Jump to content
Johnny Aywah

XR500 Hybrid VPN connected to TigerVPN

Recommended Posts

Hi guys,

 

Finally got my config right, GUI says I am connected and my TigerVPN console says i have an established session

have added to PCs to the device list, but as far as ai can see, none of that traffic is actually beinf routed through the VPN tunnel

Have I missed something?

Share this post


Link to post
Share on other sites

Add your devices to the list, and make sure that it's set to DO NOT FILTER THESE SERVICES, this will make it filter everything on that device if no services are set.

Share this post


Link to post
Share on other sites

Yes that's right. If you don't know your normal IP address already I would disable the VPN and then check your IP using a site like this: https://whatismyipaddress.com/ then once you've confirmed that then re-enable the VPN and on a VPNd device check the IP again, if it has changed then it's working. Just for the test might be a good idea to use a far away server as will be easier to tell it is working.

Share this post


Link to post
Share on other sites

here you go...and thanks!

 

EDIT: adding HybridVPN logs

Wed Aug 14 23:24:46 2019 OpenVPN 2.4.3 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 29 2018
Wed Aug 14 23:24:46 2019 library versions: OpenSSL 1.0.2n  7 Dec 2017, LZO 2.06
Wed Aug 14 23:24:46 2019 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed Aug 14 23:24:47 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]162.220.221.42:1194
Wed Aug 14 23:24:47 2019 Socket Buffers: R=[163840->163840] S=[163840->163840]
Wed Aug 14 23:24:47 2019 UDP link local (bound): [AF_INET][undef]:1194
Wed Aug 14 23:24:47 2019 UDP link remote: [AF_INET]162.220.221.42:1194
Wed Aug 14 23:24:47 2019 TLS: Initial packet from [AF_INET]162.220.221.42:1194, sid=f6767b5a 02786d16
Wed Aug 14 23:24:47 2019 VERIFY OK: depth=1, C=SK, ST=Bratislava, L=Bratislava, O=Tiger At Work & Co. k. s., OU=tigerVPN, CN=tigerVPN, name=tigerVPN, [email protected]
Wed Aug 14 23:24:47 2019 VERIFY KU OK
Wed Aug 14 23:24:47 2019 Validating certificate extended key usage
Wed Aug 14 23:24:47 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Wed Aug 14 23:24:47 2019 VERIFY EKU OK
Wed Aug 14 23:24:47 2019 VERIFY OK: depth=0, C=SK, ST=Bratislava, L=Bratislava, O=Tiger At Work & Co. k. s., OU=tigerVPN, CN=tigervpn.com, name=tigerVPN, [email protected]
Wed Aug 14 23:24:47 2019 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Wed Aug 14 23:24:47 2019 [tigervpn.com] Peer Connection Initiated with [AF_INET]162.220.221.42:1194
Wed Aug 14 23:24:48 2019 SENT CONTROL [tigervpn.com]: 'PUSH_REQUEST' (status=1)
Wed Aug 14 23:24:53 2019 SENT CONTROL [tigervpn.com]: 'PUSH_REQUEST' (status=1)
Wed Aug 14 23:24:53 2019 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 162.220.221.43,route-gateway 100.97.0.1,topology subnet,ping 10,ping-restart 30,ifconfig 100.97.0.48 255.255.0.0,peer-id 70,cipher AES-256-GCM'
Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: timers and/or timeouts modified
Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: --ifconfig/up options modified
Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: route options modified
Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: route-related options modified
Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: peer-id set
Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: adjusting link_mtu to 1625
Wed Aug 14 23:24:53 2019 NOTE: --mute triggered...
Wed Aug 14 23:24:53 2019 1 variation(s) on previous 10 message(s) suppressed by --mute
Wed Aug 14 23:24:53 2019 Data Channel: using negotiated cipher 'AES-256-GCM'
Wed Aug 14 23:24:53 2019 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Wed Aug 14 23:24:53 2019 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Wed Aug 14 23:24:53 2019 TUN/TAP device tun0 opened
Wed Aug 14 23:24:53 2019 TUN/TAP TX queue length set to 100
Wed Aug 14 23:24:53 2019 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Wed Aug 14 23:24:53 2019 /sbin/ifconfig tun0 100.97.0.48 netmask 255.255.0.0 mtu 1500 broadcast 100.97.255.255
Wed Aug 14 23:24:53 2019 /dumaos/apps/usr/com.netdumasoftware.hybridvpn/openvpn-event.lua openvpnup 6 tun0 1500 1553 100.97.0.48 255.255.0.0 init
Wed Aug 14 23:24:58 2019 Initialization Sequence Completed

 

Wed Aug 14 23:24:46 2019 OpenVPN 2.4.3 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 29 2018 Wed Aug 14 23:24:46 2019 library versions: OpenSSL 1.0.2n 7 Dec 2017, LZO 2.06 Wed Aug 14 23:24:46 2019 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Wed Aug 14 23:24:47 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]162.220.221.42:1194 Wed Aug 14 23:24:47 2019 Socket Buffers: R=[163840->163840] S=[163840->163840] Wed Aug 14 23:24:47 2019 UDP link local (bound): [AF_INET][undef]:1194 Wed Aug 14 23:24:47 2019 UDP link remote: [AF_INET]162.220.221.42:1194 Wed Aug 14 23:24:47 2019 TLS: Initial packet from [AF_INET]162.220.221.42:1194, sid=f6767b5a 02786d16 Wed Aug 14 23:24:47 2019 VERIFY OK: depth=1, C=SK, ST=Bratislava, L=Bratislava, O=Tiger At Work & Co. k. s., OU=tigerVPN, CN=tigerVPN, name=tigerVPN, [email protected] Wed Aug 14 23:24:47 2019 VERIFY KU OK Wed Aug 14 23:24:47 2019 Validating certificate extended key usage Wed Aug 14 23:24:47 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Wed Aug 14 23:24:47 2019 VERIFY EKU OK Wed Aug 14 23:24:47 2019 VERIFY OK: depth=0, C=SK, ST=Bratislava, L=Bratislava, O=Tiger At Work & Co. k. s., OU=tigerVPN, CN=tigervpn.com, name=tigerVPN, [email protected] Wed Aug 14 23:24:47 2019 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA Wed Aug 14 23:24:47 2019 [tigervpn.com] Peer Connection Initiated with [AF_INET]162.220.221.42:1194 Wed Aug 14 23:24:48 2019 SENT CONTROL [tigervpn.com]: 'PUSH_REQUEST' (status=1) Wed Aug 14 23:24:53 2019 SENT CONTROL [tigervpn.com]: 'PUSH_REQUEST' (status=1) Wed Aug 14 23:24:53 2019 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 162.220.221.43,route-gateway 100.97.0.1,topology subnet,ping 10,ping-restart 30,ifconfig 100.97.0.48 255.255.0.0,pWed Aug 14 23:24:46 2019 OpenVPN 2.4.3 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 29 2018
Wed Aug 14 23:24:46 2019 library versions: OpenSSL 1.0.2n  7 Dec 2017, LZO 2.06
Wed Aug 14 23:24:46 2019 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed Aug 14 23:24:47 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]162.220.221.42:1194
Wed Aug 14 23:24:47 2019 Socket Buffers: R=[163840->163840] S=[163840->163840]
Wed Aug 14 23:24:47 2019 UDP link local (bound): [AF_INET][undef]:1194
Wed Aug 14 23:24:47 2019 UDP link remote: [AF_INET]162.220.221.42:1194
Wed Aug 14 23:24:47 2019 TLS: Initial packet from [AF_INET]162.220.221.42:1194, sid=f6767b5a 02786d16
Wed Aug 14 23:24:47 2019 VERIFY OK: depth=1, C=SK, ST=Bratislava, L=Bratislava, O=Tiger At Work & Co. k. s., OU=tigerVPN, CN=tigerVPN, name=tigerVPN, [email protected]
Wed Aug 14 23:24:47 2019 VERIFY KU OK
Wed Aug 14 23:24:47 2019 Validating certificate extended key usage
Wed Aug 14 23:24:47 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Wed Aug 14 23:24:47 2019 VERIFY EKU OK
Wed Aug 14 23:24:47 2019 VERIFY OK: depth=0, C=SK, ST=Bratislava, L=Bratislava, O=Tiger At Work & Co. k. s., OU=tigerVPN, CN=tigervpn.com, name=tigerVPN, [email protected]
Wed Aug 14 23:24:47 2019 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Wed Aug 14 23:24:47 2019 [tigervpn.com] Peer Connection Initiated with [AF_INET]162.220.221.42:1194
Wed Aug 14 23:24:48 2019 SENT CONTROL [tigervpn.com]: 'PUSH_REQUEST' (status=1)
Wed Aug 14 23:24:53 2019 SENT CONTROL [tigervpn.com]: 'PUSH_REQUEST' (status=1)
Wed Aug 14 23:24:53 2019 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 162.220.221.43,route-gateway 100.97.0.1,topology subnet,ping 10,ping-restart 30,ifconfig 100.97.0.48 255.255.0.0,peer-id 70,cipher AES-256-GCM'
Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: timers and/or timeouts modified
Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: --ifconfig/up options modified
Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: route options modified
Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: route-related options modified
Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: peer-id set
Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: adjusting link_mtu to 1625
Wed Aug 14 23:24:53 2019 NOTE: --mute triggered...
Wed Aug 14 23:24:53 2019 1 variation(s) on previous 10 message(s) suppressed by --mute
Wed Aug 14 23:24:53 2019 Data Channel: using negotiated cipher 'AES-256-GCM'
Wed Aug 14 23:24:53 2019 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Wed Aug 14 23:24:53 2019 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Wed Aug 14 23:24:53 2019 TUN/TAP device tun0 opened
Wed Aug 14 23:24:53 2019 TUN/TAP TX queue length set to 100
Wed Aug 14 23:24:53 2019 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Wed Aug 14 23:24:53 2019 /sbin/ifconfig tun0 100.97.0.48 netmask 255.255.0.0 mtu 1500 broadcast 100.97.255.255
Wed Aug 14 23:24:53 2019 /dumaos/apps/usr/com.netdumasoftware.hybridvpn/openvpn-event.lua openvpnup 6 tun0 1500 1553 100.97.0.48 255.255.0.0 init
Wed Aug 14 23:24:58 2019 Initialization Sequence Completed
eer-id 70,cipher AES-256-GCM' Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: timers and/or timeouts modified Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: --ifconfig/up options modified Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: route options modified Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: route-related options modified Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: peer-id set Wed Aug 14 23:24:53 2019 OPTIONS IMPORT: adjusting link_mtu to 1625 Wed Aug 14 23:24:53 2019 NOTE: --mute triggered... Wed Aug 14 23:24:53 2019 1 variation(s) on previous 10 message(s) suppressed by --mute Wed Aug 14 23:24:53 2019 Data Channel: using negotiated cipher 'AES-256-GCM' Wed Aug 14 23:24:53 2019 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key Wed Aug 14 23:24:53 2019 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key Wed Aug 14 23:24:53 2019 TUN/TAP device tun0 opened Wed Aug 14 23:24:53 2019 TUN/TAP TX queue length set to 100 Wed Aug 14 23:24:53 2019 do_ifconfig, tt->did_ifconfig_ipv6_setup=0 Wed Aug 14 23:24:53 2019 /sbin/ifconfig tun0 100.97.0.48 netmask 255.255.0.0 mtu 1500 broadcast 100.97.255.255 Wed Aug 14 23:24:53 2019 /dumaos/apps/usr/com.netdumasoftware.hybridvpn/openvpn-event.lua openvpnup 6 tun0 1500 1553 100.97.0.48 255.255.0.0 init Wed Aug 14 23:24:58 2019 Initialization Sequence Completed

Capture.JPG

Share this post


Link to post
Share on other sites

Sure thing, and thanks

 

 

client
remote los.tigervpn.com 1194 udp
remote los.tigervpn.com 443 tcp-client

pull
auth-user-pass
auth-nocache 
comp-lzo adaptive
ca ca.crt
dev tun
tls-client
script-security 2
cipher AES-256-CBC
mute 10

route-delay 5
redirect-gateway def1
resolv-retry infinite
#dhcp-renew
#dhcp-release
persist-key
persist-tun
remote-cert-tls server
mssfix

Share this post


Link to post
Share on other sites

It doesn't seem to have a certificate which is kind of unusual. I might need to do some research on exactly how openVPN works, else i'll have to ask the devs about this.

Share this post


Link to post
Share on other sites

Oh right I see, well as long as the certificate is there in the original.

I'm trying to figure out if there's any differences between this config file and one I know that works.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...