I'm connected but can't ping anything

[RomanJos]

Hi, i don't know why but I can't make it work On the server sudo dsvpn server /home/roman/vpn.key auto 4000 On the client sudo dsvpn client Bureau/vpn.key theip 4000 The output on the client :

Interface: [tun0]
Trying to reconnect
Connecting to theip:4000...
net.ipv4.tcp_congestion_control = bbr
Connected

The output on the server :

Interface: [tun1]
net.ipv4.ip_forward = 1
Listening to *:4000
Accepting new client from [myip]
Accepted

The route that get added is 192.168.10.0/24 dev eno1 proto kernel scope link src 192.168.10.99 metric 100 On this post it is 0.0.0.0/1 via 192.168.192.254 dev tun0 Thanks

[xaduha]

Same here. Can't even keep the connection.

Interface: [tun0]
net.ipv4.ip_forward = 1
Listening to *:1959
Accepting new client from [<ip>]
Accepted
Client disconnected

client:

Interface: [tun0]
Trying to reconnect
Connecting to <ip>:1959...
net.ipv4.tcp_congestion_control = bbr
Connected
Client disconnected
Trying to reconnect
Connecting to <ip>:1959...
Client connection failed: Connection timed out
Trying to reconnect
Connecting to <ip>:1959...

it's on master, gonna try 0.1.3 version now.

[jedisct1]

@xaduha Your issue is likely to be different. Port 1959 of the server appears to be filtered. Try on the normal port (443) or check your firewall settings both client side and server side.

[xaduha]

Well, looks like it works now. In my case it was because of missing iptables, it's sort of there and sort of isn't on default NixOS.

[RomanJos]

Any help on this ?

[jedisct1]

Unfortunately, you probably know Linux more than I do.

Can you ping 192.168.192.254 and/or 192.168.192.1?

[RomanJos]

Haha lol I can only ping 192.168.192.1 from my computer I didn't tested from the server because if I start the vpn I can't contact it oh I think I know whats wrong here, my ssh connection drop when I'm trying to connect. Nope I thought dsvpn would stop or anything like that when I try to make a connection but I tried with systemctl start dsvpn but it didn't helped there is no error server side and client side from dsvpn by the way is there a verbose mode or anything like that to debug it ? Or if you have a demo server that would be cool The only possible issue I see is my route table

[roman@roman-pc ~]$ ip route
default via 192.168.1.1 dev eno1 proto dhcp metric 100 
192.168.1.0/24 dev eno1 proto kernel scope link src 192.168.1.5 metric 100 
192.168.50.0/24 dev virbr1 proto kernel scope link src 192.168.50.1 linkdown 
192.168.192.254 dev tun0 proto kernel scope link src 192.168.192.1 
212.83.143.67 via 192.168.1.1 dev eno1

but according to this article and if I understand it right 192.168.192.254 dev tun0 proto kernel scope link src 192.168.192.1 is just redirecting my attempt to reach 192.168.192.1 in the tun0 interface ? I have manjaro client side and debian Strech on my server, I use it as a openmptcp vps server but its been 4 month I didn't used it

[jedisct1]

You may be able to ssh to 192.168.192.1 then!

In src/os.c, you can also try replacing

        if (silent) {

with

        if (0) {

in order to print errors when external commands are run. Maybe some tools are missing on your system or they are too old.

[RomanJos]

You may be able to ssh to 192.168.192.1 then!

192.168.192.1 is my machine lol with your change I get this on my machine :

[roman@roman-pc dsvpn]$ sudo ./dsvpn client ../../Bureau/vpn.key <ip> 4000
Interface: [tun0]
RTNETLINK answers: No such file or directory
RTNETLINK answers: No such file or directory
RTNETLINK answers: No such file or directory
RTNETLINK answers: No such file or directory
Trying to reconnect
Connecting to <ip>:4000...
net.ipv4.tcp_congestion_control = bbr
Connected
^CDone.

and on the server I did the same but there is nothing new :

net.ipv4.ip_forward = 1
Interface: [tun1]
Listening to *:4000
Accepting new client from [<ip>]
Accepted
Client disconnected
Done.

[jedisct1]

Do you have other firewalling rules, on the server or on the client?

[RomanJos]

Damn i'm so dumb :rofl: [ 791.667135] Shorewall:FORWARD:REJECT:IN=tun1 OUT=ens2 MAC= SRC=********* DST=******* LEN=80 TC=0 HOPLIMIT=63 FLOWLBL=1046406 PROTO=TCP SPT=60458 DPT=80 WINDOW=26820 RES=0x00 SYN URGP=0 I have shorewall because of openMPTCP and I don't know how to use it lol I will dig more into this

[jedisct1]

I'm not familiar with Shorewall, but there has to be a simple way to allow all traffic on tun1.

[RomanJos]

Well I removed everything and installed Arch and opened the port with ufw and and that was it lol now its working except if I try to ping google for example I ping it with Ipv6 I tried to tweak the gateway ip etc but it still choose ipv6

[roman@roman-pc ~]$ ping google.com
PING google.com(par21s04-in-x0e.1e100.net (2a00:1450:4007:811::200e)) 56 data bytes
From 64:ff9b::c0a8:c0fe (64:ff9b::c0a8:c0fe): icmp_seq=1 Destination unreachable: No route

The ipv6 issue come from me ! The basic install of Arch donc seems to work with Scaleway I ended up by disabling dhcpcd.service and enable systemd.network.service and put this in /etc/systemd/network/wired.netword

[Match]
Name=ens2

[Network]
Address=<ipv6>1/64
Gateway=<ipv6>
Address=<ipv4local>/31

[Route]
Gateway=<ipv4local>

Thank you for your amazing work by the way even with all the problem I had it was simpler that openvpn lol

[jedisct1]

Thanks for the update and glad to hear that everything is now working!