Openstack VPN installs and connects successfully, but no internet access

[shapiro125]

OS / Environment (where do you run Algo on)

Darwin MacBook-Pro.local 17.5.0 Darwin Kernel Version 17.5.0: Fri Apr 13 19:32:32 PDT 2018; root:xnu-4570.51.2~1/RELEASE_X86_64 x86_64

Cloud Provider (where do you deploy Algo to)

Openstack Dreamcompute

Summary of the problem

The VPN installs correctly and connects successfully, but there is no internet access.

Steps to reproduce the behavior

1. Run algo
2. Connect to the VPN
3. Connects successfully and provides IP address.
4. Go to any website, but it says the server isn't responding.
5. Turning off the VPN allows internet connection again (not WiFi/LTE issue)

Full log

./algo

What provider would you like to use?

1. DigitalOcean
2. Amazon Lightsail
3. Amazon EC2
4. Microsoft Azure
5. Google Compute Engine
6. Scaleway
7. OpenStack (DreamCompute optimised)
8. Install to existing Ubuntu 16.04 server (Advanced)

Enter the number of your desired provider : 7

Enter the local path to your credentials OpenStack RC file (Can be donloaded from the OpenStack dashboard->Compute->API Access)

Name the vpn server:

Please enter your OpenStack Password for project dhc2319106 as user stusha6:

Do you want macOS/iOS clients to enable "VPN On Demand" when connected to cellular networks?

Do you want macOS/iOS clients to enable "VPN On Demand" when connected to Wi-Fi?

List the names of trusted Wi-Fi networks (if any) that macOS/iOS clients exclude from using the VPN (e.g., your home network. Comma-separated value, e.g., HomeNet,OfficeWifi,AlgoWiFi) :

Do you want to install a DNS resolver on this VPN server, to block ads while surfing?

Do you want each user to have their own account for SSH tunneling?

Do you want the VPN to support Windows 10 or Linux Desktop clients? (enables compatible ciphers and key exchange, less secure)

Do you want to retain the CA key? (required to add users in the future, but less secure)

PLAY [Configure the server] ****

TASK [Gathering Facts] ***** ok: [localhost]

TASK [Local pre-tasks] ***** included: /Users/Stuart/Sites/algo-master/playbooks/local.yml for localhost

TASK [Generate the SSH private key] **** changed: [localhost]

TASK [Generate the SSH public key] ***** ok: [localhost]

TASK [Change mode for the SSH private key] ***** ok: [localhost]

TASK [Ensure the dynamic inventory exists] ***** changed: [localhost]

TASK [cloud-openstack : Security group created] **** changed: [localhost]

TASK [cloud-openstack : Security rules created] **** changed: [localhost] => (item={u'port_min': 22, u'range': u'0.0.0.0/0', u'port_max': 22, u'proto': u'tcp'}) changed: [localhost] => (item={u'port_min': -1, u'range': u'0.0.0.0/0', u'port_max': -1, u'proto': u'icmp'}) changed: [localhost] => (item={u'port_min': 4500, u'range': u'0.0.0.0/0', u'port_max': 4500, u'proto': u'udp'}) changed: [localhost] => (item={u'port_min': 500, u'range': u'0.0.0.0/0', u'port_max': 500, u'proto': u'udp'})

TASK [cloud-openstack : Keypair created] *** changed: [localhost]

TASK [cloud-openstack : Gather facts about flavors] **** ok: [localhost]

TASK [cloud-openstack : Gather facts about images] ***** ok: [localhost]

TASK [cloud-openstack : Gather facts about public networks] **** ok: [localhost]

TASK [cloud-openstack : Set the network as a fact] ***** ok: [localhost] => (item={u'status': u'ACTIVE', u'subnets': [u'adedd9bd-64a6-4545-bffb-933fb595371a', u'5d1e9148-b023-4606-b959-2bff89412491', u'fa4e483c-1200-447c-bb2a-a6e1c9f775c1', u'8cc06a84-a4cb-4c8d-a0a3-350ab07ec6d0', u'0be66687-9358-46cd-9093-9ce62cb4ece7', u'9b89ec8f-ca7f-4a27-8ad9-a03ec4589136', u'109e7c17-f963-4e1e-ba73-af363f59ae8f'], u'availability_zone_hints': [], u'availability_zones': [u'nova'], u'ipv4_address_scope': None, u'description': None, u'tags': [], u'shared': True, u'router:external': True, u'admin_state_up': True, u'ipv6_address_scope': None, u'mtu': 8900, u'is_default': False, u'revision_number': 21, u'tenant_id': u'8af6fc76c6444ec6b301f2edb376359d', u'port_security_enabled': True, u'project_id': u'8af6fc76c6444ec6b301f2edb376359d', u'id': u'e098d02f-bb35-4085-ae12-664aad3d9c52', u'name': u'public'})

TASK [cloud-openstack : Set facts] ***** ok: [localhost]

TASK [cloud-openstack : Server created] **** changed: [localhost]

TASK [cloud-openstack : set_fact] ** ok: [localhost]

TASK [cloud-openstack : Add new instance to host group] **** changed: [localhost]

TASK [Local post-tasks] **** included: /Users/Stuart/Sites/algo-master/playbooks/post.yml for localhost

TASK [Wait until SSH becomes ready...] ***** ok: [localhost]

TASK [A short pause, in order to be sure the instance is ready] **** Pausing for 20 seconds (ctrl+C then 'C' = continue early, ctrl+C then 'A' = abort) ok: [localhost]

TASK [include_tasks] *** included: /Users/Stuart/Sites/algo-master/playbooks/local_ssh.yml for localhost

TASK [Ensure the local ssh directory is exist] ***** ok: [localhost]

TASK [Copy the algo ssh key to the local ssh directory] **** changed: [localhost]

PLAY [Configure the server and install required software] **

TASK [Common pre-tasks] **** included: /Users/Stuart/Sites/algo-master/playbooks/common.yml for 208.113.132.27

TASK [Check the system] **** changed: [208.113.132.27]

TASK [Ubuntu pre-tasks] **** included: /Users/Stuart/Sites/algo-master/playbooks/ubuntu.yml for 208.113.132.27

TASK [Ubuntu | Install prerequisites] ** changed: [208.113.132.27]

TASK [Ubuntu | Configure defaults] ***** changed: [208.113.132.27]

TASK [FreeBSD pre-tasks] *** skipping: [208.113.132.27]

TASK [include_tasks] *** included: /Users/Stuart/Sites/algo-master/playbooks/facts/main.yml for 208.113.132.27

TASK [Gather Facts] **** ok: [208.113.132.27]

TASK [Ensure the algo ssh key exist on the server] ***** ok: [208.113.132.27]

TASK [Enable IPv6] ***** ok: [208.113.132.27]

TASK [Set facts if the deployment in a cloud] ** ok: [208.113.132.27]

TASK [Generate password for the CA key] **** changed: [208.113.132.27 -> localhost]

TASK [Generate p12 export password] **** changed: [208.113.132.27 -> localhost]

TASK [Define password facts] *** ok: [208.113.132.27]

TASK [Define the commonName] *** ok: [208.113.132.27]

TASK [common : include_tasks] ** included: /Users/Stuart/Sites/algo-master/roles/common/tasks/ubuntu.yml for 208.113.132.27

TASK [common : Install software updates] *** changed: [208.113.132.27]

TASK [common : Upgrade the ca certificates] **** ok: [208.113.132.27]

TASK [common : Check if reboot is required] **** changed: [208.113.132.27]

TASK [common : Reboot] ***** changed: [208.113.132.27]

TASK [common : Wait until SSH becomes ready...] **** ok: [208.113.132.27 -> localhost]

TASK [common : Include unatteded upgrades configuration] *** included: /Users/Stuart/Sites/algo-master/roles/common/tasks/unattended-upgrades.yml for 208.113.132.27

TASK [common : Install unattended-upgrades] **** ok: [208.113.132.27]

TASK [common : Configure unattended-upgrades] ** changed: [208.113.132.27]

TASK [common : Periodic upgrades configured] *** changed: [208.113.132.27]

TASK [common : Disable MOTD on login and SSHD] ***** changed: [208.113.132.27] => (item={u'regexp': u'^session.optional.pam_motd.so.', u'line': u'# MOTD DISABLED', u'file': u'/etc/pam.d/login'}) changed: [208.113.132.27] => (item={u'regexp': u'^session.optional.pam_motd.so.', u'line': u'# MOTD DISABLED', u'file': u'/etc/pam.d/sshd'})

TASK [common : Install system specific tools] ** ok: [208.113.132.27] => (item=ifupdown)

TASK [common : Ensure the interfaces directory exists] ***** ok: [208.113.132.27]

TASK [common : Loopback for services configured] *** changed: [208.113.132.27]

TASK [common : Loopback included into the network config] ** changed: [208.113.132.27]

RUNNING HANDLER [common : restart loopback] **** changed: [208.113.132.27]

TASK [common : Check apparmor support] ***** changed: [208.113.132.27]

TASK [common : set_fact] *** ok: [208.113.132.27]

TASK [common : set_fact] *** ok: [208.113.132.27]

TASK [common : include_tasks] ** skipping: [208.113.132.27]

TASK [common : Install tools] ** ok: [208.113.132.27] => (item=git) ok: [208.113.132.27] => (item=screen) changed: [208.113.132.27] => (item=apparmor-utils) ok: [208.113.132.27] => (item=uuid-runtime) ok: [208.113.132.27] => (item=coreutils) changed: [208.113.132.27] => (item=iptables-persistent) changed: [208.113.132.27] => (item=cgroup-tools) ok: [208.113.132.27] => (item=openssl)

TASK [common : Sysctl tuning] ** changed: [208.113.132.27] => (item={u'item': u'net.ipv4.ip_forward', u'value': 1}) changed: [208.113.132.27] => (item={u'item': u'net.ipv4.conf.all.forwarding', u'value': 1}) changed: [208.113.132.27] => (item={u'item': u'net.ipv6.conf.all.forwarding', u'value': 1})

TASK [dns_encryption : Include tasks for Ubuntu] *** included: /Users/Stuart/Sites/algo-master/roles/dns_encryption/tasks/ubuntu.yml for 208.113.132.27

TASK [dns_encryption : Add the repository] ***** changed: [208.113.132.27]

TASK [dns_encryption : Install dnscrypt-proxy] ***** changed: [208.113.132.27]

TASK [dns_encryption : Ubuntu | Unbound profile for apparmor configured] *** changed: [208.113.132.27]

TASK [dns_encryption : Ubuntu | Enforce the dnscrypt-proxy AppArmor policy] **** ok: [208.113.132.27]

TASK [dns_encryption : Ubuntu | Ensure that the dnscrypt-proxy service directory exist] *** changed: [208.113.132.27]

TASK [dns_encryption : Include tasks for FreeBSD] ** skipping: [208.113.132.27]

TASK [dns_encryption : dnscrypt-proxy configured] ** changed: [208.113.132.27]

TASK [dns_encryption : dnscrypt-proxy enabled and started] ***** ok: [208.113.132.27]

RUNNING HANDLER [dns_encryption : restart dnscrypt-proxy] ** changed: [208.113.132.27]

TASK [dns_adblocking : The DNS tag is defined] ***** ok: [208.113.132.27]

TASK [dns_adblocking : Dnsmasq installed] ** changed: [208.113.132.27]

TASK [dns_adblocking : Ensure that the dnsmasq user exist] ***** changed: [208.113.132.27]

TASK [dns_adblocking : The dnsmasq directory created] ** changed: [208.113.132.27]

TASK [dns_adblocking : include_tasks] ** included: /Users/Stuart/Sites/algo-master/roles/dns_adblocking/tasks/ubuntu.yml for 208.113.132.27

TASK [dns_adblocking : Ubuntu | Dnsmasq profile for apparmor configured] *** changed: [208.113.132.27]

TASK [dns_adblocking : Ubuntu | Enforce the dnsmasq AppArmor policy] *** changed: [208.113.132.27]

TASK [dns_adblocking : Ubuntu | Ensure that the dnsmasq service directory exist] *** changed: [208.113.132.27]

TASK [dns_adblocking : Ubuntu | Setup the cgroup limitations for the ipsec daemon] *** changed: [208.113.132.27]

TASK [dns_adblocking : include_tasks] ** skipping: [208.113.132.27]

TASK [dns_adblocking : Dnsmasq configured] ***** changed: [208.113.132.27]

TASK [dns_adblocking : Adblock script created] ***** changed: [208.113.132.27]

TASK [dns_adblocking : Adblock script added to cron] *** changed: [208.113.132.27]

TASK [dns_adblocking : Update adblock hosts] *** changed: [208.113.132.27]

RUNNING HANDLER [dns_adblocking : restart dnsmasq] ***** changed: [208.113.132.27]

RUNNING HANDLER [vpn : daemon-reload] ** changed: [208.113.132.27]

TASK [dns_adblocking : Dnsmasq enabled and started] **** ok: [208.113.132.27]

TASK [vpn : Ensure that the strongswan group exist] **** changed: [208.113.132.27]

TASK [vpn : Ensure that the strongswan user exist] ***** changed: [208.113.132.27]

TASK [vpn : include_tasks] ***** included: /Users/Stuart/Sites/algo-master/roles/vpn/tasks/ubuntu.yml for 208.113.132.27

TASK [vpn : set_fact] ** ok: [208.113.132.27]

TASK [vpn : Ubuntu | Install strongSwan] *** changed: [208.113.132.27]

TASK [vpn : Ubuntu | Enforcing ipsec with apparmor] **** changed: [208.113.132.27] => (item=/usr/lib/ipsec/charon) changed: [208.113.132.27] => (item=/usr/lib/ipsec/lookip) changed: [208.113.132.27] => (item=/usr/lib/ipsec/stroke)

TASK [vpn : Ubuntu | Enable services] ** ok: [208.113.132.27] => (item=apparmor) ok: [208.113.132.27] => (item=strongswan) ok: [208.113.132.27] => (item=netfilter-persistent)

TASK [vpn : Ubuntu | Ensure that the strongswan service directory exist] *** changed: [208.113.132.27]

TASK [vpn : Ubuntu | Setup the cgroup limitations for the ipsec daemon] **** changed: [208.113.132.27]

TASK [vpn : include_tasks] ***** included: /Users/Stuart/Sites/algo-master/roles/vpn/tasks/iptables.yml for 208.113.132.27

TASK [vpn : Iptables configured] *** changed: [208.113.132.27] => (item={u'dest': u'/etc/iptables/rules.v4', u'src': u'rules.v4.j2'})

TASK [vpn : Iptables configured] *** changed: [208.113.132.27] => (item={u'dest': u'/etc/iptables/rules.v6', u'src': u'rules.v6.j2'})

TASK [vpn : include_tasks] ***** skipping: [208.113.132.27]

TASK [vpn : Install strongSwan] **** ok: [208.113.132.27]

TASK [vpn : include_tasks] ***** included: /Users/Stuart/Sites/algo-master/roles/vpn/tasks/ipec_configuration.yml for 208.113.132.27

TASK [vpn : Setup the config files from our templates] ***** changed: [208.113.132.27] => (item={u'dest': u'/etc/strongswan.conf', u'src': u'strongswan.conf.j2', u'group': u'root', u'mode': u'0644', u'owner': u'root'}) changed: [208.113.132.27] => (item={u'dest': u'/etc/ipsec.conf', u'src': u'ipsec.conf.j2', u'group': u'root', u'mode': u'0644', u'owner': u'root'}) changed: [208.113.132.27] => (item={u'dest': u'/etc/ipsec.secrets', u'src': u'ipsec.secrets.j2', u'group': u'root', u'mode': u'0600', u'owner': u'strongswan'})

TASK [vpn : Get loaded plugins] **** changed: [208.113.132.27]

TASK [vpn : Disable unneeded plugins] ** changed: [208.113.132.27] => (item=updown) changed: [208.113.132.27] => (item=dnskey) changed: [208.113.132.27] => (item=pkcs1) skipping: [208.113.132.27] => (item=gcm) skipping: [208.113.132.27] => (item=pubkey) changed: [208.113.132.27] => (item=rc2) changed: [208.113.132.27] => (item=xcbc) skipping: [208.113.132.27] => (item=kernel-netlink) skipping: [208.113.132.27] => (item=nonce) changed: [208.113.132.27] => (item=sshkey) skipping: [208.113.132.27] => (item=hmac) skipping: [208.113.132.27] => (item=socket-default) skipping: [208.113.132.27] => (item=pkcs12) skipping: [208.113.132.27] => (item=aes) skipping: [208.113.132.27] => (item=pkcs7) skipping: [208.113.132.27] => (item=sha2) changed: [208.113.132.27] => (item=constraints) changed: [208.113.132.27] => (item=attr) skipping: [208.113.132.27] => (item=pkcs8) skipping: [208.113.132.27] => (item=x509) changed: [208.113.132.27] => (item=resolve) changed: [208.113.132.27] => (item=gmp) changed: [208.113.132.27] => (item=agent) skipping: [208.113.132.27] => (item=pgp) changed: [208.113.132.27] => (item=fips-prf) skipping: [208.113.132.27] => (item=random) changed: [208.113.132.27] => (item=sha1) skipping: [208.113.132.27] => (item=stroke) changed: [208.113.132.27] => (item=test-vectors) changed: [208.113.132.27] => (item=md5) changed: [208.113.132.27] => (item=md4) changed: [208.113.132.27] => (item=connmark) skipping: [208.113.132.27] => (item=pem) skipping: [208.113.132.27] => (item=openssl) skipping: [208.113.132.27] => (item=revocation)

TASK [vpn : Ensure that required plugins are enabled] ** skipping: [208.113.132.27] => (item=updown) skipping: [208.113.132.27] => (item=dnskey) skipping: [208.113.132.27] => (item=pkcs1) changed: [208.113.132.27] => (item=gcm) changed: [208.113.132.27] => (item=pubkey) skipping: [208.113.132.27] => (item=rc2) skipping: [208.113.132.27] => (item=xcbc) changed: [208.113.132.27] => (item=kernel-netlink) changed: [208.113.132.27] => (item=nonce) skipping: [208.113.132.27] => (item=sshkey) changed: [208.113.132.27] => (item=hmac) changed: [208.113.132.27] => (item=socket-default) changed: [208.113.132.27] => (item=pkcs12) changed: [208.113.132.27] => (item=aes) changed: [208.113.132.27] => (item=pkcs7) changed: [208.113.132.27] => (item=sha2) skipping: [208.113.132.27] => (item=constraints) skipping: [208.113.132.27] => (item=attr) changed: [208.113.132.27] => (item=pkcs8) changed: [208.113.132.27] => (item=x509) skipping: [208.113.132.27] => (item=resolve) skipping: [208.113.132.27] => (item=gmp) skipping: [208.113.132.27] => (item=agent) changed: [208.113.132.27] => (item=pgp) skipping: [208.113.132.27] => (item=fips-prf) changed: [208.113.132.27] => (item=random) skipping: [208.113.132.27] => (item=sha1) changed: [208.113.132.27] => (item=stroke) skipping: [208.113.132.27] => (item=test-vectors) skipping: [208.113.132.27] => (item=md5) skipping: [208.113.132.27] => (item=md4) skipping: [208.113.132.27] => (item=connmark) changed: [208.113.132.27] => (item=pem) changed: [208.113.132.27] => (item=openssl) changed: [208.113.132.27] => (item=revocation)

TASK [vpn : include_tasks] ***** included: /Users/Stuart/Sites/algo-master/roles/vpn/tasks/openssl.yml for 208.113.132.27

TASK [vpn : Set subjectAltName as a fact] ** ok: [208.113.132.27 -> localhost]

TASK [vpn : Ensure the pki directory does not exist] *** skipping: [208.113.132.27]

TASK [vpn : Ensure the pki directories exist] ** changed: [208.113.132.27 -> localhost] => (item=ecparams) changed: [208.113.132.27 -> localhost] => (item=certs) changed: [208.113.132.27 -> localhost] => (item=crl) changed: [208.113.132.27 -> localhost] => (item=newcerts) changed: [208.113.132.27 -> localhost] => (item=private) changed: [208.113.132.27 -> localhost] => (item=reqs)

TASK [vpn : Ensure the files exist] **** changed: [208.113.132.27 -> localhost] => (item=.rnd) changed: [208.113.132.27 -> localhost] => (item=private/.rnd) changed: [208.113.132.27 -> localhost] => (item=index.txt) changed: [208.113.132.27 -> localhost] => (item=index.txt.attr) changed: [208.113.132.27 -> localhost] => (item=serial)

TASK [vpn : Generate the openssl server configs] *** changed: [208.113.132.27 -> localhost]

TASK [vpn : Build the CA pair] ***** changed: [208.113.132.27 -> localhost]

TASK [vpn : Copy the CA certificate] *** changed: [208.113.132.27 -> localhost]

TASK [vpn : Generate the serial number] **** changed: [208.113.132.27 -> localhost]

TASK [vpn : Build the server pair] ***** changed: [208.113.132.27 -> localhost]

TASK [vpn : Build the client's pair] *** changed: [208.113.132.27 -> localhost] => (item=stuart)

TASK [vpn : Build the client's p12] **** changed: [208.113.132.27 -> localhost] => (item=stuart)

TASK [vpn : Copy the p12 certificates] ***** changed: [208.113.132.27 -> localhost] => (item=stuart)

TASK [vpn : Get active users] ** changed: [208.113.132.27 -> localhost]

TASK [vpn : Revoke non-existing users] ***** skipping: [208.113.132.27] => (item=stuart)

TASK [vpn : Genereate new CRL file] **** skipping: [208.113.132.27]

TASK [vpn : Copy the CRL to the vpn server] **** skipping: [208.113.132.27]

TASK [vpn : include_tasks] ***** included: /Users/Stuart/Sites/algo-master/roles/vpn/tasks/distribute_keys.yml for 208.113.132.27

TASK [vpn : Copy the keys to the strongswan directory] ***** changed: [208.113.132.27] => (item={u'dest': u'/etc/ipsec.d/cacerts/ca.crt', u'src': u'configs/208.113.132.27/pki/cacert.pem', u'group': u'root', u'mode': u'0600', u'owner': u'strongswan'}) changed: [208.113.132.27] => (item={u'dest': u'/etc/ipsec.d/certs/208.113.132.27.crt', u'src': u'configs/208.113.132.27/pki/certs/208.113.132.27.crt', u'group': u'root', u'mode': u'0600', u'owner': u'strongswan'}) changed: [208.113.132.27] => (item={u'dest': u'/etc/ipsec.d/private/208.113.132.27.key', u'src': u'configs/208.113.132.27/pki/private/208.113.132.27.key', u'group': u'root', u'mode': u'0600', u'owner': u'strongswan'})

TASK [vpn : include_tasks] ***** included: /Users/Stuart/Sites/algo-master/roles/vpn/tasks/client_configs.yml for 208.113.132.27

TASK [vpn : Register p12 PayloadContent] *** changed: [208.113.132.27 -> localhost] => (item=stuart)

TASK [vpn : Set facts for mobileconfigs] *** ok: [208.113.132.27 -> localhost]

TASK [vpn : Build the mobileconfigs] *** changed: [208.113.132.27] => (item=None)

TASK [vpn : Build the strongswan app android config] *** changed: [208.113.132.27] => (item=None)

TASK [vpn : Build the android helper html] ***** changed: [208.113.132.27] => (item=None)

TASK [vpn : Build the client ipsec config file] **** changed: [208.113.132.27 -> localhost] => (item=stuart)

TASK [vpn : Build the client ipsec secret file] **** changed: [208.113.132.27 -> localhost] => (item=stuart)

TASK [vpn : Create the windows check file] ***** skipping: [208.113.132.27]

TASK [vpn : Check if the windows check file exists] **** ok: [208.113.132.27 -> localhost]

TASK [vpn : Build the windows client powershell script] **** skipping: [208.113.132.27] => (item=[u'stuart', {'_ansible_parsed': True, 'stderr_lines': [], u'cmd': u'cat private/stuart.p12 | base64', u'end': u'2018-04-29 10:59:42.704487', '_ansible_no_log': False, '_ansible_delegated_vars': {'ansible_delegated_host': u'localhost', 'ansible_host': u'localhost'}, '_ansible_item_result': True, u'changed': True, u'stdout': u'MIIEGwIBAzCCA+EGCSqGSIb3DQEHAaCCA9IEggPOMIIDyjCCAp8GCSqGSIb3DQEHBqCCApAwggKMAgEAMIIChQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIR+Rh5p+Sl3ACAggAgIICWAfvx+k7VCGw2OIubeNfa7YMpNAhznQa3CLV4EMKeNMrcDLytSmH5l3sWBGTPI4rD2u4GxVmvME/HizTl7z6q6Iq/POnv4iui/uVsr6J7Cx5JtL9hIbN/Sf5U8DFXb8dUTSU1vbhBI5ph3OTWaUAMdXuogABjDdUsVs3pxGHIkaSakvczGNdaH0CMnm/iYphB1pv1coUFRmeIwYz+Tj/Xi4CUCkBrM8iUdvGCX4+h+sCAGYyKUcdePGfi8oK9SZPDojmGDyRUOFe3rknP3u1ekcxFviJSOs1JxkCATdFhHXLCo/WPhxDXFIKKybjbhWsoRv9rapwELjfF6OsoDiY/6fyXJXHS87hRa9lwA6TGNWAilkqO4umB6dsOcxIi5SKIZfvnz/6h/DhVskd7HN8edcXqHCzgUHxEBM0R3+xp0L3mZEd04iqquVNn4kl1bUSDCr5GLpCPp+S131yfgqLYDpfvO7XYURVxkixAA2d4lGiY8P0eulyuHtOR/i5Jr3iIz+YbnqwS/tAIyGrOLaknJPLisu37FFPBJKBKY/lgVW2YZkbSizQgOGvHwkTgLplwm4kCspZEeXbfErscenFR3jhinbMSedq8XN/KZYUZZZp7mXlGBvvxpBkxDWtYRro7UXR5WRU6k/jG4PkjSdCW/ildeXfbe9kQMNmshDjwy51rYY693AQ9XJatky2kQ3sFB+gAf9hCV8cjynnIsfMKEhLim7oeSLE1c5WragJ51qep8N+93FR6Y3QgSKWLfPbOKx47M+KRtj8KgKEHqXePDl8N1NgahEmLTCCASMGCSqGSIb3DQEHAaCCARQEggEQMIIBDDCCAQgGCyqGSIb3DQEMCgECoIG0MIGxMBwGCiqGSIb3DQEMAQMwDgQI9y2wbh9hQ+QCAggABIGQFtiPGpjyv26M6bGyq0505YQAuI866H4zLY1QlOZEfLCbS0a4DPcBdnxHvBgX7PaNjm7D7jNfIp+JvawpZTFCizwsCHacjLyRwQT9bmlC0CMJ5oTTbJLBJ9QDskife3l8kVjPvl9dfxv1g1/3879epZFWtQ5HRyxTDWMe17+c3iZ8J4NcffEXp7reX9jGVtsuMUIwGwYJKoZIhvcNAQkUMQ4eDABzAHQAdQBhAHIAdDAjBgkqhkiG9w0BCRUxFgQUKqf8/Re9tftAADyNOipRjlLC6iowMTAhMAkGBSsOAwIaBQAEFG126nR6FjWDIk+OCmgVGcKz3mzHBAggH60xHYBARgICCAA=', 'item': u'stuart', u'delta': u'0:00:00.013031', u'stderr': u'', u'rc': 0, u'invocation': {u'module_args': {u'warn': True, u'executable': None, u'chdir': u'configs/208.113.132.27/pki/', u'_raw_params': u'cat private/stuart.p12 | base64', u'removes': None, u'creates': None, u'_uses_shell': True, u'stdin': None}}, 'stdout_lines': [u'MIIEGwIBAzCCA+EGCSqGSIb3DQEHAaCCA9IEggPOMIIDyjCCAp8GCSqGSIb3DQEHBqCCApAwggKMAgEAMIIChQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIR+Rh5p+Sl3ACAggAgIICWAfvx+k7VCGw2OIubeNfa7YMpNAhznQa3CLV4EMKeNMrcDLytSmH5l3sWBGTPI4rD2u4GxVmvME/HizTl7z6q6Iq/POnv4iui/uVsr6J7Cx5JtL9hIbN/Sf5U8DFXb8dUTSU1vbhBI5ph3OTWaUAMdXuogABjDdUsVs3pxGHIkaSakvczGNdaH0CMnm/iYphB1pv1coUFRmeIwYz+Tj/Xi4CUCkBrM8iUdvGCX4+h+sCAGYyKUcdePGfi8oK9SZPDojmGDyRUOFe3rknP3u1ekcxFviJSOs1JxkCATdFhHXLCo/WPhxDXFIKKybjbhWsoRv9rapwELjfF6OsoDiY/6fyXJXHS87hRa9lwA6TGNWAilkqO4umB6dsOcxIi5SKIZfvnz/6h/DhVskd7HN8edcXqHCzgUHxEBM0R3+xp0L3mZEd04iqquVNn4kl1bUSDCr5GLpCPp+S131yfgqLYDpfvO7XYURVxkixAA2d4lGiY8P0eulyuHtOR/i5Jr3iIz+YbnqwS/tAIyGrOLaknJPLisu37FFPBJKBKY/lgVW2YZkbSizQgOGvHwkTgLplwm4kCspZEeXbfErscenFR3jhinbMSedq8XN/KZYUZZZp7mXlGBvvxpBkxDWtYRro7UXR5WRU6k/jG4PkjSdCW/ildeXfbe9kQMNmshDjwy51rYY693AQ9XJatky2kQ3sFB+gAf9hCV8cjynnIsfMKEhLim7oeSLE1c5WragJ51qep8N+93FR6Y3QgSKWLfPbOKx47M+KRtj8KgKEHqXePDl8N1NgahEmLTCCASMGCSqGSIb3DQEHAaCCARQEggEQMIIBDDCCAQgGCyqGSIb3DQEMCgECoIG0MIGxMBwGCiqGSIb3DQEMAQMwDgQI9y2wbh9hQ+QCAggABIGQFtiPGpjyv26M6bGyq0505YQAuI866H4zLY1QlOZEfLCbS0a4DPcBdnxHvBgX7PaNjm7D7jNfIp+JvawpZTFCizwsCHacjLyRwQT9bmlC0CMJ5oTTbJLBJ9QDskife3l8kVjPvl9dfxv1g1/3879epZFWtQ5HRyxTDWMe17+c3iZ8J4NcffEXp7reX9jGVtsuMUIwGwYJKoZIhvcNAQkUMQ4eDABzAHQAdQBhAHIAdDAjBgkqhkiG9w0BCRUxFgQUKqf8/Re9tftAADyNOipRjlLC6iowMTAhMAkGBSsOAwIaBQAEFG126nR6FjWDIk+OCmgVGcKz3mzHBAggH60xHYBARgICCAA='], u'start': u'2018-04-29 10:59:42.691456', '_ansible_ignore_errors': None, 'failed': False}])

TASK [vpn : Restrict permissions for the local private directories] **** changed: [208.113.132.27 -> localhost] => (item=configs/208.113.132.27)

RUNNING HANDLER [dns_adblocking : restart apparmor] **** changed: [208.113.132.27]

RUNNING HANDLER [vpn : restart strongswan] ***** changed: [208.113.132.27]

RUNNING HANDLER [vpn : daemon-reload] ** changed: [208.113.132.27]

RUNNING HANDLER [vpn : restart iptables] *** changed: [208.113.132.27]

TASK [vpn : strongSwan started] **** ok: [208.113.132.27]

TASK [debug] *** ok: [208.113.132.27] => { "msg": [ [ "\"# Congratulations! #\"", "\"# Your Algo server is running. #\"", "\"# Config files and certificates are in the ./configs/ directory. #\"", "\"# Go to https://whoer.net/ after connecting #\"", "\"# and ensure that all your traffic passes through the VPN. #\"", "\"# Local DNS resolver 172.16.0.1 #\"", "" ], " \"# The p12 and SSH keys password for new users is cerseX7D #\"\n", " ", " \"# Shell access: ssh -i configs/algo.pem ubuntu@208.113.132.27 #\"\n" ] }

TASK [Delete the CA key] *** changed: [208.113.132.27 -> localhost]

PLAY RECAP ***** 208.113.132.27 : ok=110 changed=72 unreachable=0 failed=0
localhost : ok=23 changed=8 unreachable=0 failed=0

[jackivanov]

Can't reproduce. DreamCompute works as expected

[shapiro125]

Hmm, ok.

I’ve tried deleting the instance and reinstalling, but still no internet (even though it tells me the vpn is connected). If I do a hard reboot, the internet does work for a minute or two, but then stops connecting again.

[mdmdd]

Hi. I am user of algo vpn since approx 2 months, Installed on DigitalOcean and since I installed I am facing same issue. Try creating new droplet, updating Algo...etc nothing works yet.

On connecting vpn(it connects within 2 seconds), internet starts working instantly and then stop working after next 2 minutes.

Reconnecting does same thing.