search

NordSecurity / nordvpn-linux

NordVPN Linux client
GNU General Public License v3.0
295 stars 41 forks source link

Cannot use NordVPN while connected to eduroam #43

Open RENANZG opened 1 year ago

RENANZG commented 1 year ago

Cannot use NordVPN while connected to eduroam (university) even using obfuscated servers and OpenVPN technology.

It works fine at home or with phone acess point. I contacted support twice, but they couldn't resolve it. And I also don't have technical knowledge to solve.

Can I connect to the VPN by mobile phone even on the Eduroam network. (NordLYNX technology)

OS: Debian GNU/Linux 12 (bookworm)  
Kernel: 6.1.0-10-amd64 
user@debian:~$ nordvpn status
Status: Connected
Hostname: us8653.nordvpn.com
IP: 62.182.99.226
Country: United States
City: New York
Current technology: NORDLYNX
Current protocol: UDP
Transfer: 92 B received, 41.19 KiB sent
Uptime: 48 seconds

user@debian:~$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
9 packets transmitted, 0 received, 100% packet loss, time 8200ms

user@debian:~$ sudo cat /etc/resolv.conf
# Generated by NordVPN
nameserver 103.86.96.100
nameserver 103.86.99.100

Im using eduroam.config in /var/lib/connman/eduroam.config

Will I have to do all this?

Avoiding local internet restrictions on strongSwan

The Arch Wiki has several references: ConnMan Domain_name_resolution Systemd-resolved

keliramu commented 1 year ago

Hello, very strange situation you are facing. One of my colleagues had used NordVPN on eduroam without problems.

Some questions trying to find out what could be the problem:

BR,

RENANZG commented 1 year ago

1. Yes, same computer 2. user@debian:~ $ nordvpn -version NordVPN Version 3.16.5 3.

user@debian:~ $ nordvpn settings
Technology: NORDLYNX
Firewall: enabled
Firewall Mark: 0xe1f1
Routing: enabled
Analytics: enabled
Kill Switch: disabled
Threat Protection Lite: disabled
Notify: enabled
Auto-connect: disabled
IPv6: disabled
Meshnet: disabled
DNS: disabled
user@debian:~ $ nordvpn c
Connecting to Hong Kong #308 (hk308.nordvpn.com)
You are connected to Hong Kong #308 (hk308.nordvpn.com)!
user@debian:~ $ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
9 packets transmitted, 0 received, 100% packet loss, time 8174ms
user@debian:~ $ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: wlxb84d436bf0aa: <BROADCAST,MULTICAST,DYNAMIC,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether b8:4d:43:6b:f0:aa brd ff:ff:ff:ff:ff:ff
    inet 10.127.23.169/21 brd 10.127.23.255 scope global wlxb84d436bf0aa
       valid_lft forever preferred_lft forever
    inet6 fe80::ba4d:43ff:fe6b:f0aa/64 scope link 
       valid_lft forever preferred_lft forever
4: nordlynx: <POINTOPOINT,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none 
    inet 10.5.0.2/32 scope global nordlynx
       valid_lft forever preferred_lft forever
user@debian:~ $ ip route
default via 10.127.16.2 dev wlxb84d436bf0aa 
10.127.16.0/21 dev wlxb84d436bf0aa proto kernel scope link src 10.127.23.169 
10.127.16.2 dev wlxb84d436bf0aa scope link 
user@debian:~ $ sudo resolvconf --list
#resolv.conf from tun.nordlynx
nameserver 103.86.96.100
nameserver 103.86.99.100
user@debian:~ $ sudo cat /etc/resolv.conf
#Generated by NordVPN
nameserver 103.86.96.100
nameserver 103.86.99.100
user@debian:~ $ sudo ufw disable
Firewall stopped and disabled on system startup
user@debian:~ $ sudo ufw reload
Firewall not enabled (skipping reload)
user@debian:~ $ nordvpn c br
Connecting to Brazil #88 (br88.nordvpn.com)
You are connected to Brazil #88 (br88.nordvpn.com)!               
user@debian:~ $ ping 8.8.8.8                                       
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
12 packets transmitted, 0 received, 100% packet loss, time 11255ms
user@debian:~ $ sudo systemctl status nordvpn.service
○ nordvpn.service - LSB: Protect your privacy online and access m>
     Loaded: loaded (/etc/init.d/nordvpn; generated)
     Active: inactive (dead)
       Docs: man:systemd-sysv-generator(8)
user@debian:~ $ sudo systemctl status nordvpnd.service
● nordvpnd.service - NordVPN Daemon
     Loaded: loaded (/lib/systemd/system/nordvpnd.service; enable>
     Active: active (running) since Wed 2023-08-09 19:10:54 -03; >
TriggeredBy: ● nordvpnd.socket
   Main PID: 2017 (nordvpnd)
      Tasks: 21 (limit: 4113)
     Memory: 87.8M
        CPU: 2.806s
     CGroup: /system.slice/nordvpnd.service
             └─2017 /usr/sbin/nordvpnd

ago 09 19:35:09 debian nordvpnd[2017]: -P OUTPUT ACCEPT
ago 09 19:35:09 debian nordvpnd[2017]: -P POSTROUTING ACCEPT
ago 09 19:35:09 debian nordvpnd[2017]: raw:
ago 09 19:35:09 debian nordvpnd[2017]: -P PREROUTING ACCEPT
ago 09 19:35:09 debian nordvpnd[2017]: -P OUTPUT ACCEPT
ago 09 19:35:09 debian nordvpnd[2017]: security:
ago 09 19:35:09 debian nordvpnd[2017]: -P INPUT ACCEPT
ago 09 19:35:09 debian nordvpnd[2017]: -P FORWARD ACCEPT
ago 09 19:35:09 debian nordvpnd[2017]: -P OUTPUT ACCEPT
ago 09 19:38:10 debian nordvpnd[2017]: 2023/08/09 19:38:10 [Info]>
...skipping...
user@debian:~ $ sudo rfkill
ID TYPE      DEVICE         SOFT         HARD
 0 bluetooth hci0      bloqueado desbloqueado
 1 wlan      phy0   desbloqueado desbloqueado

Edit 1

I tried to do a test and try to connect to the tor network and it worked with bridges. (*Remembering: I can connect to the VPN by mobile phone even on the Eduroam network.) (**Is my MAC address blocked by the administrator?)

EmilijusS commented 1 year ago

Hello. Could you try out a manual OpenVPN connection on Linux? Here's a guide https://support.nordvpn.com/Connectivity/Linux/1047409422/Connect-to-NordVPN-using-Linux-Terminal.htm

If the manual connection works while connecting using the app doesn't, then we can proceed with trying to figure out if there's a bug in the app.