the following scenario:

VPS (Shadowsocks Server) ---> Home Server (Shadowsocks Client + OpenVPN Server) ---> Client (OpenVPN Connect)

VPS: 172.20.2.55
Home Server: 172.21.50.76
Client: 172.21.50.72

Shadowsocks server (VPS) configuration is as follows:

{
    "server":["172.20.2.55"],
    "mode":"tcp_and_udp",
    "server_port":8388,
    "local_port":1080,
    "password":"123456",
    "timeout":86400,
    "method":"chacha20-ietf-poly1305"
}

And Shadowsocks client (Home Server) configuration is as follows:

{
 "server":"172.20.2.55",
 "mode":"tcp_and_udp",
 "server_port":8388,
 "local_address":"127.0.0.1",
 "local_port":1080,
 "password":"123456",
 "timeout":60,
 "method":"chacha20-ietf-poly1305"
}

The OpenVPN server (Home Server) configuration is:

port 1194
proto tcp
dev tun
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/Server.crt
key /etc/openvpn/server/Server.key                             
dh /etc/openvpn/server/dh.pem
server 10.8.0.0 255.255.255.0              
push "redirect-gateway def1 bypass-dhcp"   
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 8.8.8.8"             
keepalive 10 120
tls-crypt /etc/openvpn/server/ta.key 0                            
data-ciphers AES-256-GCM                   
cipher AES-256-GCM
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log         /var/log/openvpn/openvpn.log
log-append  /var/log/openvpn/openvpn.log
verb 3
explicit-exit-notify 1

And client configuration is:

client
dev tun
proto tcp
remote 172.21.50.76 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
data-ciphers AES-256-GCM        
cipher AES-256-GCM
verb 3

socks-proxy 127.0.0.1 1080
route 172.21.50.76 255.255.255.255 net_gateway

I tested the Shadowsocks server on the home server and its worked:

# httping -x 127.0.0.1:1080 -5 -g http://www.google.com
PING www.google.com:80 (/):
connected to www.google.com:80 (1101 bytes), seq=0 time=172.35 ms 
connected to www.google.com:80 (980 bytes), seq=1 time=170.65 ms 
connected to www.google.com:80 (1374 bytes), seq=2 time=168.94 ms 
connected to www.google.com:80 (1374 bytes), seq=3 time=169.54 ms 
connected to www.google.com:80 (1374 bytes), seq=4 time=169.90 ms 
connected to www.google.com:80 (1374 bytes), seq=5 time=169.73 ms 
...

I tried to connect to OpenVPN server, but I got the following error:

Mon Jan 29 09:27:06 2024 Note: --socks-proxy disables data channel offload.
Mon Jan 29 09:27:06 2024 OpenVPN 2.6.5 [git:v2.6.5/cbc9e0ce412e7b42] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Jun 13 2023
Mon Jan 29 09:27:06 2024 Windows version 6.1 (Windows 7), amd64 executable
Mon Jan 29 09:27:06 2024 library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
Mon Jan 29 09:27:06 2024 DCO version: v0
Mon Jan 29 09:27:06 2024 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25355
Mon Jan 29 09:27:06 2024 Need hold release from management interface, waiting...
Mon Jan 29 09:27:07 2024 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1118
Mon Jan 29 09:27:07 2024 MANAGEMENT: CMD 'state on'
Mon Jan 29 09:27:07 2024 MANAGEMENT: CMD 'log on all'
Mon Jan 29 09:27:07 2024 MANAGEMENT: CMD 'echo on all'
Mon Jan 29 09:27:07 2024 MANAGEMENT: CMD 'bytecount 5'
Mon Jan 29 09:27:07 2024 MANAGEMENT: CMD 'state'
Mon Jan 29 09:27:07 2024 MANAGEMENT: CMD 'hold off'
Mon Jan 29 09:27:07 2024 MANAGEMENT: CMD 'hold release'
Mon Jan 29 09:27:07 2024 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1080
Mon Jan 29 09:27:07 2024 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Jan 29 09:27:07 2024 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1080
Mon Jan 29 09:27:07 2024 MANAGEMENT: >STATE:1706507827,TCP_CONNECT,,,,,,
Mon Jan 29 09:29:07 2024 TCP: connect to [AF_INET]127.0.0.1:1080 failed: Unknown error
Mon Jan 29 09:29:07 2024 SIGUSR1[connection failed(soft),connection-failed] received, process restarting
Mon Jan 29 09:29:07 2024 MANAGEMENT: >STATE:1706507947,RECONNECTING,connection-failed,,,,,

What is wrong? How to solve TCP: connect to [AF_INET]127.0.0.1:1080 failed: Unknown error error?

Thanks you.

flygarn12 · January 30, 2024, 8:38am

The openvpn server have tcp and the client have udp.

peter.davis · January 30, 2024, 9:40am

Hello,
Thank you so much for you reply.
Not really, as you can see, it is working on both protocols:

# ss -tulpn
Netid    State     Recv-Q     Send-Q         Local Address:Port         Peer Address:Port    Process                               
udp      UNCONN    0          0                  127.0.0.1:1080              0.0.0.0:*        users:(("ss-local",pid=802,fd=6))    
udp      UNCONN    0          0                    0.0.0.0:68                0.0.0.0:*        users:(("dhclient",pid=505,fd=7))    
udp      UNCONN    0          0                    0.0.0.0:68                0.0.0.0:*        users:(("dhclient",pid=485,fd=7))    
tcp      LISTEN    0          4096               127.0.0.1:1080              0.0.0.0:*        users:(("ss-local",pid=802,fd=5))    
tcp      LISTEN    0          128                  0.0.0.0:22                0.0.0.0:*        users:(("sshd",pid=563,fd=3))        
tcp      LISTEN    0          32                   0.0.0.0:1194              0.0.0.0:*        users:(("openvpn",pid=780,fd=5))     
tcp      LISTEN    0          128                     [::]:22                   [::]:*        users:(("sshd",pid=563,fd=4))

What is your opinion?

flygarn12 · January 30, 2024, 10:09am

You still have udp in one config and tcp in the other config.

peter.davis · January 30, 2024, 11:59am

Where?
Shadowsocks server:

{
    "server":["172.20.2.55"],
    "mode":"tcp_and_udp",
    "server_port":8388,
    "local_port":1080,
    "password":"123456",
    "timeout":86400,
    "method":"chacha20-ietf-poly1305"
}

Shadowsocks client:

{
 "server":"172.20.2.55",
 "mode":"tcp_and_udp",
 "server_port":8388,
 "local_address":"127.0.0.1",
 "local_port":1080,
 "password":"123456",
 "timeout":60,
 "method":"chacha20-ietf-poly1305"
}

Do you think I should change local_address:"127.0.0.1" to local_address:"172.21.50.76"?
Also:

socks-proxy 127.0.0.1 1080
route 172.21.50.76 255.255.255.255 net_gateway

To:

socks-proxy 172.21.50.76 1080
route 172.20.2.55 255.255.255.255 net_gateway

flygarn12 · January 30, 2024, 1:47pm

The openvpn configs you have in your first post are not synced for the protocol?

peter.davis · January 30, 2024, 5:29pm

Hi,
Thank you so much for your reply.
It was typo. I corrected it.
What is your opinion about my questions?

mk24 · January 30, 2024, 5:39pm

Are you running OpenVPN on Windows not the router?

127.0.0.0 only exists inside the same machine, it can't be routed through a LAN. You would need to run the shadowsocks client on a router LAN IP and port that Windows can reach.

peter.davis · January 31, 2024, 7:23am

Hello,
Thank you so much for your reply.
Yes. I use the OpenVPN Connect on Windows.
As you can see:

VPS (Shadowsocks Server) ---> Home Server (Shadowsocks Client + OpenVPN Server) ---> Client (OpenVPN Connect)

VPS: 172.20.2.55
Home Server: 172.21.50.76
Client: 172.21.50.72

That's why I asked if I should change local_address:"127.0.0.1" to local_address:"172.21.50.76" or not?