search

schwabe / ics-openvpn

OpenVPN for Android
3.36k stars 1.2k forks source link

“No route to host” when using ovpn to reverse tether over USB #1541

Closed bruceleerabbit closed 2 years ago

bruceleerabbit commented 2 years ago

To make issues more manageable, I would appreciate it if you fill out the following details as applicable:

General information

  1. Android Version 5.1.1
  2. Android Vendor/Custom ROM stock
  3. Device obscure
  4. Version of the app (version number/play store version/self-built) fdroid/0.7.41

Description of the issue

After following the guide on reverse tethering over USB using openvpn (written in 2016), openvpn on the android yields “No route to host”.

Log (if applicable)

2022-10-02 17:53:40 TCP/UDP: Preserving recently used remote address: [AF_INET]192.168.42.128:13444
2022-10-02 17:53:40 Socket Buffers: R=[1048576->1048576] S=[524288->524288]
2022-10-02 17:53:40 Attempting to establish TCP connection with [AF_INET]192.168.42.128:13444
2022-10-02 17:53:40 MANAGEMENT: >STATE:1664726020,TCP_CONNECT,,,,,,
2022-10-02 17:53:40 MANAGEMENT: CMD 'needok 'PROTECTFD' ok'
2022-10-02 17:53:40 Debug state info: CONNECTED  to WIFI "«SSID redacted»", pause: userPause, shouldbeconnected: true, network: SHOULDBECONNECTED 
2022-10-02 17:53:40 Debug state info: CONNECTED  to WIFI "«SSID redacted»", pause: userPause, shouldbeconnected: true, network: SHOULDBECONNECTED 
2022-10-02 17:53:43 TCP: connect to [AF_INET]192.168.42.128:13444 failed: No route to host
2022-10-02 17:53:43 SIGUSR1[connection failed(soft),init_instance] received, process restarting
2022-10-02 17:53:43 MANAGEMENT: >STATE:1664726023,RECONNECTING,init_instance,,,,,
2022-10-02 17:53:43 Waiting 10s seconds between connection attempt
2022-10-02 17:53:53 MANAGEMENT: CMD 'hold release'
2022-10-02 17:53:53 MANAGEMENT: CMD 'proxy NONE'
2022-10-02 17:53:53 MANAGEMENT: CMD 'bytecount 2'
2022-10-02 17:53:53 MANAGEMENT: CMD 'state on'
2022-10-02 17:53:54 MGMT: Got unrecognized command>FATAL:All connections have been connect-retry-max (5) times unsuccessful, exiting
2022-10-02 17:53:54 MANAGEMENT: Client disconnected
2022-10-02 17:53:54 All connections have been connect-retry-max (5) times unsuccessful, exiting
2022-10-02 17:53:54 Exiting due to fatal error
2022-10-02 17:53:54 Closing TUN/TAP interface
2022-10-02 17:53:54 /system/xbin/ifconfig vpnservice-tun 0.0.0.0
2022-10-02 17:53:54 Generic ip addr del failed: could not execute external program
2022-10-02 17:53:54 Process exited with exit value 1

Configuration file

See the guide.

Speculation — and secondary problem

Openvpn assumes that if there is no wifi connection & no mobile broadband connection, then there must be no connection at all (covered in bug #1540). In my case, I connected to a wifi router that had no uplink as a workaround to bug #1540. This was sufficient to trick openvpn into proceeding. But then openvpn fails to connect over USB to the ovpn peer that runs on a PC.

This apparently worked in 2016, but apparently some change was made such that openvpn attempts to connect over the dummy wifi uplink instead of the USB connection.

schwabe commented 2 years ago

2022-10-02 17:53:43 TCP: connect to [AF_INET]192.168.42.128:13444 failed: No route to host

That is an error from the operating system (Android). There is not really anything the app can do about that. It is probably more Android that changed than anything else.

bruceleerabbit commented 2 years ago

2022-10-02 17:53:43 TCP: connect to [AF_INET]192.168.42.128:13444 failed: No route to host

That is an error from the operating system (Android). There is not really anything the app can do about that. It is probably more Android that changed than anything else.

AOS 5.1.1 is from 2015 (1 yr before the reverse tethering guide was published). So it could not be due to an AOS change. The IP 192.168.42.128 exists only in the network space created by openvpn, so if the OS can’t reach it, this means there’s a problem with the vpn’s state.

schwabe commented 2 years ago

The IP 192.168.42.128 exists only in the network space created by openvpn

if you try to connect to a IP that your VPN provides, there is no wonder that this does not work

bruceleerabbit commented 2 years ago

So IIUC, you’re saying this guide could have never worked, correct? That author later wrote a Windows version of the same process, and used the same IP for that.