I can't get this working on windows 10

[Pyvib]

I don't know if I'm extremely dense or if the documentation is terrible, but I can't get tun2socks up and running, and I need help. I have already looked at https://github.com/xjasonlyu/tun2socks/wiki/Route-configuration#windows as well as every relevant issue and I still don't get what I'm supposed to do and can't get it working.

I have v2rayN running and it works fine as a proxy, got wintun 0.14.1 dll and finally ran: tun2socks-windows-amd64.exe -device tun://tun0 -proxy socks5://127.0.0.1:10808 This runs fine and I can see udp connections in the cmd, I also see accepted connections in v2rayN. But, of course I'm still not using the adapter. Moving on..

netsh interface ip set dns "tun0" static address=9.9.9.10 //Seems to work fine, again not yet using the adapter

netsh interface ip set address "tun0" static address=10.10.10.2 mask=255.255.255.0 gateway=10.10.10.1 //Here's where the problems start, this automatically adds the route "0.0.0.0 0.0.0.0 10.10.10.1 1" and then my internet connection becomes useless, if I try to access a website I get "This site can’t be reached website.com’s DNS address could not be found. Diagnosing the problem. DNS_PROBE_POSSIBLE" (I have also tried with 8.8.8.8 instead)

I'm not sure what I'm supposed to do here, I tried doing: route add (the v2ray server I'm connecting to) 192.168.1.1 metric 5 //But that did nothing and I have no clue what in the world I'm supposed to do.

Slightly offtopic (assuming I can get past this issue) is there a way to have this whole thing be a one time setup? the main problem is that the tunnel driver disappears and reappears with the grey sub-name incremented (for example: tun0 10), is there a way to have it be persistent? or would I have to run the exe as well as a bat file doing this stuff on startup?

[xjasonlyu]

Hi, sorry for the late response.

The doc only contains some basic setups and configurations, and it did not fully describe some use-cases specifically. Usually people who use tun2socks have know how to config it already, so I'm too lazy to add the details in the doc lol.

The issue you mentioned, well, I think the right steps are:

1. run the tun2socks exe in the cmd, then you can see an adapter is up
2. then config the adapter with correct ip/gateway/dns by netsh or GUI
3. config route tables, and make sure your proxy's ip won't get looped

For the one time setup, yes you can use batch script to automate the setups. And I think the adapter name should be static after first run, unless some additional changes have been applied.

[chromer030]

Maybe these commands suit your need :

start cmd /k tun2socks-windows-amd64.exe -device tun://tun00 -proxy $Proxy
netsh interface ip set address "tun00" static address=10.10.10.2 mask=255.255.255.0 gateway=10.10.10.1
netsh interface ip set dns name="tun00" static 8.8.8.8
route add $ip $DefaultGateway metric 5
route add 0.0.0.0 mask 0.0.0.0 10.10.10.1

[Pyvib]

Maybe these commands suit your need :

start cmd /k tun2socks-windows-amd64.exe -device tun://tun00 -proxy $Proxy
netsh interface ip set address "tun00" static address=10.10.10.2 mask=255.255.255.0 gateway=10.10.10.1
netsh interface ip set dns name="tun00" static 8.8.8.8
route add $ip $DefaultGateway metric 5
route add 0.0.0.0 mask 0.0.0.0 10.10.10.1

I'm still having issues. For starters to make things clear, I am using v2rayN on windows, with udp enabled and turn on sniffing is checked (no idea what that does, though I did try with it off) and everything is default configuration. Secondly my gateway is 192.168.1.1, my pc's internal ip is 192.168.1.10 and I use these dns servers for my ethernet adapter: 9.9.9.10 149.112.112.10 (quad9). Let's assume the proxy I'm connected to through v2ray has the ip 82.83.40.20 (random example and is a trojan proxy, port 443).

Running start cmd /k tun2socks-windows-amd64.exe -device tun://tun00 -proxy socks5://127.0.0.1:10808 seems to work fine, giving output that looks like this (there are several more of these info msgs):

time="2021-11-17T21:07:52+02:00" level=info msg="[UDP] [fe80::38f0:b6e4:15ad:9260]:5353 --> [ff02::fb]:5353"
time="2021-11-17T21:07:52+02:00" level=info msg="[UDP] [fe80::38f0:b6e4:15ad:9260]:65388 --> [ff02::1:3]:5355"
time="2021-11-17T21:07:52+02:00" level=info msg="[UDP] [fe80::38f0:b6e4:15ad:9260]:58214 --> [ff02::1:3]:5355"

After that I ran netsh interface ip set address "tun00" static address=10.10.10.2 mask=255.255.255.0 gateway=10.10.10.1 and at that point I'm facing issues already, firstly I get a TON (like 8000) of these info msgs, in the port ranges 50k to 64k:

level=info msg="[TCP] 10.10.10.2:55872 <->  82.83.40.20:443"
level=info msg="[TCP] 10.10.10.2:55874 <->  82.83.40.20:443"
level=info msg="[TCP] 10.10.10.2:55878 <->  82.83.40.20:443"
level=info msg="[TCP] 10.10.10.2:55876 <->  82.83.40.20:443"
level=info msg="[TCP] 10.10.10.2:58010 <->  82.83.40.20:443"
level=info msg="[TCP] 10.10.10.2:55880 <->  82.83.40.20:443"
level=info msg="[TCP] 10.10.10.2:60228 <->  82.83.40.20:443"
level=info msg="[TCP] 10.10.10.2:60238 <->  82.83.40.20:443"
level=info msg="[TCP] 10.10.10.2:60250 <->  82.83.40.20:443"
level=info msg="[TCP] 10.10.10.2:60254 <->  82.83.40.20:443"
level=info msg="[TCP] 10.10.10.2:60258 <->  82.83.40.20:443"
level=info msg="[TCP] 10.10.10.2:60118 <->  82.83.40.20:443"
level=info msg="[TCP] 10.10.10.2:60115 <->  82.83.40.20:443"
level=info msg="[TCP] 10.10.10.2:61742 <->  82.83.40.20:443"
level=info msg="[TCP] 10.10.10.2:60262 <->  82.83.40.20:443"

then I'll start getting these:

level=info msg="[UDP] 10.10.10.2:53578 --> 239.255.255.250:1900"
level=warning msg="[TCP] dial 82.83.40.20:443 error: connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: bind: An operation on a socket could not be performed because the system lacked sufficient buffer space or because a queue was full."

level=info msg="[TCP] 10.10.10.2:53621 <-> 82.83.40.20:443"
level=info msg="[TCP] 10.10.10.2:62059 <-> 82.83.40.20:443"
level=warning msg="[TCP] dial 9.9.9.9:443 error: connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: connectex: Only one usage of each socket address (protocol/network address/port) is normally permitted."
level=warning msg="[TCP] dial 9.9.9.9:443 error: connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: connectex: Only one usage of each socket address (protocol/network address/port) is normally permitted."
level=warning msg="[TCP] dial 149.112.112.10:53 error: connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: connectex: Only one usage of each socket address (protocol/network address/port) is normally permitted."
level=warning msg="[TCP] dial 149.112.112.10:53 error: connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: connectex: Only one usage of each socket address (protocol/network address/port) is normally permitted."
level=warning msg="[TCP] dial 149.112.112.10:53 error: connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: connectex: Only one usage of each socket address (protocol/network address/port) is normally permitted."
level=warning msg="[TCP] dial 149.112.112.10:53 error: connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: connectex: Only one usage of each socket address (protocol/network address/port) is normally permitted."
level=warning msg="[TCP] dial 149.112.112.10:53 error: connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: connectex: Only one usage of each socket address (protocol/network address/port) is normally permitted."
level=info msg="[TCP] 10.10.10.2:54762 <-> 9.9.9.9:443"
level=info msg="[TCP] 10.10.10.2:52993 <-> 9.9.9.9:44

and

level=info msg="[TCP] 10.10.10.2:53587 <-> 82.83.40.20:443"
level=warning msg="[TCP] dial 82.83.40.20:443 error: connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: connectex: Only one usage of each socket address (protocol/network address/port) is normally permitted."
level=warning msg="[TCP] dial 9.9.9.10:53 error: connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: connectex: Only one usage of each socket address (protocol/network address/port) is normally permitted."
level=warning msg="[TCP] dial 149.112.112.10:53 error: connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: connectex: Only one usage of each socket address (protocol/network address/port) is normally permitted."
level=warning msg="[TCP] dial 9.9.9.10:53 error: connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: connectex: Only one usage of each socket address (protocol/network address/port) is normally permitted."
level=warning msg="[TCP] dial 149.112.112.10:53 error: connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: connectex: Only one usage of each socket address (protocol/network address/port) is normally permitted."
level=info msg="[UDP] 10.10.10.2:5353 --> 224.0.0.251:5353"
level=info msg="[UDP] [fe80::790c:62b8:f390:fe34]:5353 --> [ff02::fb]:5353"
level=info msg="[UDP] 10.10.10.2:5353 --> 224.0.0.251:5353"

I assume this isn't expected output at this point, but I moved on to the next command anyways (using either 8.8.8.8 or my preferred dns 9.9.9.10 ends with the same result): netsh interface ip set dns name="tun00" static 9.9.9.10 this outputs

The configured DNS server is incorrect or does not exist.

But using the adapter gui I can see that it was added. Nevertheless, it thinks it's incorrect. Then I ran the next command (I'm not sure if you meant my local ip by $ip but that's what I used, I also tried 127.0.0.1): route add 192.168.1.10 192.168.1.1 metric 5 which gave the output

The route addition failed: The object already exists.

And finally route add 0.0.0.0 mask 0.0.0.0 10.10.10.1 with the output

The route addition failed: The object already exists.

Needless to say, it didn't work after all this, the browser gave me this error:

This site can’t be reached www.example.com’s DNS address could not be found. Diagnosing the problem.
DNS_PROBE_POSSIBLE

I have no idea what's going wrong, as soon as I set the adapter ip and stuff I get these thousands of info msgs and then the errors listed, I finally tried using http by running start cmd /k tun2socks-windows-amd64.exe -device tun://tun00 -proxy http://127.0.0.1:10809 but that gave me these errors:

Using existing driver 0.14
Creating adapter
level=info msg="[STACK] tun://tun00 <-> http://127.0.0.1:10809"
level=warning msg="[UDP] dial [ff02::fb]:5353 error: not supported"
level=warning msg="[UDP] dial [ff02::fb]:5353 error: not supported"
level=warning msg="[UDP] dial [ff02::fb]:5353 error: not supported"
level=warning msg="[UDP] dial [ff02::fb]:5353 error: not supported"
level=warning msg="[UDP] dial [ff02::1:3]:5355 error: not supported"

I really did not expect this to be this difficult and to be facing this many problems.

[xjasonlyu]

the $ip means your proxy’s ip, which in this case is 82.83.40.20. If you don’t add this as an exception route, you’ll get infinite loops just as you described above.

[Pyvib]

the $ip means your proxy’s ip, which in this case is 82.83.40.20. If you don’t add this as an exception route, you’ll get infinite loops just as you described above.

Thank you! After doing that it indeed finally works! I'm not sure if this is relevant but I figured I'd ask anyways, it appears that torrenting leaks my real ip. I do know that I can and should bind my client to the vpn adapter or have it use the proxy directly and these are fine solutions; but does the fact that it's leaking mean the vpn isn't really system wide? Or is this normal?

[xjasonlyu]

It depends which vpn you’re using, normally it’s system wide unless you have other configurations.

[Pyvib]

Perhaps I wasn't clear, I was talking about with using this tun2socks executable to create the tun00 adapter and route supposedly everything through it, that's what I meant by vpn. I assumed this would have meant a system wide vpn, and yet the torrent leaked my ip so I was wondering if this was normal or if there's perhaps something wrong.

[xjasonlyu]

Your route table decides where the traffic goes, and it's complicated. Theoretically, if you configure your routing correctly, all your TCP/UDP traffic goes through your proxy. Maybe you should check your routing tables for sure that everything is set well up.

[Pyvib]

I see, thanks again for the help!