Как ни странно, мне кажется, что я могу успешно подключиться к VPN, но тогда все запросы просто тайм-аут (все было хорошо в 14.04 перед обновлением)
NetworkManager[26605]: <info> [1475104045.6096] audit: op="connection-activate" uuid="f3e592de-b14e-4775-8950-cdedac3b5a28" name="AirVPN_United-Kingdom_UDP-443" pid=2156 uid=1000 result="success"
NetworkManager[26605]: <info> [1475104045.6166] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",0]: Started the VPN service, PID 4493
NetworkManager[26605]: <info> [1475104045.6237] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",0]: Saw the service appear; activating connection
NetworkManager[26605]: nm-openvpn-Message: openvpn[4496] started
NetworkManager[26605]: <info> [1475104045.6310] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",0]: VPN plugin: state changed: starting (3)
NetworkManager[26605]: <info> [1475104045.6313] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",0]: VPN connection: (ConnectInteractive) reply received
nm-openvpn[4496]: OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Feb 2 2016
nm-openvpn[4496]: library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08
nm-openvpn[4496]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
nm-openvpn[4496]: Control Channel Authentication: using '/home/lee/.cert/nm-openvpn/AirVPN_United-Kingdom_UDP-443-tls-auth.pem' as a OpenVPN static key file
nm-openvpn[4496]: NOTE: chroot will be delayed because of --client, --pull, or --up-delay
nm-openvpn[4496]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
nm-openvpn[4496]: UDPv4 link local: [undef]
nm-openvpn[4496]: UDPv4 link remote: [AF_INET]185.103.96.133:443
nm-openvpn[4496]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1557', remote='link-mtu 1558'
nm-openvpn[4496]: WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
nm-openvpn[4496]: [server] Peer Connection Initiated with [AF_INET]185.103.96.133:443
nm-openvpn[4496]: TUN/TAP device tun0 opened
nm-openvpn[4496]: /usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper --bus-name org.freedesktop.NetworkManager.openvpn.Connection_5 --tun -- tun0 1500 1557 10.4.9.184 255.255.0.0 init
NetworkManager[26605]: <info> [1475104048.1017] manager: (tun0): new Tun device (/org/freedesktop/NetworkManager/Devices/5)
NetworkManager[26605]: <info> [1475104048.1177] devices added (path: /sys/devices/virtual/net/tun0, iface: tun0)
NetworkManager[26605]: <info> [1475104048.1178] device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found.
NetworkManager[26605]: <info> [1475104048.1261] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",0]: VPN connection: (IP Config Get) reply received.
nm-openvpn[4496]: chroot to '/var/lib/openvpn/chroot' and cd to '/' succeeded
nm-openvpn[4496]: GID set to nm-openvpn
NetworkManager[26605]: <info> [1475104048.1346] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",7:(tun0)]: VPN connection: (IP4 Config Get) reply received
nm-openvpn[4496]: UID set to nm-openvpn
NetworkManager[26605]: <info> [1475104048.1359] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",7:(tun0)]: Data: VPN Gateway: 185.103.96.133
nm-openvpn[4496]: Initialization Sequence Completed
NetworkManager[26605]: <info> [1475104048.1359] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",7:(tun0)]: Data: Tunnel Device: tun0
NetworkManager[26605]: <info> [1475104048.1359] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",7:(tun0)]: Data: IPv4 configuration:
NetworkManager[26605]: <info> [1475104048.1360] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",7:(tun0)]: Data: Internal Gateway: 10.4.0.1
NetworkManager[26605]: <info> [1475104048.1360] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",7:(tun0)]: Data: Internal Address: 10.4.9.184
NetworkManager[26605]: <info> [1475104048.1360] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",7:(tun0)]: Data: Internal Prefix: 16
NetworkManager[26605]: <info> [1475104048.1361] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",7:(tun0)]: Data: Internal Point-to-Point Address: 10.4.9.184
NetworkManager[26605]: <info> [1475104048.1361] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",7:(tun0)]: Data: Maximum Segment Size (MSS): 0
NetworkManager[26605]: <info> [1475104048.1361] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",7:(tun0)]: Data: Forbid Default Route: no
NetworkManager[26605]: <info> [1475104048.1361] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",7:(tun0)]: Data: Internal DNS: 10.4.0.1
NetworkManager[26605]: <info> [1475104048.1362] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",7:(tun0)]: Data: DNS Domain: '(none)'
NetworkManager[26605]: <info> [1475104048.1362] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",7:(tun0)]: Data: No IPv6 configuration
NetworkManager[26605]: <info> [1475104048.1362] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",7:(tun0)]: VPN plugin: state changed: started (4)
NetworkManager[26605]: <info> [1475104048.1387] vpn-connection[0x19f55c0,f3e592de-b14e-4775-8950-cdedac3b5a28,"AirVPN_United-Kingdom_UDP-443",7:(tun0)]: VPN connection: (IP Config Get) complete
NetworkManager[26605]: <info> [1475104048.1392] device (tun0): state change: unmanaged -> unavailable (reason 'connection-assumed') [10 20 41]
NetworkManager[26605]: <info> [1475104048.1500] manager: NetworkManager state is now CONNECTED_LOCAL
NetworkManager[26605]: <info> [1475104048.1502] manager: NetworkManager state is now CONNECTED_GLOBAL
NetworkManager[26605]: <info> [1475104048.1505] dns-mgr: Writing DNS information to /sbin/resolvconf
dnsmasq[26678]: setting upstream servers from DBus
dnsmasq[26678]: using nameserver 10.4.0.1#53
dbus[804]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service'
NetworkManager[26605]: <info> [1475104048.1769] keyfile: add connection in-memory (40a6043d-7871-4195-8e3e-d7ea59e00877,"tun0")
NetworkManager[26605]: <info> [1475104048.1786] device (tun0): state change: unavailable -> disconnected (reason 'connection-assumed') [20 30 41]
NetworkManager[26605]: <info> [1475104048.1852] device (tun0): Activation: starting connection 'tun0' (40a6043d-7871-4195-8e3e-d7ea59e00877)
NetworkManager[26605]: <info> [1475104048.1890] device (tun0): state change: disconnected -> prepare (reason 'none') [30 40 0]
NetworkManager[26605]: <info> [1475104048.1894] device (tun0): state change: prepare -> config (reason 'none') [40 50 0]
NetworkManager[26605]: <info> [1475104048.1897] device (tun0): state change: config -> ip-config (reason 'none') [50 70 0]
NetworkManager[26605]: <info> [1475104048.1901] device (tun0): state change: ip-config -> ip-check (reason 'none') [70 80 0]
NetworkManager[26605]: <info> [1475104048.1904] device (tun0): state change: ip-check -> secondaries (reason 'none') [80 90 0]
NetworkManager[26605]: <info> [1475104048.1907] device (tun0): state change: secondaries -> activated (reason 'none') [90 100 0]
NetworkManager[26605]: <info> [1475104048.1935] manager: NetworkManager state is now CONNECTED_LOCAL
NetworkManager[26605]: <info> [1475104048.1936] manager: NetworkManager state is now CONNECTED_GLOBAL
NetworkManager[26605]: <info> [1475104048.1937] policy: set 'tun0' (tun0) as default for IPv4 routing and DNS
NetworkManager[26605]: <info> [1475104048.1938] device (tun0): Activation: successful, device activated.
systemd[1]: Starting Network Manager Script Dispatcher Service...
dbus[804]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
systemd[1]: Started Network Manager Script Dispatcher Service.
nm-dispatcher: req:1 'vpn-up' [tun0]: new request (2 scripts)
nm-dispatcher: req:1 'vpn-up' [tun0]: start running ordered scripts...
nm-dispatcher: req:2 'up' [tun0]: new request (2 scripts)
wpa_supplicant[1266]: wlp4s0: Failed to initiate sched scan
nm-openvpn[4496]: write to TUN/TAP : Invalid argument (code=22)
nm-dispatcher: req:2 'up' [tun0]: start running ordered scripts...
whoopsie[881]: [] Cannot reach: https://daisy.ubuntu.com
whoopsie[881]: [] offline
whoopsie[881]: [] The default IPv4 route is: /org/freedesktop/NetworkManager/ActiveConnection/6
whoopsie[881]: [] Network connection may be a paid data plan: /org/freedesktop/NetworkManager/Devices/5
whoopsie[881]: [] The default IPv4 route is: /org/freedesktop/NetworkManager/ActiveConnection/6
whoopsie[881]: [] Network connection may be a paid data plan: /org/freedesktop/NetworkManager/Devices/5
nm-openvpn[4496]: write to TUN/TAP : Invalid argument (code=22)
Это AirVPN vpn, и файл ovpn был сгенерирован с помощью их генератора конфигурации для Linux, выбрав Великобританию и UDP (та же конфигурация отлично работает на моем телефоне Android openvpn). Я попытался с рабочим файлом VPN ovpn, и это была похожая история.
Я уже установил network-manager-openvpn
и network-manager-openvpn-gnome
Также ifconfig показывает:
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.4.16.251 P-t-P:10.4.16.251 Mask:255.255.0.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:35 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:1860 (1.8 KB)
iptables покраснел:
[ root@myhostname: /home/lee ]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
маршрут -n (без VPN):
[ root@myhostname: ~ ]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 100 0 0 enp3s0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 enp3s0
192.168.0.0 0.0.0.0 255.255.255.0 U 100 0 0 enp3s0
маршрут -n (с VPN):
[ root@myhostname: ~ ]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.4.0.1 0.0.0.0 UG 50 0 0 tun0
0.0.0.0 192.168.0.1 0.0.0.0 UG 100 0 0 enp3s0
10.4.0.0 0.0.0.0 255.255.0.0 U 50 0 0 tun0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 enp3s0
185.103.96.130 192.168.0.1 255.255.255.255 UGH 100 0 0 enp3s0
192.168.0.0 0.0.0.0 255.255.255.0 U 100 0 0 enp3s0
AirVPN ovpn выглядит как (я удалил на crts и ключи в конце):
# --------------------------------------------------------
# Air VPN | https://airvpn.org | Wednesday 28th of September 2016 11:02:52 PM
# OpenVPN Client Configuration.
# AirVPN_United-Kingdom_UDP-443
# --------------------------------------------------------
client
dev tun
proto udp
remote gb.vpn.airdns.org 443
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
route-delay 5
verb 3
explicit-exit-notify 5
РЕДАКТИРОВАТЬ: я обнаружил, что если я изменю конфигурацию, чтобы comp-lzo
был включен (или использовать сжатие данных LZO в настройках Network Manager), вещи работают.Я не уверен точно, почему это была проблема, и почему этот отход от настроек AirVPN автоматически сгенерирован 16.04.