Two flavors of ipv6 error

[acwhite3]

I've been using protonvpn on Linux Ubuntu 16.04 LTS successfully for sometime now including yesterday. After reboot today I am receiving the following two flavors of ipv6 error messages and am unable to connect:

[!] Error connecting to VPN. [!] There are issues in managing ipv6 in the system. Please test the system for the root cause. Not able to manage ipv6 by protonvpn-cli might cause issues in leaking the system’s ipv6 address.

And

Failed to query password: Timer expired Connecting... [!] Error connecting to VPN. [!] This is an error in enabling ipv6 on the machine. Please enable it manually.

Updated sysctl to reenable ipv6 but that doesn't solve the problem just returns a generic can't connect message.

[djnotes]

Sorry for delay:

# Generated by NetworkManager
search cisco.com
nameserver 1.0.0.1
nameserver 1.1.1.1
nameserver 192.168.1.1
# NOTE: the libc resolver may not support more than 3 nameservers.
# The nameservers listed below may not be recognized.
nameserver 8.8.8.8
nameserver 8.8.8.44
nameserver 9.9.9.9
nameserver 149.112.112.112
nameserver 64.6.64.6
nameserver 64.6.65.6

[xilopaint]

First, you don't need so many dns servers. You're fine with Cloudflare only (1.1.1.1 and 1.0.0.1), although 1.1.1.1 is primary and your order is inverted.

Second, 8.8.8.44 is wrong. The correct is 8.8.4.4.

Third, I would try to stop NetworkManager, which is doing your DNS management, and try to connect with protonvpn-cli again. If it doesn't work you can restart NetworkManager.

The way you stop NetworkManager varies according to your system. Check man NetworkManager for information. In some cases systemctl is used to stop it.

[djnotes]

I also have network service in addition to NetworkManager. Not sure which one is better. But, when I stop NetworkManager my wifi icon disappars, but I can still browse websites.

[djnotes]

Also, removed extra DNSs from the NetworkManager interface, leaving only three of those you mentioned. By the way, the network interface configuration located as /etc/sysconfig/network-scripts/ifcfg-my_accesspoint reads as follows:

HWADDR=XX:XX:XX:XX:XX:XX
ESSID=my_accesspoint
MODE=Managed
KEY_MGMT=WPA-PSK
MAC_ADDRESS_RANDOMIZATION=default
TYPE=Wireless
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=my_accesspoint
UUID=2657f553-4239-45f8-abf8-b2e50f779863
ONBOOT=yes
DNS1=1.1.1.1
DNS2=1.0.0.1
DNS3=8.8.8.8

[djnotes]

Connection log for openvpn jp-free-01.ovpn after stopping NM:

Fri Jun 14 09:19:09 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Jun 14 09:19:09 2019 TLS Error: TLS handshake failed
Fri Jun 14 09:19:09 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jun 14 09:19:09 2019 Restart pause, 5 second(s)
Fri Jun 14 09:19:14 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]10.10.34.35:1194
Fri Jun 14 09:19:14 2019 Socket Buffers: R=[212992->212992] S=[212992->212992]
Fri Jun 14 09:19:14 2019 UDP link local: (not bound)
Fri Jun 14 09:19:14 2019 UDP link remote: [AF_INET]10.10.34.35:1194
Fri Jun 14 09:20:14 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Jun 14 09:20:14 2019 TLS Error: TLS handshake failed
Fri Jun 14 09:20:14 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jun 14 09:20:14 2019 Restart pause, 5 second(s)
Fri Jun 14 09:20:34 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]10.10.34.35:5060
Fri Jun 14 09:20:34 2019 Socket Buffers: R=[212992->212992] S=[212992->212992]
Fri Jun 14 09:20:34 2019 UDP link local: (not bound)
Fri Jun 14 09:20:34 2019 UDP link remote: [AF_INET]10.10.34.35:5060
Fri Jun 14 09:21:34 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Jun 14 09:21:34 2019 TLS Error: TLS handshake failed
Fri Jun 14 09:21:34 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jun 14 09:21:34 2019 Restart pause, 5 second(s)
Fri Jun 14 09:21:39 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]10.10.34.35:5060
Fri Jun 14 09:21:39 2019 Socket Buffers: R=[212992->212992] S=[212992->212992]
Fri Jun 14 09:21:39 2019 UDP link local: (not bound)
Fri Jun 14 09:21:39 2019 UDP link remote: [AF_INET]10.10.34.35:5060

Side note: I don't remember using the network service recently. It seems it is not supported anymore in favor of NetworkManager on Fedora.

[xilopaint]

Also, removed extra DNSs from the NetworkManager interface, leaving only three of those you mentioned. By the way, the network interface configuration located as /etc/sysconfig/network-scripts/ifcfg-my_accesspoint reads as follows:

HWADDR=XX:XX:XX:XX:XX:XX
ESSID=my_accesspoint
MODE=Managed
KEY_MGMT=WPA-PSK
MAC_ADDRESS_RANDOMIZATION=default
TYPE=Wireless
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=my_accesspoint
UUID=2657f553-4239-45f8-abf8-b2e50f779863
ONBOOT=yes
DNS1=1.1.1.1
DNS2=1.0.0.1
DNS3=8.8.8.8

You don't need 8.8.8.8 if you're using Cloudflare DNS.

[xilopaint]

Please, try sudo pvpn -cc US tcp.

[djnotes]

I don't know about Cloudflare DNS but the result of pvpn -cc US tcp . is as follows:

#pvpn -cc US tcp .
Fetching ProtonVPN servers...
Connecting...
[!] Error connecting to VPN.
[!] This is an error in enabling IPv6 on the machine. Please enable it manually.

[xilopaint]

I don't know about Cloudflare DNS but the result of pvpn -cc US tcp .

Sorry for the delayed response. Cloudflare DNS servers are 1.1.1.1 and 1.0.0.1. I meant you don't need 8.8.8.8 (Google DNS) since you already had Cloudflare DNS servers set.

Also, that command doesn't have the dot, so the correct command is pvpn -cc US tcp. That shouldn't be a problem anyway, I tried the command with the dot in my machine with no issues.

So I don't have any idea at the moment. Your issue should be related with your setup, not with protonvpn-cli since you can't connect to openvpn directly with the config files.

In any case, let us know if you get any progress with this issue.

[djnotes]

Thank you @xilopaint, I'll keep you updated if I reach any success.

[dskloet]

I'm trying to connect to ProtonVPN using sudo protonvpn-cli -c from Ubuntu 18.04 and I also got

[!] Error connecting to VPN.
[!] There are issues in managing ipv6 in the system. Please test the system for the root cause.
Not able to manage ipv6 by protonvpn-cli might cause issues in leaking the system’s ipv6 address.

but after deleting my ~/.protonvpn-cli and running init again, now I only get

Connecting...
[!] Error connecting to VPN.

I'm currently on the free plan.

[djnotes]

@xilopaint, I found out that ipv6 was not enabled on my system, so I changed the 00-network.conf values as follows:

net.ipv6.conf.all.disable_ipv6 = 0 
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.lo.disable_ipv6 = 0
net.ipv6.conf.tun0.disable_ipv6 = 0

Enabled and restarted network manager. But, still getting the following error when trying to connect to Protonvpn (free plan):

Connecting... [!] Error connecting to VPN. [!] There are issues in managing IPv6 in the system. Please test the system for the root cause. Not being able to manage IPv6 by protonvpn-cli might cause issues in leaking the system's IPv6 address.

[MinersWin]

Same Problem, i tried to Disable IPv6 - didnt work Reanabled - didnt work reinstall openvpn and protonvpn - didnt work ..... - didnt work

[jacquesmats]

Same here, free plan, Ubuntu 18.04 LTS

[ash0x0]

@mazen160 @xilopaint I've tried everything here and nothing seems to fix it for me. As far as I can tell this may be a server-side issue, not that it makes any sense, because sometimes I get the error and somehow the next morning with no changes to my system it works fine.

Connecting...
[!] Error connecting to VPN.
[!] There are issues in managing IPv6 in the system. Please test the system for the root cause.
Not being able to manage IPv6 by protonvpn-cli may leak the system's IPv6 address.

I've tried reinstalling with removing conf, tried DNS related issues, tried openresolv and resolvconf, disabling ipv6 with ipv4 forwarding, without, tried pretty much every solution in this thread and nothing worked. I'm working with the latest update available today on free plan. @mazen160 could you reference the commit where you believe this issue was fixed?

EDIT: Right, so I realized that I have 5 days left on free trial so I decided to try to one of the paid servers, they all work. Core servers, tor servers and all paid work. Apparently this issue happens only with the free servers. It isn't about allocation, the servers are usually at ~80% when I try to connect, sometimes under, unless this percentage isn't true; some delay updating, under-reporting for whatever reason which is perfectly normal, etc. Or maybe an issue with the way that you connect to them but I assume you connect the same way to all servers, haven't read the code enough to know that for a fact though. We know you guys are under no obligation to provide support or that you should even offer such a costly service for free and we appreciate you continuing to do so, and if we could figure out just what the issue is it'd be more appreciated, even if it turns out this is just allocation limit for the servers.

[djnotes]

@ash0x0 Thanks for the insight, so having read your comment, I think that the failure connecting to servers might be because I try to connect to a free server no matter which as all seem to fail. I love ProtonVPN and I hope that they find a fix for this issue soon.

[limsammy]

Having same issue, Ubuntu 18.04.3 LTS x64

[schtr4jh]

Stupid question, but, did you try using OpenVPN / IKEv2 username credentials from ProtonVPN account? Works for me. :)

[ash0x0]

Yeah, that's the only way to connect. You need those exact credentials. If you try wrong ones you actually get an entirely different result so they're separate issues. I don't think this is gonna get fixed and it seems to be an issue with free servers only, at least for me. If anyone can, please try to reproduce error and use suggested solution so we can make sure.