Impostor VPNC says it works, but doesn't

Leviathan42 · 10-25-2021, 04:26 AM

Hi everyone

After activating my VPN in the system tray (KDE) it reports VPN is activated, as if everything was working correctly, but when I check websites like whatismyip.com, it shows my own IP address and not the one of my VPN.

smallpond · 10-25-2021, 09:57 AM

What is the output of

Code:

ip route show

computersavvy · 10-25-2021, 10:37 AM

Also show us the output of "ip a s" so we can see the network config. It should show the vpn tunnel.

Leviathan42 · 10-25-2021, 03:47 PM

Quote:

Originally Posted by smallpond

What is the output of

Code:

ip route show

Code:

default via 192.168.1.1 dev enp3s0 proto dhcp src 192.168.1.203 metric 10 
default dev tun0 proto static scope link metric 50 
default via 192.168.1.1 dev enp3s0 proto dhcp metric 100 
10.5.208.0/20 dev tun0 proto kernel scope link src 10.5.215.209 metric 50 
129.132.99.164 via 192.168.1.1 dev enp3s0 proto static metric 100 
192.168.1.0/24 dev enp3s0 proto kernel scope link src 192.168.1.204 metric 100 
192.168.1.1 dev enp3s0 proto dhcp scope link src 192.168.1.203 metric 10 
192.168.1.1 dev enp3s0 proto static scope link metric 100

Quote:

Originally Posted by computersavvy

Also show us the output of "ip a s" so we can see the network config. It should show the vpn tunnel.

Code:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 8c:89:a5:0c:5c:fe brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.204/24 brd 192.168.1.255 scope global dynamic noprefixroute enp3s0
       valid_lft 2795sec preferred_lft 2795sec
    inet 192.168.1.203/24 brd 192.168.1.255 scope global secondary dynamic enp3s0
       valid_lft 2796sec preferred_lft 2796sec
    inet6 fe80::e5f9:a670:5185:5d36/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: wlp4s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 2e:d0:a0:e7:c3:80 brd ff:ff:ff:ff:ff:ff permaddr 0c:84:dc:03:ae:53
4: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1412 qdisc fq_codel state UNKNOWN group default qlen 500
    link/none 
    inet 10.5.215.209/20 brd 10.5.223.255 scope global noprefixroute tun0
       valid_lft forever preferred_lft forever
    inet6 fe80::c8bb:e362:7e28:29bc/64 scope link stable-privacy 
       valid_lft forever preferred_lft forever

smallpond · 10-28-2021, 03:47 PM

I'm confused why your interface has two IP addresses + the tun0 vpn address. In any case, the gateway on the vpn is not being set as your default route, so all of your traffic is going through the local gateway 192.168.1.1.

computersavvy · 10-28-2021, 04:00 PM

As @smallpond says, the default route does not get properly changed to the vpn, so all traffic other than to the 10.5.208.0/20 subnet is routed via the 192.168.1.1 router.

I actually see what appears to be 3 default routes. 2 are via the 192.168.1.1 address, but this is the interfering one with the metric 10

Code:

default via 192.168.1.1 dev enp3s0 proto dhcp src 192.168.1.203 metric 10

Leviathan42 · 10-28-2021, 04:37 PM

and what's the fix?

smallpond · 10-29-2021, 08:55 AM

How are you connecting to the VPN? Normally the VPN configuration should push a default route to your network. What VPN service are you using?

computersavvy · 10-29-2021, 09:43 AM

Quote:

Originally Posted by smallpond

How are you connecting to the VPN? Normally the VPN configuration should push a default route to your network. What VPN service are you using?

I don't exactly know the permanent fix. His vpn did push the default route with metric 50 and the fallback default route is his gateway with metric 100. However the interfering one is the route with his gateway at metric 10.

On my system I will show the routing before I start the vpn, then after it is up, and you can see it was routed properly. His is different.

Code:

No VPN

$ ip r
default via 192.168.2.1 dev wlp4s0 proto dhcp metric 600 
192.168.2.0/24 dev wlp4s0 proto kernel scope link src 192.168.2.111 metric 600 
192.168.124.0/24 dev virbr0 proto kernel scope link src 192.168.124.1 linkdown 

VPN connection established.

ip r
0.0.0.0/1 via 10.13.4.1 dev tun0 
default via 192.168.2.1 dev wlp4s0 proto dhcp metric 600 
10.13.4.0/24 dev tun0 proto kernel scope link src 10.13.4.222 
89.187.175.238 via 192.168.2.1 dev wlp4s0 
128.0.0.0/1 via 10.13.4.1 dev tun0 
192.168.2.0/24 dev wlp4s0 proto kernel scope link src 192.168.2.111 metric 600 
192.168.124.0/24 dev virbr0 proto kernel scope link src 192.168.124.1 linkdown

computersavvy · 10-29-2021, 09:44 AM

Quote:

Originally Posted by Leviathan42

and what's the fix?

We need more info.
Please disconnect the VPN, reboot, then post the results of "ip route" with no active vpn.

Following that then bring up the VPN and again post the results of "ip route" so we can see the exact routing table changes as the result of starting the VPN.

Both can be done in a single post, just 2 entries so we can see the differences.

Leviathan42 · 10-29-2021, 03:27 PM

VPN disabled:

Code:

default via 192.168.1.1 dev enp3s0 proto dhcp src 192.168.1.203 metric 10 
default via 192.168.1.1 dev enp3s0 proto dhcp metric 100 
192.168.1.0/24 dev enp3s0 proto kernel scope link src 192.168.1.204 metric 100 
192.168.1.1 dev enp3s0 proto dhcp scope link src 192.168.1.203 metric 10

VPN enabled:

Code:

default via 192.168.1.1 dev enp3s0 proto dhcp src 192.168.1.203 metric 10 
default dev tun0 proto static scope link metric 50 
default via 192.168.1.1 dev enp3s0 proto dhcp metric 100 
10.5.208.0/20 dev tun0 proto kernel scope link src 10.5.210.16 metric 50 
129.132.99.164 via 192.168.1.1 dev enp3s0 proto static metric 100 
192.168.1.0/24 dev enp3s0 proto kernel scope link src 192.168.1.204 metric 100 
192.168.1.1 dev enp3s0 proto dhcp scope link src 192.168.1.203 metric 10 
192.168.1.1 dev enp3s0 proto static scope link metric 100

computersavvy · 10-29-2021, 04:20 PM

The issue then is that you have 2 default route entries at boot and has nothing to do with the VPN,

Have you by chance manually entered a default route anywhere?
Have you manually configured a network interface address?
Do you have the machine set with a reserved dhcp address in your router?

The suspicious entries I see are these from both the above outputs.

Code:

default via 192.168.1.1 dev enp3s0 proto dhcp src 192.168.1.203 metric 10
192.168.1.1 dev enp3s0 proto dhcp scope link src 192.168.1.203 metric 10

MMMMMMM -- On second thought, you have 2 different IPs assigned to that interface, with .204 as the primary and .203 as the secondary. I would wager that if you get rid of the .204 address then things will work better.

Code:

    inet 192.168.1.204/24 brd 192.168.1.255 scope global dynamic noprefixroute enp3s0
       valid_lft 2795sec preferred_lft 2795sec
    inet 192.168.1.203/24 brd 192.168.1.255 scope global secondary dynamic enp3s0
       valid_lft 2796sec preferred_lft 2796sec

Leviathan42 · 10-30-2021, 03:08 AM

With full confidence I can answer all your questions with "No", as I lack the knowledge how to do any of those things

michaelk · 10-30-2021, 04:11 AM

Try:
ip route del 192.168.1.203

The problem is the secondary IP address/route has a metric of 10 which is lower then the metric for the VPN which is 50.

I assume you don't know how the second route was created?

Leviathan42 · 10-30-2021, 05:30 AM

Quote:

Originally Posted by michaelk

Try:
ip route del 192.168.1.203

Code:

RTNETLINK answers: No such process

Quote:

Originally Posted by michaelk

I assume you don't know how the second route was created?

absolutely true