LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 12-31-2015, 08:48 AM   #1
taylorkh
Senior Member
 
Registered: Jul 2006
Location: North Carolina
Distribution: CentOS 6, CentOS 7 (with Mate), Ubuntu 16.04 Mate
Posts: 2,127

Rep: Reputation: 174Reputation: 174
vpn - when it dies I want Internet connectivity to STAY dead.


I have been playing with a vpn service which I get as a freebee with my Usenet service. I have it configured on an Ubuntu Mate 15.10 PC using network-manager-openvpn. It works well and I can make believe I am in Chicago or Zurich or wherever. Nice to keep google maps from tracking me if I am looking up a doctor's office. However...

As a test I was downloading a Linux iso file using a torrent and Transmission. The VPN dropped out or openvpn crashed I am not sure. When I looked in on the PC (remove access with vncserver) I observed that the VPN lock icon was gone and the PC was again directly connected to the Internet. Transmission had finished downloading the iso file.

In this case it was of no consequence. However, as a VPN is supposed to provide some degree of privacy... If I had been downloading something naughty and the VPN dropped out and I was reconnected with my true IP address

The question is... can openvpn be configured to keep the connection down in the event of a failure? or to reconnect the VPN rather than a clear connection?

TIA,

Ken
 
Old 12-31-2015, 02:36 PM   #2
nini09
Senior Member
 
Registered: Apr 2009
Posts: 1,850

Rep: Reputation: 161Reputation: 161
How do you configure routing? If no route entry for plain network, traffic should stop after VPN is down.
 
Old 01-01-2016, 08:42 AM   #3
taylorkh
Senior Member
 
Registered: Jul 2006
Location: North Carolina
Distribution: CentOS 6, CentOS 7 (with Mate), Ubuntu 16.04 Mate
Posts: 2,127

Original Poster
Rep: Reputation: 174Reputation: 174
Thanks nini09 and Happy New Year!

The PC in question obtains a reserved, not-routable IP address (192.168.0.116) from my router for use on the LAN. The router obtains an Internet IP address from my ISP. The VPN software is installed on the PC and configured using network-manager-openvpn. As I understand the operation... Open VPN establishes an encrypted tunnel to the VPN provider's server in say Amsterdam and from there access the Internet. If I access a site such as whatismyip the PC has an IP address which corresponds to Amsterdam. If I close the VPN, again using the network manager, the PC will again appear to have the IP address of my router - in North Carolina. The same seems to happen if the VPN crashes.

Perhaps this configuration is too simple to do what I want. I need the LAN address to be able to access the PC as I run it headless. If I block the PC by MAC address with my router (not sure it has that capability) I think that would prevent if from creating the tunnel.

It looks like I would need to run the VPN at the router level so if it died the connection would be dead. However, I had played with DD-WRT on a little Netgear router but it did not have the horsepower to handle large file downloads. The CPU would peg and the download speed was only about a third of what my DSL connection normally provides. Perhaps I need to add a second NIC and try to run the PC as a router. That is on my to-do list - somewhere down the list at the moment.

I guess I just should not download anything naughty

Ken
 
Old 01-05-2016, 02:47 PM   #4
nini09
Senior Member
 
Registered: Apr 2009
Posts: 1,850

Rep: Reputation: 161Reputation: 161
Openvpn should support interface-mode IPSec. You can simple change interface of default route to IPSec interface. Then traffic should stop when IPSec interface is down or crash.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
JAVA wont stay DEAD after I KILL -9 it thealmightyos Linux - Software 4 12-05-2013 08:43 PM
Crond dies often and enters into dead state Prabagaran Linux - Server 2 05-17-2011 04:02 AM
Lose Internet Connectivity When VPN'ing via PPTP Temujin_12 Linux - Networking 9 10-17-2010 03:26 AM
x server dies...dies...dead! aquaboot Linux - Software 2 08-28-2005 11:54 AM
Squid:2nd Browser access Internet SPEED dead becomes dead slow mwj Linux - Software 1 10-04-2003 01:40 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 12:27 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration