Closed loadcorp closed 5 years ago
Can you explain "not working"?
For example, when I am manually start vpn:
[user@vpn-usb-1 vpn]$ sudo openvpn --cd /rw/config/vpn --config openvpn-client.ovpn
Thu Oct 18 04:01:08 2018 Unrecognized option or missing or extra parameter(s) in openvpn-client.ovpn:17: block-outside-dns (2.4.6)
Thu Oct 18 04:01:08 2018 OpenVPN 2.4.6 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 26 2018
Thu Oct 18 04:01:08 2018 library versions: OpenSSL 1.1.0h-fips 27 Mar 2018, LZO 2.08
Thu Oct 18 04:01:08 2018 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Oct 18 04:01:08 2018 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Oct 18 04:01:08 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]'ip':443
Thu Oct 18 04:01:08 2018 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Oct 18 04:01:08 2018 UDP link local: (not bound)
Thu Oct 18 04:01:08 2018 UDP link remote: [AF_INET]'ip':443
Thu Oct 18 04:01:08 2018 TLS: Initial packet from [AF_INET]'ip':443, sid=1a2ba2c9 b232baa1
Thu Oct 18 04:01:09 2018 VERIFY OK: depth=1, CN=cn_6Ypsrf2ac3PIGGZY
Thu Oct 18 04:01:09 2018 VERIFY KU OK
Thu Oct 18 04:01:09 2018 Validating certificate extended key usage
Thu Oct 18 04:01:09 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Thu Oct 18 04:01:09 2018 VERIFY EKU OK
Thu Oct 18 04:01:09 2018 VERIFY X509NAME OK: CN=server_01fDDCu9chEMKkwt
Thu Oct 18 04:01:09 2018 VERIFY OK: depth=0, CN=server_01fDDCu9chEMKkwt
Thu Oct 18 04:01:09 2018 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES128-GCM-SHA256, 3072 bit RSA
Thu Oct 18 04:01:09 2018 [server_01fDDCu9chEMKkwt] Peer Connection Initiated with [AF_INET]'ip':443
Thu Oct 18 04:01:10 2018 SENT CONTROL [server_01fDDCu9chEMKkwt]: 'PUSH_REQUEST' (status=1)
Thu Oct 18 04:01:10 2018 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,redirect-gateway def1 bypass-dhcp,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.2 255.255.255.0'
Thu Oct 18 04:01:10 2018 OPTIONS IMPORT: timers and/or timeouts modified
Thu Oct 18 04:01:10 2018 OPTIONS IMPORT: --ifconfig/up options modified
Thu Oct 18 04:01:10 2018 OPTIONS IMPORT: route options modified
Thu Oct 18 04:01:10 2018 OPTIONS IMPORT: route-related options modified
Thu Oct 18 04:01:10 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Oct 18 04:01:10 2018 Outgoing Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Thu Oct 18 04:01:10 2018 Outgoing Data Channel: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Oct 18 04:01:10 2018 Incoming Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Thu Oct 18 04:01:10 2018 Incoming Data Channel: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Oct 18 04:01:10 2018 ROUTE_GATEWAY 10.137.0.26
Thu Oct 18 04:01:10 2018 TUN/TAP device tun1 opened
Thu Oct 18 04:01:10 2018 TUN/TAP TX queue length set to 100
Thu Oct 18 04:01:10 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Oct 18 04:01:10 2018 /sbin/ip link set dev tun1 up mtu 1500
Thu Oct 18 04:01:10 2018 /sbin/ip addr add dev tun1 10.8.0.2/24 broadcast 10.8.0.255
Thu Oct 18 04:01:10 2018 /sbin/ip route add 'ip' via 10.137.0.26
RTNETLINK answers: File exists
Thu Oct 18 04:01:10 2018 ERROR: Linux route add command failed: external program exited with error status: 2
Thu Oct 18 04:01:10 2018 /sbin/ip route add 0.0.0.0/1 via 10.8.0.1
RTNETLINK answers: File exists
Thu Oct 18 04:01:10 2018 ERROR: Linux route add command failed: external program exited with error status: 2
Thu Oct 18 04:01:10 2018 /sbin/ip route add 128.0.0.0/1 via 10.8.0.1
RTNETLINK answers: File exists
Thu Oct 18 04:01:10 2018 ERROR: Linux route add command failed: external program exited with error status: 2
Thu Oct 18 04:01:10 2018 Initialization Sequence Completed
When I am manually start and try to use browser, page is not loading.
The routes can't be added on your client: RTNETLINK answers: File exists
First client was been Fedora 26 which I already put up here.
Now I do the same manual start on Fedora 27-28 and have the same problem (without connection), i even have not ping to any ip.
[user@vpn27 vpn]$ sudo openvpn --cd /rw/config/vpn --config openvpn-client.ovpn
Thu Oct 18 07:35:14 2018 Unrecognized option or missing or extra parameter(s) in openvpn-client.ovpn:17: block-outside-dns (2.4.6)
Thu Oct 18 07:35:14 2018 OpenVPN 2.4.6 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 26 2018
Thu Oct 18 07:35:14 2018 library versions: OpenSSL 1.1.0i-fips 14 Aug 2018, LZO 2.08
Thu Oct 18 07:35:14 2018 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Oct 18 07:35:14 2018 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Oct 18 07:35:14 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]'ip':443
Thu Oct 18 07:35:14 2018 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Oct 18 07:35:14 2018 UDP link local: (not bound)
Thu Oct 18 07:35:14 2018 UDP link remote: [AF_INET]'ip':443
Thu Oct 18 07:35:14 2018 TLS: Initial packet from [AF_INET]'ip':443, sid=b48fcbb2 abb7afce
Thu Oct 18 07:35:15 2018 VERIFY OK: depth=1, CN=cn_6Ypsrf2ac3PIGGZY
Thu Oct 18 07:35:15 2018 VERIFY KU OK
Thu Oct 18 07:35:15 2018 Validating certificate extended key usage
Thu Oct 18 07:35:15 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Thu Oct 18 07:35:15 2018 VERIFY EKU OK
Thu Oct 18 07:35:15 2018 VERIFY X509NAME OK: CN=server_01fDDCu9chEMKkwt
Thu Oct 18 07:35:15 2018 VERIFY OK: depth=0, CN=server_01fDDCu9chEMKkwt
Thu Oct 18 07:35:15 2018 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES128-GCM-SHA256, 3072 bit RSA
Thu Oct 18 07:35:15 2018 [server_01fDDCu9chEMKkwt] Peer Connection Initiated with [AF_INET]'ip':443
Thu Oct 18 07:35:16 2018 SENT CONTROL [server_01fDDCu9chEMKkwt]: 'PUSH_REQUEST' (status=1)
Thu Oct 18 07:35:16 2018 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,redirect-gateway def1 bypass-dhcp,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.2 255.255.255.0'
Thu Oct 18 07:35:16 2018 OPTIONS IMPORT: timers and/or timeouts modified
Thu Oct 18 07:35:16 2018 OPTIONS IMPORT: --ifconfig/up options modified
Thu Oct 18 07:35:16 2018 OPTIONS IMPORT: route options modified
Thu Oct 18 07:35:16 2018 OPTIONS IMPORT: route-related options modified
Thu Oct 18 07:35:16 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Oct 18 07:35:16 2018 Outgoing Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Thu Oct 18 07:35:16 2018 Outgoing Data Channel: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Oct 18 07:35:16 2018 Incoming Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Thu Oct 18 07:35:16 2018 Incoming Data Channel: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Oct 18 07:35:16 2018 ROUTE_GATEWAY 10.137.0.26
Thu Oct 18 07:35:16 2018 TUN/TAP device tun0 opened
Thu Oct 18 07:35:16 2018 TUN/TAP TX queue length set to 100
Thu Oct 18 07:35:16 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Oct 18 07:35:16 2018 /sbin/ip link set dev tun0 up mtu 1500
Thu Oct 18 07:35:16 2018 /sbin/ip addr add dev tun0 10.8.0.2/24 broadcast 10.8.0.255
Thu Oct 18 07:35:16 2018 /sbin/ip route add 'ip' via 10.137.0.26
Thu Oct 18 07:35:16 2018 /sbin/ip route add 0.0.0.0/1 via 10.8.0.1
Thu Oct 18 07:35:16 2018 /sbin/ip route add 128.0.0.0/1 via 10.8.0.1
Thu Oct 18 07:35:16 2018 Initialization Sequence Completed
Also I tried to install the Latest script version on Debian 9 and got this result:
[user@vpn-usb-1]$ sudo openvpn --cd /rw/config/vpn --config openvpn-client.ovpn
Thu Oct 18 10:55:42 2018 Unrecognized option or missing or extra parameter(s) in openvpn-client.ovpn:17: block-outside-dns (2.4.6)
Thu Oct 18 10:55:42 2018 OpenVPN 2.4.6 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 26 2018
Thu Oct 18 10:55:42 2018 library versions: OpenSSL 1.1.0h-fips 27 Mar 2018, LZO 2.08
Thu Oct 18 10:55:42 2018 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Thu Oct 18 10:55:42 2018 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Oct 18 10:55:42 2018 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Thu Oct 18 10:55:42 2018 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Oct 18 10:55:42 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]'ip':443
Thu Oct 18 10:55:42 2018 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Oct 18 10:55:42 2018 UDP link local: (not bound)
Thu Oct 18 10:55:42 2018 UDP link remote: [AF_INET]'ip':443
Thu Oct 18 10:56:42 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Oct 18 10:56:42 2018 TLS Error: TLS handshake failed
Thu Oct 18 10:56:42 2018 SIGUSR1[soft,tls-error] received, process restarting
Thu Oct 18 10:56:42 2018 Restart pause, 5 second(s)
Thu Oct 18 10:56:47 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]'ip':443
Thu Oct 18 10:56:47 2018 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Oct 18 10:56:47 2018 UDP link local: (not bound)
Thu Oct 18 10:56:47 2018 UDP link remote: [AF_INET]'ip':443
Thu Oct 18 10:57:47 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Oct 18 10:57:47 2018 TLS Error: TLS handshake failed
Thu Oct 18 10:57:47 2018 SIGUSR1[soft,tls-error] received, process restarting
Thu Oct 18 10:57:47 2018 Restart pause, 5 second(s)
Thu Oct 18 10:57:52 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]'ip':443
Thu Oct 18 10:57:52 2018 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Oct 18 10:57:52 2018 UDP link local: (not bound)
Thu Oct 18 10:57:52 2018 UDP link remote: [AF_INET]'ip':443
Is there anything interesting in the server log? journalctl -f -u openvpn@server
Put this command on the server:
root@name:~# journalctl -f -u openvpn@server
-- Logs begin at Thu 2018-10-18 10:48:48 EDT. --
Oct 18 10:50:57 name systemd[1]: openvpn@server.service: Failed to set invocation ID on control group /system.slice/system-openvpn.slice/openvpn@server.service, ignoring: Operation not permitted
Oct 18 10:50:57 name systemd[1]: Starting OpenVPN connection to server...
Oct 18 10:50:57 name ovpn-server[925]: OpenVPN 2.4.0 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 18 2017
Oct 18 10:50:57 name ovpn-server[925]: library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.08
Oct 18 10:50:57 name ovpn-server[925]: daemon() failed or unsupported: Resource temporarily unavailable (errno=11)
Oct 18 10:50:57 name ovpn-server[925]: Exiting due to fatal error
Oct 18 10:50:57 name systemd[1]: openvpn@server.service: Control process exited, code=exited status=1
Oct 18 10:50:57 name systemd[1]: Failed to start OpenVPN connection to server.
Oct 18 10:50:57 name systemd[1]: openvpn@server.service: Unit entered failed state.
Oct 18 10:50:57 name systemd[1]: openvpn@server.service: Failed with result 'exit-code'.
I tried also last version script on last version of Ubuntu:
[user@vpn-usb-1]$ sudo mv openvpn-client.ovpn /rw/config/vpn
[user@vpn-usb-1]$ ls
[user@vpn-usb-1]$ sudo nano /rw/config/vpn/openvpn-client.ovpn
[user@vpn-usb-1]$ sudo openvpn --cd /rw/config/vpn --config openvpn-client.ovpn
Fri Oct 19 12:09:18 2018 Unrecognized option or missing or extra parameter(s) in openvpn-client.ovpn:17: block-outside-dns (2.4.6)
Fri Oct 19 12:09:18 2018 OpenVPN 2.4.6 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 26 2018
Fri Oct 19 12:09:18 2018 library versions: OpenSSL 1.1.0h-fips 27 Mar 2018, LZO 2.08
Fri Oct 19 12:09:18 2018 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Fri Oct 19 12:09:18 2018 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Fri Oct 19 12:09:18 2018 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Fri Oct 19 12:09:18 2018 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Fri Oct 19 12:09:18 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]'ip':443
Fri Oct 19 12:09:18 2018 Socket Buffers: R=[212992->212992] S=[212992->212992]
Fri Oct 19 12:09:18 2018 UDP link local: (not bound)
Fri Oct 19 12:09:18 2018 UDP link remote: [AF_INET]'ip':443
Fri Oct 19 12:09:19 2018 TLS: Initial packet from [AF_INET]'ip':443, sid=d0f5ebbf 1d357275
Fri Oct 19 12:09:21 2018 VERIFY OK: depth=1, CN=cn_9JXvJ2GIY5oGOzlV
Fri Oct 19 12:09:21 2018 VERIFY KU OK
Fri Oct 19 12:09:21 2018 Validating certificate extended key usage
Fri Oct 19 12:09:21 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Fri Oct 19 12:09:21 2018 VERIFY EKU OK
Fri Oct 19 12:09:21 2018 VERIFY X509NAME OK: CN=server_v9l4eS1VAeZuu0yX
Fri Oct 19 12:09:21 2018 VERIFY OK: depth=0, CN=server_v9l4eS1VAeZuu0yX
Fri Oct 19 12:09:23 2018 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit EC, curve: prime256v1
Fri Oct 19 12:09:23 2018 [server_v9l4eS1VAeZuu0yX] Peer Connection Initiated with [AF_INET]'ip':443
Fri Oct 19 12:09:24 2018 SENT CONTROL [server_v9l4eS1VAeZuu0yX]: 'PUSH_REQUEST' (status=1)
Fri Oct 19 12:09:25 2018 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,redirect-gateway def1 bypass-dhcp,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.2 255.255.255.0,peer-id 0,cipher AES-128-GCM'
Fri Oct 19 12:09:25 2018 OPTIONS IMPORT: timers and/or timeouts modified
Fri Oct 19 12:09:25 2018 OPTIONS IMPORT: --ifconfig/up options modified
Fri Oct 19 12:09:25 2018 OPTIONS IMPORT: route options modified
Fri Oct 19 12:09:25 2018 OPTIONS IMPORT: route-related options modified
Fri Oct 19 12:09:25 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Oct 19 12:09:25 2018 OPTIONS IMPORT: peer-id set
Fri Oct 19 12:09:25 2018 OPTIONS IMPORT: adjusting link_mtu to 1624
Fri Oct 19 12:09:25 2018 OPTIONS IMPORT: data channel crypto options modified
Fri Oct 19 12:09:25 2018 Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Fri Oct 19 12:09:25 2018 Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Fri Oct 19 12:09:25 2018 ROUTE_GATEWAY 10.137.0.26
Fri Oct 19 12:09:25 2018 TUN/TAP device tun0 opened
Fri Oct 19 12:09:25 2018 TUN/TAP TX queue length set to 100
Fri Oct 19 12:09:25 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Oct 19 12:09:25 2018 /sbin/ip link set dev tun0 up mtu 1500
Fri Oct 19 12:09:25 2018 /sbin/ip addr add dev tun0 10.8.0.2/24 broadcast 10.8.0.255
Fri Oct 19 12:09:25 2018 /sbin/ip route add 'ip' via 10.137.0.26
Fri Oct 19 12:09:25 2018 /sbin/ip route add 0.0.0.0/1 via 10.8.0.1
Fri Oct 19 12:09:25 2018 /sbin/ip route add 128.0.0.0/1 via 10.8.0.1
Fri Oct 19 12:09:25 2018 Initialization Sequence Completed
But still can't open any pages on the client side, at this time browser loading very long and page al the time on the loading process.
I tried to ping through vpn on the client side to understand what is the problem and git this:
[user@vpn-usb-1 ~]$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=116 time=240 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=116 time=278 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=116 time=277 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=116 time=275 ms
But at the same time I tried to ping without vpn just on the server side and got much more better results:
root@name:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=116 time=34.5 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=116 time=34.6 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=116 time=34.4 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=116 time=34.4 ms
P.S. I must to say, that this version of script - https://github.com/angristan/openvpn-install/commit/67feb344460e7f8e54d9005f1bfe280346fcac59 working very well and very fast but unfortunately this is the old version.
OK, so the issue is not that you can't connect but that it is slow.
67feb34 has nothing to do with that (it is just a bash rewrite, it does the exact same thing).
Well we can't really do anything about speed issues. It may be a peering issue or latency issue between the client and the server...
I suppose that with last version of your script problem with slow connection (with this slow connection pages not opening in browser even in 5 minutes).
I tested many versions of your script with your different commits. But on the same client and server your old script (https://github.com/angristan/openvpn-install/commit/67feb344460e7f8e54d9005f1bfe280346fcac59) is working very fast. That's why I think this is not the problem with peering or with latency like you said. For example with this version ping is always about 60-70 ms. It is much less then 240-270 ms.
Did you actually try 67feb34 recently?
Yes, I can try it again now. And I can give you access on the server to your email address if you want to check or I can give you config file .ovpn with this version.
OK, lets do that. You can get my email address from the commits
Sent to your email with my notes.
Thanks
I was able to test both versions of the script on your server. I did speedtest from France. I noticed the same ping latency on both versions, and speeds ranging from 1 Mb/s to 30 Mb/s on both download and upload and both version of the script. To me, your connection is just unstable.
For example: I tested with 67feb34, got 30 Mb/s of download, then tested with master and got 25 Mb/s, then 67feb34 with 1 Mb/s, then master with 2 Mb/s... This is not a script issue.
Ok. I see that you used default 1194 port and turned on Compression LZ4. I tried this config and actually this is much more better speed then mine. Also i tried this 1194 port without LZ4 (because of voracle attack vulnerability) and speed was been ok too.
But when I tried to use 443 port (I am using this to hide from websites that I am using VPN), then speed going to very slow, I tried many times and I think this is the real problem, when I choose not default port. I see in browser how long is going "Performing a TLS handshake to..." any site which I am trying to open. After this I got "The connection has timed out".
But when I tried to use 443 port (I am using this to hide from websites that I am using VPN)
Using port 443 won't hide anything from websites, FYI
Starting from "Rework iptables handling (#291) - https://github.com/angristan/openvpn-install/commit/594486c1772f84c3a4461000dcf6583d32eac68f" changes script not working.
But one update before "Merge branch 'sysctl'" - https://github.com/angristan/openvpn-install/commit/67feb344460e7f8e54d9005f1bfe280346fcac59 working well.
Both updates was been on Sep 16.
In process of configuration I am not use Ipv6.
My system configuration: Ubuntu 16.04 1 CPU Memory 1024 MB 40 GB SSD Also I am using Qubes and my VPN installation I am doing like here: https://www.qubes-os.org/doc/vpn/