search

adrienverge / openfortivpn

Client for PPP+TLS VPN tunnel services
GNU General Public License v3.0
2.74k stars 321 forks source link

VPN allows access to hidden services but doesn't change IP #1248

Closed UltraBlackLinux closed 1 month ago

UltraBlackLinux commented 1 month ago

Hey there, I'm running into a weird issue with this tool. On two separate machines I can log into the VPN no problem and it seems to be routing some traffic. One of the services I use is hidden behind the vpn. I can access that service no problem, but when I make a web request of some kind, my IP is still the one that I used to log into the vpn.

I'm running arch linux on both machines and no, I didn't mess with /etc/ppp and nor am I running any kind of specialized or complex scenario. Only one of the two machines has ever seen wireguard and both of them are using systemd-resolved I'm confused. Any idea what's happening? Thanks!

Edit: logs: 

$ sudo openfortvpn <host:port> --username <username> --password <password> --set-routes 1 --set-dns 1 --use-resolvconf 1
INFO:   Connected to gateway.
INFO:   Authenticated.
INFO:   Remote gateway has allocated a VPN.
Using interface ppp0
Connect: ppp0 <--> /dev/pts/3
INFO:   Got addresses: [10.40.20.5], ns [<IP1>, <IP2>]
INFO:   Negotiation complete.
Cannot determine ethernet address for proxy ARP
local  IP address <IP3>
remote IP address <IP4>
INFO:   Interface ppp0 is UP.
INFO:   Setting new routes...
INFO:   Route to gateway exists already.
INFO:   Route to gateway exists already.
INFO:   Route to gateway exists already.
INFO:   Route to gateway exists already.
INFO:   Adding VPN nameservers...
Dropped protocol specifier '.openfortivpn' from 'ppp0.openfortivpn'. Using 'ppp0' (ifindex=11).
INFO:   Tunnel is up and running.

The readme sais that this tool would modify /etc/resolv.conf, but that doesn't appear to be happening. Nothing changes there, and not even inotifywait -m /etc/resolv.conf detects any writes. It just sees the file being opened, but not being written to:

/etc/resolv.conf OPEN
/etc/resolv.conf ACCESS
/etc/resolv.conf CLOSE_NOWRITE,CLOSE

But honestly no idea if dns has anything to do with the traffic being tunneled. I'm really experienced in those kinda topics

UltraBlackLinux commented 1 month ago

hmm it seems like I might be misunderstanding how this is supposed to work. probably intentional...