Ubuntu 18.04 Client & OpenVPN geht nicht mehr

[SnakeFFM]

Hallo,

leider kann ich über VPN nicht mehr connecten, egal welcher Server. Ich habe es über den Client und die Console versucht. Das erhalte ich beim Client. Ich habe nichts geändert am System, es ging wunderbar.

...
[2019-04-14 15:59:32] OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2018
[2019-04-14 15:59:32] library versions: OpenSSL 1.1.0g 2 Nov 2017, LZO 2.08
[2019-04-14 15:59:32] MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:7505
[2019-04-14 15:59:32] Need hold release from management interface, waiting...
[2019-04-14 15:59:33] MANAGEMENT: Client connected from [AF_INET]127.0.0.1:7505
[2019-04-14 15:59:33] MANAGEMENT: CMD 'pid'
[2019-04-14 15:59:33] MANAGEMENT: CMD 'log on all'
[2019-04-14 15:59:33] MANAGEMENT: CMD 'state on all'
[2019-04-14 15:59:33] MANAGEMENT: CMD 'auth-retry interact'
[2019-04-14 15:59:33] MANAGEMENT: CMD 'hold off'
[2019-04-14 15:59:33] MANAGEMENT: CMD 'hold release'
[2019-04-14 15:59:33] MANAGEMENT: CMD 'username "Auth" USERNAME'
[2019-04-14 15:59:33] MANAGEMENT: CMD 'password PASSWORD'
[2019-04-14 15:59:33] NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
[2019-04-14 15:59:33] Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
[2019-04-14 15:59:33] Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
[2019-04-14 15:59:33] LZO compression initializing
[2019-04-14 15:59:33] Control Channel MTU parms [ L:1626 D:1140 EF:110 EB:0 ET:0 EL:3 ]
[2019-04-14 15:59:33] MANAGEMENT: >STATE:1555250373,RESOLVE,,,,,,
[2019-04-14 15:59:33] Data Channel MTU parms [ L:1626 D:1300 EF:126 EB:407 ET:0 EL:3 ]
[2019-04-14 15:59:33] Fragmentation MTU parms [ L:1626 D:1300 EF:125 EB:407 ET:1 EL:3 ]
[2019-04-14 15:59:33] Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1606,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
[2019-04-14 15:59:33] Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1606,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
[2019-04-14 15:59:33] TCP/UDP: Preserving recently used remote address: [AF_INET]95.211.95.232:150
[2019-04-14 15:59:33] Socket Buffers: R=[212992->212992] S=[212992->212992]
[2019-04-14 15:59:33] UDP link local: (not bound)
[2019-04-14 15:59:33] UDP link remote: [AF_INET]95.211.95.232:150
[2019-04-14 15:59:33] MANAGEMENT: >STATE:1555250373,WAIT,,,,,,
[2019-04-14 15:59:33] MANAGEMENT: >STATE:1555250373,AUTH,,,,,,
[2019-04-14 15:59:33] TLS: Initial packet from [AF_INET]95.211.95.232:150, sid=787adf71 7721777d
[2019-04-14 15:59:33] WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
[2019-04-14 15:59:33] PID_ERR replay-window backtrack occurred [2] [TLS_WRAP-0] [00_00] 1555250373:5 1555250373:3 t=1555250373[0] r=[0,64,15,2,1] sl=[59,5,64,528]
[2019-04-14 15:59:33] VERIFY OK: depth=1, C=CH, ST=Zug, L=Zug, O=Perfect Privacy, CN=Perfect Privacy, emailAddress=admin@perfect-privacy.com
[2019-04-14 15:59:33] VERIFY KU OK
[2019-04-14 15:59:33] Validating certificate extended key usage
[2019-04-14 15:59:33] ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
[2019-04-14 15:59:33] VERIFY EKU OK
[2019-04-14 15:59:33] VERIFY OK: depth=0, C=CH, ST=Zug, O=Perfect Privacy, CN=Server_amsterdam.perfect-privacy.com, emailAddress=admin@perfect-privacy.com
[2019-04-14 15:59:33] Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
[2019-04-14 15:59:33] [Server_amsterdam.perfect-privacy.com] Peer Connection Initiated with [AF_INET]95.211.95.232:150
[2019-04-14 15:59:34] MANAGEMENT: >STATE:1555250374,GET_CONFIG,,,,,,
[2019-04-14 15:59:34] SENT CONTROL [Server_amsterdam.perfect-privacy.com]: 'PUSH_REQUEST' (status=1)
[2019-04-14 15:59:34] PUSH: Received control message: 'PUSH_REPLY,topology subnet,redirect-gateway def1,sndbuf 131072,rcvbuf 131072,comp-lzo adaptive,route-gateway 10.0.51.2,redirect-gateway ipv6,route-ipv6 2000::/3,ping 10,ping-restart 60,dhcp-option DNS 95.211.199.144,dhcp-option DNS 185.17.184.3,ifconfig-ipv6 fdbf:1d37:bbe0:0:3:11:0:1f/112 fdbf:1d37:bbe0:0:3:11:0:1,ifconfig 10.0.51.31 255.255.255.0,peer-id 15'
[2019-04-14 15:59:34] OPTIONS IMPORT: timers and/or timeouts modified
[2019-04-14 15:59:34] OPTIONS IMPORT: compression parms modified
[2019-04-14 15:59:34] LZO compression initializing
[2019-04-14 15:59:34] OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
[2019-04-14 15:59:34] Socket Buffers: R=[212992->262144] S=[212992->262144]
[2019-04-14 15:59:34] OPTIONS IMPORT: --ifconfig/up options modified
[2019-04-14 15:59:34] OPTIONS IMPORT: route options modified
[2019-04-14 15:59:34] OPTIONS IMPORT: route-related options modified
[2019-04-14 15:59:34] OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
[2019-04-14 15:59:34] OPTIONS IMPORT: peer-id set
[2019-04-14 15:59:34] OPTIONS IMPORT: adjusting link_mtu to 1629
[2019-04-14 15:59:34] Data Channel MTU parms [ L:1609 D:1300 EF:109 EB:407 ET:0 EL:3 ]
[2019-04-14 15:59:34] Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
[2019-04-14 15:59:34] Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
[2019-04-14 15:59:34] Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
[2019-04-14 15:59:34] Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
[2019-04-14 15:59:34] ROUTE_GATEWAY 192.168.2.1/255.255.255.0 IFACE=enp24s0 HWADDR=00:d8:61:2e:51:fa
[2019-04-14 15:59:34] GDG6: remote_host_ipv6=n/a
[2019-04-14 15:59:34] ROUTE6: default_gateway=UNDEF
[2019-04-14 15:59:34] TUN/TAP device tun0 opened
[2019-04-14 15:59:34] TUN/TAP TX queue length set to 100
[2019-04-14 15:59:34] do_ifconfig, tt->did_ifconfig_ipv6_setup=1
[2019-04-14 15:59:34] MANAGEMENT: >STATE:1555250374,ASSIGN_IP,,10.0.51.31,,,,,fdbf:1d37:bbe0:0:3:11:0:1f
[2019-04-14 15:59:34] /sbin/ip link set dev tun0 up mtu 1500
[2019-04-14 15:59:34] /sbin/ip addr add dev tun0 10.0.51.31/24 broadcast 10.0.51.255
[2019-04-14 15:59:34] /sbin/ip -6 addr add fdbf:1d37:bbe0:0:3:11:0:1f/112 dev tun0
[2019-04-14 15:59:34] Linux ip -6 addr add failed: external program exited with error status: 2

 

[SnakeFFM]

..und über die Konsole kommt das hier:

....
Sun Apr 14 16:23:04 2019 us=768071 GDG6: remote_host_ipv6=n/a
Sun Apr 14 16:23:04 2019 us=768119 ROUTE6_GATEWAY fe80::1 IFACE=enp24s0
Sun Apr 14 16:23:04 2019 us=768353 TUN/TAP device tun0 opened
Sun Apr 14 16:23:04 2019 us=768392 TUN/TAP TX queue length set to 100
Sun Apr 14 16:23:04 2019 us=768409 do_ifconfig, tt->did_ifconfig_ipv6_setup=1
Sun Apr 14 16:23:04 2019 us=768423 /sbin/ip link set dev tun0 up mtu 1500
Sun Apr 14 16:23:04 2019 us=770294 /sbin/ip addr add dev tun0 10.3.3.34/24 broadcast 10.3.3.255
Sun Apr 14 16:23:04 2019 us=772886 /sbin/ip -6 addr add fdbf:1d37:bbe0:0:48:11:0:22/112 dev tun0
RTNETLINK answers: Permission denied
Sun Apr 14 16:23:04 2019 us=773972 Linux ip -6 addr add failed: external program exited with error status: 2
Sun Apr 14 16:23:04 2019 us=774019 Exiting due to fatal error

 

[SnakeFFM]

ich habe es eben auch mal über https://www.vpnbook.com/ versucht und dort den FR Server getestet (dann war ich zwar in der Türkei, aber gut...) darüber konnte ich über openvpn eine Verbindung herstellen.

Wäre klasse, wenn jemand weiter weiß...

 

[SnakeFFM]

Okay, ich habe keine Ahnung, weshalb es auf einmal nicht mehr ging. Schien irgendeine falsche Konfiguration mit ipv6 gehabt zu haben. Nach dem Befehl ging es wieder.

echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6