On 09/14/2018 03:25 PM, [email protected] wrote:
Thank you Anac and Chris, appreciate your suggestions:
You said that Tor was running. When combining Tor with VPN, the VPN's
connection type should be TCP, not UDP. Did you check that?
I did check this...opened the connection to Any/Any but this didn't seem to be
the issue. I also eliminated TOR for testing and connected directly to the
sys-net(to also eliminate any sys-firewall potential issues)
Before you go through the trouble of a whole reinstall, you could try
setting your VPN VM to use Fedora 28 instead to see if it works. You can
also perform a reinstall of the Debian template.
I tried with fedora-28 but also had the same TLS connection error. I ran the
tests in step 3 as suggested and recieved the following errors with both the
Debian and Fedora setup:
Fri Sep 14 10:30:53 2018 OpenVPN 2.4.0 x86_64-pc-linux-gnu [SSL (OpenSSL)]
[LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 18 2017
Fri Sep 14 10:30:53 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.08
Enter Auth Username: My user name
Enter Auth Password: **************
Fri Sep 14 10:32:34 2018 TCP/UDP: Preserving recently used remote address:
[AF_INET]208.167.254.76:1198
Fri Sep 14 10:32:34 2018 Socket Buffers: R=[212992->212992] S=[212992->212992]
Fri Sep 14 10:32:34 2018 UDP link local: (not bound)
Fri Sep 14 10:32:34 2018 UDP link remote: [AF_INET]208.x.x.x:port xx
Fri Sep 14 10:32:34 2018 write UDP: Operation not permitted (code=1)
Fri Sep 14 10:32:36 2018 write UDP: Operation not permitted (code=1)
Fri Sep 14 10:32:40 2018 write UDP: Operation not permitted (code=1)
Fri Sep 14 10:32:48 2018 write UDP: Operation not permitted (code=1)
Fri Sep 14 10:33:04 2018 write UDP: Operation not permitted (code=1)
Fri Sep 14 10:33:34 2018 TLS Error: TLS key negotiation failed to occur within
60 seconds (check your network connectivity)
Fri Sep 14 10:33:34 2018 TLS Error: TLS handshake failed
Fri Sep 14 10:33:34 2018 SIGUSR1[soft,tls-error] received, process restarting
Fri Sep 14 10:33:34 2018 Restart pause, 5 second(s)
Definitely strange considering it was working great for a few months...the good
news is the kill switch functionality with this solution worked.
Any insight with the errors I recieved? If not I think a reinstall is my best
course...
You would normally get operation not permitted if the internal firewall
script is in effect, which is why this step comes before any scripts are
added (i.e. its performed in a fresh VM).
You can either disable the firewall script in
/rw/config/qubes-firewall.d and reboot, or try the test in a new VM
connected to sys-net.
--
Chris Laprise, [email protected]
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/a48bdd20-e74d-20ea-ac6d-003ce44a4957%40posteo.net.
For more options, visit https://groups.google.com/d/optout.
