VPN not working

[ltoshea]

I cannot get the VPN to work as advertised. Below are my configuration files, logs and output from tcpdump as you have asked for in https://github.com/clowwindy/ShadowVPN/wiki/FAQ

Could you please help to find out the problem.

cat /etc/shadowvpn/server.conf `server=103.41.132.13 port=1123 password=password mode=server concurrency=1 mtu=1440 intf=tun0 up=/etc/shadowvpn/server_up.sh down=/etc/shadowvpn/server_down.sh pidfile=/var/run/shadowvpn.pid logfile=/var/log/shadowvpn.log

cat /etc/shadowvpn/client.conf server=103.41.132.13 port=1123 password=password mode=client concurrency=1 mtu=1440 intf=tun0 up=/etc/shadowvpn/client_up.sh down=/etc/shadowvpn/client_down.sh pidfile=/var/run/shadowvpn.pid logfile=/var/log/shadowvpn.log

On server I run: shadowvpn -v -c /etc/shadowvpn/server.conf -s start On client I run : shadowvpn -v -c /etc/shadowvpn/client.conf -s start

server ifconfig: eth0 Link encap:Ethernet HWaddr 00:1a:4a:97:5d:fc
inet addr:172.16.3.253 Bcast:172.16.31.255 Mask:255.255.224.0 inet6 addr: fe80::21a:4aff:fe97:5dfc/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3221 errors:0 dropped:0 overruns:0 frame:0 TX packets:7 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:163121 (163.1 KB) TX bytes:578 (578.0 B)

eth1 Link encap:Ethernet HWaddr 00:1a:4a:fa:f1:0b
inet addr:103.41.132.13 Bcast:103.41.132.255 Mask:255.255.255.0 inet6 addr: fe80::21a:4aff:fefa:f10b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:87959 errors:0 dropped:4616 overruns:0 frame:0 TX packets:38890 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:11626644 (11.6 MB) TX bytes:10139066 (10.1 MB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:9324 errors:0 dropped:0 overruns:0 frame:0 TX packets:9324 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1503182 (1.5 MB) TX bytes:1503182 (1.5 MB)

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.7.0.1 P-t-P:10.7.0.1 Mask:255.255.255.0 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1440 Metric:1 RX packets:2326 errors:0 dropped:0 overruns:0 frame:0 TX packets:1748 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:243479 (243.4 KB) TX bytes:427818 (427.8 KB)

CLIENT ifconfig: eth0 Link encap:Ethernet HWaddr 04:7d:7b:18:74:1f
UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:17320 errors:0 dropped:0 overruns:0 frame:0 TX packets:17320 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:5652283 (5.6 MB) TX bytes:5652283 (5.6 MB)

virbr0 Link encap:Ethernet HWaddr 7a:f9:97:63:79:12
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

vmnet1 Link encap:Ethernet HWaddr 00:50:56:c0:00:01
inet addr:192.168.21.1 Bcast:192.168.21.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fec0:1/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:231 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

vmnet8 Link encap:Ethernet HWaddr 00:50:56:c0:00:08
inet addr:172.16.54.1 Bcast:172.16.54.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fec0:8/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:230 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

wlan2 Link encap:Ethernet HWaddr 00:15:00:c6:95:ee
inet addr:192.168.1.122 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::215:ff:fec6:95ee/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:50372 errors:0 dropped:0 overruns:0 frame:0 TX packets:38359 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:53543084 (53.5 MB) TX bytes:6433915 (6.4 MB)

---

SERVER tail -f /var/log/shadowvpn.log Tue Jun 9 13:33:10 2015 shutting down by user Tue Jun 9 13:33:10 2015 executing /etc/shadowvpn/server_down.sh /etc/shadowvpn/server_down.sh done net.ipv4.ip_forward = 1 /etc/shadowvpn/server_up.sh done /etc/shadowvpn/server_down.sh done Tue Jun 9 14:19:58 2015 executing /etc/shadowvpn/server_up.sh net.ipv4.ip_forward = 1 /etc/shadowvpn/server_up.sh done Tue Jun 9 14:19:58 2015 VPN started

_CLIENT tail -f /var/log/shadowvpn.log _ default route changed to wlan2 /etc/shadowvpn/client_down.sh done Tue Jun 9 14:21:32 2015 executing /etc/shadowvpn/client_up.sh net.ipv4.ip_forward = 1 reading old gateway from route table saving old gateway to /tmp/old_gw_intf changing default route default route changed to 10.7.0.1 /etc/shadowvpn/client_up.sh done

Tue Jun 9 14:21:32 2015 VPN started

CLIENT 8PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=46 time=67.7 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=46 time=68.2 ms 64 bytes from 8.8.8.8: icmp_seq=3 ttl=46 time=68.3 ms 64 bytes from 8.8.8.8: icmp_seq=4 ttl=46 time=66.9 ms 64 bytes from 8.8.8.8: icmp_seq=5 ttl=46 time=67.3 ms 64 bytes from 8.8.8.8: icmp_seq=6 ttl=46 time=66.5 ms 64 bytes from 8.8.8.8: icmp_seq=7 ttl=46 time=66.9 ms 64 bytes from 8.8.8.8: icmp_seq=8 ttl=46 time=66.3 ms 64 bytes from 8.8.8.8: icmp_seq=10 ttl=46 time=69.1 ms 64 bytes from 8.8.8.8: icmp_seq=11 ttl=46 time=66.9 ms 64 bytes from 8.8.8.8: icmp_seq=12 ttl=46 time=71.6 ms

SERVER tcpdump -v -i tun0 14:23:34.613082 IP (tos 0x0, ttl 64, id 65376, offset 0, flags [DF], proto ICMP (1), length 84) 10.7.0.2 > google-public-dns-a.google.com: ICMP echo request, id 6096, seq 44, length 64 14:23:34.645761 IP (tos 0x0, ttl 46, id 0, offset 0, flags [none], proto ICMP (1), length 84) google-public-dns-a.google.com > 10.7.0.2: ICMP echo reply, id 6096, seq 44, length 64 14:23:35.604723 IP (tos 0x0, ttl 64, id 65406, offset 0, flags [DF], proto ICMP (1), length 84) 10.7.0.2 > google-public-dns-a.google.com: ICMP echo request, id 6096, seq 45, length 64 14:23:35.636931 IP (tos 0x0, ttl 46, id 0, offset 0, flags [none], proto ICMP (1), length 84) google-public-dns-a.google.com > 10.7.0.2: ICMP echo reply, id 6096, seq 45, length 64 14:23:35.775007 IP (tos 0x0, ttl 64, id 46774, offset 0, flags [DF], proto UDP (17), length 69) 10.7.0.2.4797 > cache-b.shenzhen.gd.cn.domain: 20832+ A? safebrowsing.google.com. (41) 14:23:35.777303 IP (tos 0x0, ttl 64, id 32597, offset 0, flags [DF], proto UDP (17), length 69) 10.7.0.2.4797 > cache-a.guangzhou.gd.cn.domain: 20832+ A? safebrowsing.google.com. (41) 14:23:36.475847 IP (tos 0x0, ttl 64, id 46942, offset 0, flags [DF], proto UDP (17), length 82) 10.7.0.2.17405 > cache-b.shenzhen.gd.cn.domain: 19067+ SRV? _spotify-mac-client._tcp.spotify.com. (54) 14:23:36.477959 IP (tos 0x0, ttl 64, id 32765, offset 0, flags [DF], proto UDP (17), length 82) 10.7.0.2.17405 > cache-a.guangzhou.gd.cn.domain: 19067+ SRV? _spotify-mac-client._tcp.spotify.com. (54) 14:23:36.606688 IP (tos 0x0, ttl 64, id 65463, offset 0, flags [DF], proto ICMP (1), length 84) 10.7.0.2 > google-public-dns-a.google.com: ICMP echo request, id 6096, seq 46, length 64 14:23:36.638834 IP (tos 0x0, ttl 46, id 0, offset 0, flags [none], proto ICMP (1), length 84) google-public-dns-a.google.com > 10.7.0.2: ICMP echo reply, id 6096, seq 46, length 64

---

CLIENT traceroute 8.8.8.8 traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets 1 10.7.0.1 (10.7.0.1) 36.123 ms 37.783 ms 41.575 ms 2 103.41.132.1 (103.41.132.1) 44.331 ms 45.178 ms 47.482 ms 3 123.242.225.37 (123.242.225.37) 50.255 ms 52.057 ms 54.268 ms 4 123.242.225.9 (123.242.225.9) 57.284 ms 58.959 ms 61.005 ms 5 202.40.161.10 (202.40.161.10) 68.861 ms * 83.697 ms 6 66.249.95.80 (66.249.95.80) 83.737 ms 72.14.234.30 (72.14.234.30) 37.730 ms 7 216.239.40.35 (216.239.40.35) 72.477 ms 209.85.142.185 (209.85.142.185) 73.339 ms 8 * 72.14.233.169 (72.14.233.169) 75.195 ms 209.85.241.99 (209.85.241.99) 77.435 ms 9 209.85.243.21 (209.85.243.21) 84.399 ms 209.85.243.23 (209.85.243.23) 86.403 ms 209.85.243.21 (209.85.243.21) 92.180 ms 10 * * * 11 8.8.8.8 (8.8.8.8) 96.968 ms 99.848 ms 65.442 ms

SERVER tcpdump -v -i tun0 tcpdump: listening on tun0, link-type RAW (Raw IP), capture size 65535 bytes 14:26:45.032546 IP (tos 0x0, ttl 64, id 51106, offset 0, flags [DF], proto TCP (6), length 641) 10.7.0.2.53359 > unassigned.psychz.net.http: Flags [P.], cksum 0xfa05 (correct), seq 1429190970:1429191571, ack 1558455911, win 942, length 601 14:26:45.195498 IP (tos 0x0, ttl 119, id 42636, offset 0, flags [none], proto TCP (6), length 40) unassigned.psychz.net.http > 10.7.0.2.53359: Flags [.], cksum 0x556f (correct), ack 601, win 2076, length 0 14:26:45.230768 IP (tos 0x0, ttl 56, id 36721, offset 0, flags [DF], proto TCP (6), length 964) unassigned.psychz.net.http > 10.7.0.2.53359: Flags [P.], cksum 0x9587 (correct), seq 1:925, ack 601, win 2099, length 924 14:26:45.270834 IP (tos 0x0, ttl 64, id 51107, offset 0, flags [DF], proto TCP (6), length 40) 10.7.0.2.53359 > unassigned.psychz.net.http: Flags [.], cksum 0x5632 (correct), ack 925, win 957, length 0 14:26:45.284861 IP (tos 0x0, ttl 64, id 4309, offset 0, flags [DF], proto UDP (17), length 71) 10.7.0.2.17073 > cache-b.shenzhen.gd.cn.domain: 55396+ PTR? 9.250.85.209.in-addr.arpa. (43) 14:26:45.285913 IP (tos 0x0, ttl 64, id 55614, offset 0, flags [DF], proto UDP (17), length 71) 10.7.0.2.17073 > cache-a.guangzhou.gd.cn.domain: 55396+ PTR? 9.250.85.209.in-addr.arpa. (43) 14:26:45.491678 IP (tos 0x0, ttl 119, id 44234, offset 0, flags [none], proto TCP (6), length 40) unassigned.psychz.net.http > 10.7.0.2.53359: Flags [.], cksum 0x51a7 (correct), ack 601, win 2120, length 0 14:26:47.343218 IP (tos 0x0, ttl 1, id 49518, offset 0, flags [none], proto UDP (17), length 60) 10.7.0.2.34335 > google-public-dns-a.google.com.33434: UDP, length 32 14:26:47.343276 IP (tos 0xc0, ttl 64, id 50295, offset 0, flags [none], proto ICMP (1), length 88) 10.7.0.1 > 10.7.0.2: ICMP time exceeded in-transit, length 68 IP (tos 0x0, ttl 1, id 49518, offset 0, flags [none], proto UDP (17), length 60) 10.7.0.2.34335 > google-public-dns-a.google.com.33434: UDP, length 32 14:26:47.345502 IP (tos 0x0, ttl 1, id 49519, offset 0, flags [none], proto UDP (17), length 60) 10.7.0.2.41229 > google-public-dns-a.google.com.33435: UDP, length 32 14:26:47.345520 IP (tos 0xc0, ttl 64, id 50296, offset 0, flags [none], proto ICMP (1), length 88) 10.7.0.1 > 10.7.0.2: ICMP time exceeded in-transit, length 68 IP (tos 0x0, ttl 1, id 49519, offset 0, flags [none], proto UDP (17), length 60) 10.7.0.2.41229 > google-public-dns-a.google.com.33435: UDP, length 32 14:26:47.347746 IP (tos 0x0, ttl 1, id 49520, offset 0, flags [none], proto UDP (17), length 60) 10.7.0.2.48716 > google-public-dns-a.google.com.33436: UDP, length 32 14:26:47.347763 IP (tos 0xc0, ttl 64, id 50297, offset 0, flags [none], proto ICMP (1), length 88) 10.7.0.1 > 10.7.0.2: ICMP time exceeded in-transit, length 68 IP (tos 0x0, ttl 1, id 49520, offset 0, flags [none], proto UDP (17), length 60)

---

CLIENT wget www.google.com --2015-06-09 14:30:18-- http://www.google.com/ Resolving www.google.com (www.google.com)... failed: Name or service not known. wget: unable to resolve host address ‘www.google.com’

SERVER 14:30:18.737536 IP (tos 0x0, ttl 64, id 31474, offset 0, flags [DF], proto UDP (17), length 60) 10.7.0.2.35130 > cache-b.shenzhen.gd.cn.domain: 59288+ A? www.google.com. (32) 14:30:18.739946 IP (tos 0x0, ttl 64, id 17233, offset 0, flags [DF], proto UDP (17), length 60) 10.7.0.2.35130 > cache-a.guangzhou.gd.cn.domain: 59288+ A? www.google.com. (32) 14:30:18.742172 IP (tos 0x0, ttl 64, id 31475, offset 0, flags [DF], proto UDP (17), length 60) 10.7.0.2.41795 > cache-b.shenzhen.gd.cn.domain: 35018+ AAAA? www.google.com. (32) 14:30:18.743473 IP (tos 0x0, ttl 64, id 17234, offset 0, flags [DF], proto UDP (17), length 60) 10.7.0.2.41795 > cache-a.guangzhou.gd.cn.domain: 35018+ AAAA? www.google.com. (32) 14:30:19.318033 IP (tos 0x0, ttl 64, id 51138, offset 0, flags [DF], proto TCP (6), length 641) 10.7.0.2.53359 > unassigned.psychz.net.http: Flags [P.], cksum 0xdf61 (correct), seq 1429199384:1429199985, ack 1558468683, win 1161, length 601 14:30:19.480701 IP (tos 0x0, ttl 119, id 53425, offset 0, flags [none], proto TCP (6), length 40) unassigned.psychz.net.http > 10.7.0.2.53359: Flags [.], cksum 0x002e (correct), ack 601, win 2715, length 0 14:30:19.514802 IP (tos 0x0, ttl 56, id 36737, offset 0, flags [DF], proto TCP (6), length 964) unassigned.psychz.net.http > 10.7.0.2.53359: Flags [P.], cksum 0x0144 (correct), seq 1:925, ack 601, win 2738, length 924 14:30:19.609665 IP (tos 0x0, ttl 64, id 51139, offset 0, flags [DF], proto TCP (6), length 40) 10.7.0.2.53359 > unassigned.psychz.net.http: Flags [.], cksum 0x0295 (correct), ack 925, win 1176, length 0 14:30:19.754757 IP (tos 0x0, ttl 119, id 55296, offset 0, flags [none], proto TCP (6), length 41) unassigned.psychz.net.http > 10.7.0.2.53359: Flags [.], cksum 0x617c (correct), seq 922:923, ack 601, win 2738, length 1 14:30:19.786615 IP (tos 0x0, ttl 119, id 55461, offset 0, flags [none], proto TCP (6), length 40) unassigned.psychz.net.http > 10.7.0.2.53359: Flags [.], cksum 0xfc65 (correct), ack 601, win 2759, length 0 14:30:19.802379 IP (tos 0x0, ttl 64, id 51140, offset 0, flags [DF], proto TCP (6), length 52) 10.7.0.2.53359 > unassigned.psychz.net.http: Flags [.], cksum 0x5aeb (correct), ack 925, win 1176, options [nop,nop,sack 1 {922:923}], length 0 14:30:23.631646 IP (tos 0x0, ttl 64, id 32711, offset 0, flags [DF], proto UDP (17), length 60) 10.7.0.2.35130 > cache-b.shenzhen.gd.cn.domain: 59288+ A? www.google.com. (32) 14:30:23.633793 IP (tos 0x0, ttl 64, id 18240, offset 0, flags [DF], proto UDP (17), length 60) 10.7.0.2.35130 > cache-a.guangzhou.gd.cn.domain: 59288+ A? www.google.com. (32) 14:30:23.635082 IP (tos 0x0, ttl 64, id 32712, offset 0, flags [DF], proto UDP (17), length 60) 10.7.0.2.41795 > cache-b.shenzhen.gd.cn.domain: 35018+ AAAA? www.google.com. (32) 14:30:23.637212 IP (tos 0x0, ttl 64, id 18241, offset 0, flags [DF], proto UDP (17), length 60) 10.7.0.2.41795 > cache-a.guangzhou.gd.cn.domain: 35018+ AAAA? www.google.com. (32) 14:30:28.632412 IP (tos 0x0, ttl 64, id 33250, offset 0, flags [DF], proto UDP (17), length 60) 10.7.0.2.7215 > cache-b.shenzhen.gd.cn.domain: 35492+ A? www.google.com. (32) 14:30:28.634454 IP (tos 0x0, ttl 64, id 18577, offset 0, flags [DF], proto UDP (17), length 60) 10.7.0.2.7215 > cache-a.guangzhou.gd.cn.domain: 35492+ A? www.google.com. (32) 14:30:28.636569 IP (tos 0x0, ttl 64, id 33251, offset 0, flags [DF], proto UDP (17), length 60) 10.7.0.2.51457 > cache-b.shenzhen.gd.cn.domain: 28073+ AAAA? www.google.com. (32) 14:30:28.637997 IP (tos 0x0, ttl 64, id 18578, offset 0, flags [DF], proto UDP (17), length 60) 10.7.0.2.51457 > cache-a.guangzhou.gd.cn.domain: 28073+ AAAA? www.google.com. (32) 14:30:33.636040 IP (tos 0x0, ttl 64, id 33658, offset 0, flags [DF], proto UDP (17), length 60) 10.7.0.2.7215 > cache-b.shenzhen.gd.cn.domain: 35492+ A? www.google.com. (32) 14:30:33.638421 IP (tos 0x0, ttl 64, id 19353, offset 0, flags [DF], proto UDP (17), length 60) 10.7.0.2.7215 > cache-a.guangzhou.gd.cn.domain: 35492+ A? www.google.com. (32) 14:30:33.639762 IP (tos 0x0, ttl 64, id 33659, offset 0, flags [DF], proto UDP (17), length 60) 10.7.0.2.51457 > cache-b.shenzhen.gd.cn.domain: 28073+ AAAA? www.google.com. (32) 14:30:33.642002 IP (tos 0x0, ttl 64, id 19354, offset 0, flags [DF], proto UDP (17), length 60)

---

Web browsing does not work, WGET does not work.

Also In the FAQ you said to: on server netstat -nr and ifconfig check if your wan is eth0 if not, update server.sh on client netstat -nr and ifconfig check if your lan is eth0. if not, update client.sh

I looked in these and I can't find anywhere where you should specify the network adaptor.

Is there anything I need to do on the client? Is the client configured correctly? Thanks

[clowwindy]

Your server failed to contact your DNS server:

10.7.0.2.35130 > cache-b.shenzhen.gd.cn.domain

Use a different DNS server instead.

[ltoshea]

Since this is a socks proxy does DNS not get resolved by the server rather than the client? The server can browse webpages fine so it can resolve dns..

On Tue, 9 Jun 2015 20:31 clowwindy notifications@github.com wrote:

Your server failed to contact your DNS server:

10.7.0.2.35130 > cache-b.shenzhen.gd.cn.domain

Use a different DNS server instead.

— Reply to this email directly or view it on GitHub https://github.com/clowwindy/ShadowVPN/issues/113#issuecomment-110340284 .

[clowwindy]

This is not a socks proxy. And you're trying to resolve using your local DNS via VPN, cache-b.shenzhen.gd.cn.domain

[ltoshea]

对不起，我不说中文。 Sorry my mistake it was late and I was juggling multiple implementations, one of which was socks. How do I force DNS to be resolved through VPN? Local DNS is useless as i'm in China and it will poison my cache.

On 10 June 2015 at 08:22, clowwindy notifications@github.com wrote:

This is not a socks proxy. And you're trying to resolve using your local DNS, cache-b.shenzhen.gd.cn.domain

— Reply to this email directly or view it on GitHub https://github.com/clowwindy/ShadowVPN/issues/113#issuecomment-110542043 .

[clowwindy]

Just set your DNS to 8.8.8.8

[ltoshea]

Hi clowwindy, I'm sorry I did not get back to you sooner I got pulled away onto another project. This issue is still not closed. Do you mean set my DNS to 8.8.8.8 on my proxy server? The proxy server obviously doesn't have a problem resolving DNS normally as I can browse the internet from it no problem. Can you please explain your solution in more detail.

[clowwindy]

On your client machine.

[ltoshea]

But my client machine cannot access 8.8.8.8 since it's within China. Surely the VPN server should be resolving DNS?

[clowwindy]

You have a VPN why you can't access 8.8.8.8?

[ltoshea]

I am trying to use shadowVPN as the VPN. I want shadowVPN to resolve DNS!

[clowwindy]

You can just set your DNS on your OS to 8.8.8.8.