Open baptx opened 4 years ago
Enrico204
commented
4 years ago [I copy here my answer in S.O.] It might be an issue of MTU. Try to lower the MTU in your OpenVPN client configuration (see OpenVPN config for the correct syntax). Usually I use 1400, but you need to try to see the higher value that works for you. Nested VPNs needs smaller values
baptx
commented
4 years ago @Enrico204 thanks, adding mssfix 1400 to the nested OpenVPN client config file fixed the issue!
Update: with another VPN, this solution does not work anymore. I added a new comment with more details on my superuser.com issue in case someone has an idea. A workaround is to connect to one of the VPNs on the TCP port 443 instead of UDP port 1194.
leopra
commented
2 years ago Hi, 2 years have passed but I've encountered the same problem for the same reason. Https calls are not working when I connect through 2 VPNs. I was wondering if "DNS_PROBE_FINISHED_NXDOMAIN" is the same error you got. Changing the MTU to 1400 did not work.
Enrico204
commented
2 years ago DNS_PROBE_FINISHED_NXDOMAIN is a problem with DNS, it has nothing to do with the issue above. You should check the DNS settings
After the script says "Chain is connected", I noticed that when I do a cURL request to a website not using HTTPS it works but it fails when the website is using HTTPS (the cURL request keeps loading indefinitely without displaying anything). This problem does not happen when I don't chain VPNs and test only with either the first or second VPN (which means it is not the website blocking the VPN IP address). The chain was tested with 2 VPNs only.
I can also reproduce this HTTPS problem without the script if I start the first VPN on my real Linux computer and the second VPN in an LXC container or a Linux virtual machine using VirtualBox.
Do you have an idea where the problem comes from? I reported a similar issue here: https://superuser.com/questions/1521812/use-a-proxy-or-another-vpn-before-connecting-to-a-vpn