Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
new to VPN. need help[solved]
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
deathraccoon
Tux's lil' helper
Tux's lil' helper


Joined: 27 Jan 2015
Posts: 90

PostPosted: Wed Feb 25, 2015 7:41 am    Post subject: new to VPN. need help[solved] Reply with quote

I recently began to use a VPN service. I use openvpn protocol and networkmanager. ifconfig shows the interface as being up:

Code:
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.0.7  netmask 255.255.255.0  broadcast 10.0.0.255
        inet6 fe80::468a:5bff:fe8f:f9aa  prefixlen 64  scopeid 0x20<link>
        inet6 2601:c:3680:49a:468a:5bff:fe8f:f9aa  prefixlen 128  scopeid 0x0<global>
        ether 44:8a:5b:8f:f9:aa  txqueuelen 1000  (Ethernet)
        RX packets 561742  bytes 290426124 (276.9 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1606960  bytes 2145230092 (1.9 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 15726  bytes 3485957 (3.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 15726  bytes 3485957 (3.3 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 172.16.144.6  netmask 255.255.255.255  destination 172.16.144.5
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 100  (UNSPEC)
        RX packets 1551  bytes 333883 (326.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1564  bytes 104300 (101.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlan0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        ether 00:c0:ca:82:20:04  txqueuelen 1000  (Ethernet)
        RX packets 323  bytes 60473 (59.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 363  bytes 62235 (60.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


and I am able to access the web. however, I had doubts as to whether my traffic was being routed over the VPN and I thought to test it with ping

Code:
sudo ping -I tun0 www.google.com
PING google.com (173.194.32.193) from 172.16.144.6 tun0: 56(84) bytes of data.
^C
--- google.com ping statistics ---
24 packets transmitted, 0 received, 100% packet loss, time 23020ms


using traceroute--

Code:
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  10.0.0.1 (10.0.0.1)  0.638 ms  1.074 ms  1.400 ms
 2  73.195.144.1 (73.195.144.1)  24.056 ms  25.008 ms  32.833 ms
 3  te-8-2-ur01.salem.nj.panjde.comcast.net (68.85.76.133)  16.233 ms  16.449 ms  17.934 ms
 4  68.86.209.61 (68.86.209.61)  27.993 ms  28.689 ms  59.686 ms
 5  ae10.edge2.Newark1.Level3.net (4.68.71.125)  40.101 ms  39.189 ms  40.374 ms
 6  ae-4-90.edge3.Washington4.Level3.net (4.69.149.210)  34.177 ms ae-2-70.edge3.Washington4.Level3.net (4.69.149.82)  23.139 ms  23.321 ms
 7  ae-1-60.edge3.Washington4.Level3.net (4.69.149.18)  30.842 ms ae-3-80.edge3.Washington4.Level3.net (4.69.149.146)  31.776 ms ae-1-60.edge3.Washington4.Level3.net (4.69.149.18)  32.071 ms
 8  72.14.203.128 (72.14.203.128)  33.268 ms  33.508 ms  33.727 ms
 9  216.239.46.185 (216.239.46.185)  34.623 ms 209.85.255.7 (209.85.255.7)  34.089 ms 209.85.255.3 (209.85.255.3)  35.910 ms
10  216.239.50.223 (216.239.50.223)  35.553 ms 209.85.142.5 (209.85.142.5)  35.299 ms 209.85.254.215 (209.85.254.215)  35.019 ms
11  google-public-dns-a.google.com (8.8.8.8)  34.338 ms  39.451 ms  26.079 ms


but using tun0, I get--

Code:
sudo traceroute -i tun0 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  172.16.110.1 (172.16.110.1)  129.084 ms  129.897 ms  131.326 ms
 2  * * *
 3  * * *
 4  * * *
 5  * * *
 6  * * *
 7  * * *
 8  * * *
 9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *


how do I enable traffic over the interface?



am I enterpreting that correctly? did none of the packets transmit via tun0?


Last edited by deathraccoon on Sat Feb 28, 2015 3:39 am; edited 1 time in total
Back to top
View user's profile Send private message
deathraccoon
Tux's lil' helper
Tux's lil' helper


Joined: 27 Jan 2015
Posts: 90

PostPosted: Sat Feb 28, 2015 3:38 am    Post subject: Reply with quote

solved. I placed OpenDNS nameservers in resolv.conf.
Back to top
View user's profile Send private message
BlueFusion
Guru
Guru


Joined: 08 Mar 2006
Posts: 371

PostPosted: Sat Feb 28, 2015 3:42 am    Post subject: Reply with quote

I went one step further and use iptables to deny any outbound traffic through the WAN unless it's through the VPN tunnel. This protects against data being transmitted if the tunnel goes down.
Back to top
View user's profile Send private message
deathraccoon
Tux's lil' helper
Tux's lil' helper


Joined: 27 Jan 2015
Posts: 90

PostPosted: Sat Mar 07, 2015 5:25 am    Post subject: Reply with quote

indeed. that was my next step.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum