Problem with openvpn config

sadeghbb · July 12, 2022, 11:49am

ipconfig

Windows IP Configuration

Host Name . . . . . . . . . . . . : DESKTOP-R3T8479
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : lan

Unknown adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Windscribe Windtun420
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Intel(R) 82579V Gigabit Network Connection
Physical Address. . . . . . . . . : 14-DA-E9-03-F6-43
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : fdb4:50c3:6e99::190(Preferred)
Lease Obtained. . . . . . . . . . : Tuesday, July 12, 2022 3:57:06 PM
Lease Expires . . . . . . . . . . : Wednesday, July 13, 2022 3:56:09 AM
IPv6 Address. . . . . . . . . . . : fdb4:50c3:6e99:0:64a2:497d:bb35:2b7f(Preferred)
Temporary IPv6 Address. . . . . . : fdb4:50c3:6e99:0:88d7:2c07:6cd7:1c9b(Preferred)
Link-local IPv6 Address . . . . . : fe80::64a2:497d:bb35:2b7f%25(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.3.179(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, July 12, 2022 3:57:04 PM
Lease Expires . . . . . . . . . . : Wednesday, July 13, 2022 3:57:04 AM
Default Gateway . . . . . . . . . : 192.168.3.1
DHCP Server . . . . . . . . . . . : 192.168.3.1
DHCPv6 IAID . . . . . . . . . . . : 420797161
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-29-81-B5-D4-14-DA-E9-03-F6-43
DNS Servers . . . . . . . . . . . : fdb4:50c3:6e99::1
192.168.3.1
fdb4:50c3:6e99::1
NetBIOS over Tcpip. . . . . . . . : Enabled

Unknown adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Windscribe VPN
Physical Address. . . . . . . . . : 00-FF-A8-62-B6-69
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter #2
Physical Address. . . . . . . . . : D0-6F-4A-0B-94-6D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #3
Physical Address. . . . . . . . . : D0-6F-4A-0B-94-6E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #4
Physical Address. . . . . . . . . : D0-6F-4A-0B-94-6F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 802.11n USB Wireless LAN Card
Physical Address. . . . . . . . . : D0-6F-4A-0B-94-6C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-26-83-30-54-84
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Bill · July 12, 2022, 12:05pm

Thank you for the details.

On the luci install you did via ssh... how many steps down did you go?

Example:

Basic Install
Provide Encryption.
.....

sadeghbb · July 12, 2022, 1:22pm

1 - 5
All steps

psherman · July 12, 2022, 2:57pm

What do you see from this command?

netstat -plnt | grep 80

sadeghbb · July 12, 2022, 10:46pm

root@OpenWrt:~# netstat -plnt | grep 80
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      1624/uhttpd
tcp        0      0 :::8080                 :::*                    LISTEN      1624/uhttpd
tcp        0      0 fe80::62a4:b7ff:fe1b:e569:53 :::*                    LISTEN      2353/dnsmasq
tcp        0      0 fe80::62a4:b7ff:fe1b:e569:53 :::*                    LISTEN      2353/dnsmasq
tcp        0      0 fe80::62a4:b7ff:fe1b:e569:53 :::*                    LISTEN      2353/dnsmasq

psherman · July 12, 2022, 10:50pm

looks like uhttpd is listening on port 8080. Try that in your web browser (http://192.168.3.1:8080)

Did you change the listening port for uhttpd? or did you install any other packages that might have had a dependency on port 80?

sadeghbb · July 13, 2022, 4:08pm

thanks bro
problem solved
now want run openvpn
upload ovpn config and set user pass and click on start and enable but no start and not work !

psherman · July 13, 2022, 4:20pm

What do the logs say?

sadeghbb · July 13, 2022, 5:14pm

Wed Jul 13 16:52:52 2022 daemon.warn openvpn(londoncr2)[8408]: Use --help for more information.
Wed Jul 13 16:52:57 2022 daemon.err openvpn(londoncr2)[8409]: Options error: Unrecognized option or missing or extra parameter(s) in /etc/openvpn/londoncr2.ovpn:9: auth-realit***rzafv-***85zs9 (2.5.3)

and this:


Wed Jul 13 18:41:00 2022 daemon.notice openvpn(paris80)[14161]: Note: Treating option '--ncp-ciphers' as  '--data-ciphers' (renamed in OpenVPN 2.5).
Wed Jul 13 18:41:00 2022 daemon.notice openvpn(paris80)[14161]: OpenVPN 2.5.3 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Wed Jul 13 18:41:00 2022 daemon.notice openvpn(paris80)[14161]: library versions: OpenSSL 1.1.1o  3 May 2022, LZO 2.10
Wed Jul 13 18:41:00 2022 daemon.err openvpn(paris80)[14161]: neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Auth Username:'.  If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.
Wed Jul 13 18:41:00 2022 daemon.notice openvpn(paris80)[14161]: Exiting due to fatal error

psherman · July 13, 2022, 9:35pm

sadeghbb:

Wed Jul 13 18:41:00 2022 daemon.err openvpn(paris80)[14161]: neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Auth Username:'.  If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.

This is your primary error.

sadeghbb · July 22, 2022, 2:24pm


Fri Jul 22 14:23:52 2022 daemon.notice openvpn(ipvanishfrank1)[3476]: SIGTERM[hard,init_instance] received, process exiting
Fri Jul 22 14:23:55 2022 daemon.warn dnsmasq[2789]: possible DNS-rebind attack detected: api.onedrive.com
Fri Jul 22 14:23:57 2022 daemon.warn openvpn(ipvanishfrank1)[4377]: WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
Fri Jul 22 14:23:57 2022 daemon.warn openvpn(ipvanishfrank1)[4377]: DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
Fri Jul 22 14:23:57 2022 daemon.warn openvpn(ipvanishfrank1)[4377]: WARNING: --keysize is DEPRECATED and will be removed in OpenVPN 2.6
Fri Jul 22 14:23:57 2022 daemon.notice openvpn(ipvanishfrank1)[4377]: OpenVPN 2.5.3 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Fri Jul 22 14:23:57 2022 daemon.notice openvpn(ipvanishfrank1)[4377]: library versions: OpenSSL 1.1.1o  3 May 2022, LZO 2.10
Fri Jul 22 14:23:57 2022 daemon.warn openvpn(ipvanishfrank1)[4377]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Jul 22 14:23:59 2022 daemon.warn dnsmasq[2789]: possible DNS-rebind attack detected: man-c08.ipvanish.com
Fri Jul 22 14:24:00 2022 daemon.warn dnsmasq[2789]: possible DNS-rebind attack detected: api.onedrive.com
Fri Jul 22 14:24:02 2022 daemon.err openvpn(ipvanishfrank1)[4377]: RESOLVE: Cannot resolve host address: man-c08.ipvanish.com:443 (Name does not resolve)
Fri Jul 22 14:24:02 2022 daemon.warn dnsmasq[2789]: possible DNS-rebind attack detected: man-c08.ipvanish.com

now have this problem

frollic · July 22, 2022, 2:41pm

Error is kind of self explainable...
Is the :443 a part of the host name, by mistake?

sadeghbb · July 23, 2022, 12:58pm

may this server suspended by my isp?
beacuse my country network very limited and suspend many vpn servers