Johnny Aywah Posted August 14, 2019 Share Posted August 14, 2019 Hi guys, Finally got my config right, GUI says I am connected and my TigerVPN console says i have an established session have added to PCs to the device list, but as far as ai can see, none of that traffic is actually beinf routed through the VPN tunnel Have I missed something? Link to comment Share on other sites More sharing options...
Administrators Netduma Alex Posted August 14, 2019 Administrators Share Posted August 14, 2019 Add your devices to the list, and make sure that it's set to DO NOT FILTER THESE SERVICES, this will make it filter everything on that device if no services are set. Link to comment Share on other sites More sharing options...
Johnny Aywah Posted August 14, 2019 Author Share Posted August 14, 2019 Hi there, do you mean "Do Not VPN these services?" I have already selected this Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted August 14, 2019 Administrators Share Posted August 14, 2019 Yes that's right. If you don't know your normal IP address already I would disable the VPN and then check your IP using a site like this: https://whatismyipaddress.com/ then once you've confirmed that then re-enable the VPN and on a VPNd device check the IP again, if it has changed then it's working. Just for the test might be a good idea to use a far away server as will be easier to tell it is working. Link to comment Share on other sites More sharing options...
Johnny Aywah Posted August 14, 2019 Author Share Posted August 14, 2019 IP does not appear to change according to whats my IP Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted August 14, 2019 Administrators Share Posted August 14, 2019 It could be it is caching your IP between the tests so try again but use an incognito browser to test and see if it shows the same. If not could you provide a screenshot of your Hybrid VPN page please? Link to comment Share on other sites More sharing options...
Johnny Aywah Posted August 14, 2019 Author Share Posted August 14, 2019 here you go...and thanks! EDIT: adding HybridVPN logs Wed Aug 14 23:24:46 2019 OpenVPN 2.4.3 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 29 2018 Wed Aug 14 23:24:46 2019 library versions: OpenSSL 1.0.2n 7 Dec 2017, LZO 2.06 Wed Aug 14 23:24:46 2019 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Wed Aug 14 23:24:47 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]162.220.221.42:1194 Wed Aug 14 23:24:47 2019 Socket Buffers: R=[163840->163840] S=[163840->163840] Wed Aug 14 23:24:47 2019 UDP link local (bound): [AF_INET][undef]:1194 Wed Aug 14 23:24:47 2019 UDP link remote: [AF_INET]162.220.221.42:1194 Wed Aug 14 23:24:47 2019 TLS: Initial packet from [AF_INET]162.220.221.42:1194, sid=f6767b5a 02786d16 Wed Aug 14 23:24:47 2019 VERIFY OK: depth=1, C=SK, ST=Bratislava, L=Bratislava, O=Tiger At Work & Co. k. s., OU=tigerVPN, CN=tigerVPN, name=tigerVPN, [email protected] Wed Aug 14 23:24:47 2019 VERIFY KU OK Wed Aug 14 23:24:47 2019 Validating certificate extended key usage Wed Aug 14 23:24:47 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Wed Aug 14 23:24:47 2019 VERIFY EKU OK Wed Aug 14 23:24:47 2019 VERIFY OK: depth=0, C=SK, ST=Bratislava, L=Bratislava, O=Tiger At Work & Co. k. s., OU=tigerVPN, CN=tigervpn.com, name=tigerVPN, [email protected] Wed Aug 14 23:24:47 2019 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA Wed Aug 14 23:24:47 2019 [tigervpn.com] Peer Connection Initiated with [AF_INET]162.220.221.42:1194 Wed Aug 14 23:24:48 2019 SENT CONTROL [tigervpn.com]: 'PUSH_REQUEST' (status=1) Wed Aug 14 23:24:53 2019 SENT CONTROL [tigervpn.com]: 'PUSH_REQUEST' (status=1) Wed Aug 14 23:24:53 2019 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 162.220.221.43,route-gateway 100.97.0.1,topology subnet,ping 10,ping-restart 30,ifconfig 100.97.0.48 255.255.0.0,peer-id 70,cipher AES-256-GCM' Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: timers and/or timeouts modified Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: --ifconfig/up options modified Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: route options modified Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: route-related options modified Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: peer-id set Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: adjusting link_mtu to 1625 Wed Aug 14 23:24:53 2019 NOTE: --mute triggered... Wed Aug 14 23:24:53 2019 1 variation(s) on previous 10 message(s) suppressed by --mute Wed Aug 14 23:24:53 2019 Data Channel: using negotiated cipher 'AES-256-GCM' Wed Aug 14 23:24:53 2019 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key Wed Aug 14 23:24:53 2019 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key Wed Aug 14 23:24:53 2019 TUN/TAP device tun0 opened Wed Aug 14 23:24:53 2019 TUN/TAP TX queue length set to 100 Wed Aug 14 23:24:53 2019 do_ifconfig, tt->did_ifconfig_ipv6_setup=0 Wed Aug 14 23:24:53 2019 /sbin/ifconfig tun0 100.97.0.48 netmask 255.255.0.0 mtu 1500 broadcast 100.97.255.255 Wed Aug 14 23:24:53 2019 /dumaos/apps/usr/com.netdumasoftware.hybridvpn/openvpn-event.lua openvpnup 6 tun0 1500 1553 100.97.0.48 255.255.0.0 init Wed Aug 14 23:24:58 2019 Initialization Sequence Completed Link to comment Share on other sites More sharing options...
Administrators Netduma Alex Posted August 15, 2019 Administrators Share Posted August 15, 2019 Could I have a look at the config file? Link to comment Share on other sites More sharing options...
Johnny Aywah Posted August 15, 2019 Author Share Posted August 15, 2019 Sure thing, and thanks client remote los.tigervpn.com 1194 udp remote los.tigervpn.com 443 tcp-client pull auth-user-pass auth-nocache comp-lzo adaptive ca ca.crt dev tun tls-client script-security 2 cipher AES-256-CBC mute 10 route-delay 5 redirect-gateway def1 resolv-retry infinite #dhcp-renew #dhcp-release persist-key persist-tun remote-cert-tls server mssfix Link to comment Share on other sites More sharing options...
Administrators Netduma Alex Posted August 15, 2019 Administrators Share Posted August 15, 2019 It doesn't seem to have a certificate which is kind of unusual. I might need to do some research on exactly how openVPN works, else i'll have to ask the devs about this. Link to comment Share on other sites More sharing options...
Johnny Aywah Posted August 16, 2019 Author Share Posted August 16, 2019 no it does, i just didnt paste it in, do you need the cert as well? should the PULL command in the OPENVPN config not default all sessions through the tunnel? Link to comment Share on other sites More sharing options...
Administrators Netduma Alex Posted August 16, 2019 Administrators Share Posted August 16, 2019 Oh right I see, well as long as the certificate is there in the original. I'm trying to figure out if there's any differences between this config file and one I know that works. Link to comment Share on other sites More sharing options...
Johnny Aywah Posted August 18, 2019 Author Share Posted August 18, 2019 well if you paste it, i can give it a shot Link to comment Share on other sites More sharing options...
Administrators Netduma Admin Posted August 18, 2019 Administrators Share Posted August 18, 2019 I'll nudge Alex to follow up on this tomorrow. Link to comment Share on other sites More sharing options...
Johnny Aywah Posted August 19, 2019 Author Share Posted August 19, 2019 amusingly, i updated to the latest Netgear FW and this feature now seems to be working correctly I did not think Netgear code had any impacts on how Duma OS operates FYI, FW version number is still showing as .40 not .56 despite the gui telling me im on.56 when i look for new firmware Link to comment Share on other sites More sharing options...
Administrators Netduma Alex Posted August 19, 2019 Administrators Share Posted August 19, 2019 I'm glad it's working for you now, although I am still confused as to why the version number is displayed incorrectly. The DumaOS and NETGEAR features do in fact have some interaction as many of the DumaOS elements are reliant on elements of the NETGEAR software. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.