IPSEC stalls out randomly, on just abut whatever page, youtube, google, anything and no traffic seems to go through. Firefox and Opera give a "no internet connection" and I have to restart "sudo ipsec restart, etc"

It happens on every server Ive tried (few dozen) with Nord VPN and has never happened before a week or two ago. I dont think the update to 17.10 has affected this but can not verify. The VPN works for a while and then just stops. NO same time or page, just seems to happen whenever.

DNS servers that would seem to change every time this would happen were not recorded since I copeied and pasted them into here and didnt save it, apparently the post did not work correctly and I dont have the IP's of the old DNS servers but they were none I have ever seen before. Just random IP's, not google (8.8.8.8, etc) or OpenDNS servers. Just random IP's, and it was every time it seemed to stall out the DNS servers would change.


Log below:

16:11:20 dbus-daemon: Successfully activated service 'org.gnome.Logs'
16:11:11 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
16:10:23 opera: [0118/161023.084932:ERROR:service_manager.cc(157)] Connection InterfaceProviderSpec prevented service: content_renderer from binding interface: blink::mojom::ReportingServiceProxy exposed by: content_browser
16:10:17 sudo: pam_unix(sudo:session): session closed for user root
16:09:10 kernel: audit: type=1400 audit(1516316950.827:81): apparmor="DENIED" operation="open" profile="/usr/lib/ipsec/charon" name="/run/systemd/resolve/stub-resolv.conf" pid=12970 comm="charon" requested_mask="wc" denied_mask="wc" fsuid=0 ouid=102
16:09:10 kernel: pam_unix(sudo:session): session closed for user root
16:09:10 charon: 09[IKE] peer supports MOBIKE
16:09:10 avahi-daemon: Registering new address record for 10.6.6.168 on enp4s0f1.IPv4.
16:09:10 charon: 09[IKE] installing new virtual IP 10.6.6.168
16:09:06 whoopsie: [16:09:06] online
16:09:05 nm-dispatcher: req:4 'connectivity-change': start running ordered scripts...
16:09:04 opera: [0118/160904.887508:ERROR:service_manager.cc(157)] Connection InterfaceProviderSpec prevented service: content_renderer from binding interface: blink::mojom::ReportingServiceProxy exposed by: content_browser
16:09:04 nm-dispatcher: postconf: fatal: open /etc/postfix/main.cf: No such file or directory
16:09:03 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
16:09:03 whoopsie: [16:09:03] Cannot reach: https://daisy.ubuntu.com
16:09:03 systemd-resolve: Using degraded feature set (TCP) for DNS server 205.171.3.25.
16:09:01 charon: 10[NET] sending packet: from 192.168.0.2[500] to 176.53.23.254[500] (1504 bytes)
16:09:01 systemd-resolve: Using degraded feature set (UDP) for DNS server 192.168.0.1.
16:08:57 charon: 07[NET] sending packet: from 192.168.0.2[500] to 176.53.23.254[500] (1504 bytes)
16:08:57 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
16:08:57 systemd-resolve: Using degraded feature set (TCP) for DNS server 192.168.0.1.
16:08:55 nm-dispatcher: req:4 'connectivity-change': new request (1 scripts)
16:08:55 systemd-resolve: Using degraded feature set (UDP) for DNS server 205.171.3.25.
16:08:54 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC= SRC=192.168.0.2 DST=224.0.0.252 LEN=51 TOS=0x00 PREC=0x00 TTL=255 ID=41354 PROTO=UDP SPT=5355 DPT=5355 LEN=31
16:08:53 nm-dispatcher: postconf: fatal: open /etc/postfix/main.cf: No such file or directory
16:08:52 systemd-resolve: Using degraded feature set (TCP) for DNS server 205.171.3.25.
16:08:49 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC= SRC=192.168.0.2 DST=224.0.0.252 LEN=51 TOS=0x00 PREC=0x00 TTL=255 ID=40020 PROTO=UDP SPT=5355 DPT=5355 LEN=31
16:08:49 systemd-resolve: Using degraded feature set (TCP) for DNS server 192.168.0.1.
16:08:48 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC= SRC=192.168.0.2 DST=224.0.0.252 LEN=51 TOS=0x00 PREC=0x00 TTL=255 ID=39983 PROTO=UDP SPT=5355 DPT=5355 LEN=31
16:08:47 systemd-resolve: Using degraded feature set (UDP) for DNS server 205.171.3.25.
16:08:44 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC= SRC=fe80:0000:0000:0000:82fa:5bff:fe1a:f873 DST=ff02:0000:0000:0000:0000:0000:0001:0003 LEN=71 TC=0 HOPLIMIT=255 FLOWLBL=518280 PROTO=UDP SPT=5355 DPT=5355 LEN=31
16:08:43 whoopsie: [16:08:43] Found usable connection: /org/freedesktop/NetworkManager/ActiveConnection/3
16:08:43 gsd-sharing: Failed to StopUnit service: GDBus.Errorrg.freedesktop.systemd1.NoSuchUnit: Unit vino-server.service not loaded.
16:08:43 nm-dispatcher: req:3 'up' [enp4s0f1]: start running ordered scripts...
16:08:43 NetworkManager: <info> [1516316923.4003] device (enp4s0f1): Activation: successful, device activated.
16:08:43 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC= SRC=192.168.0.2 DST=224.0.0.252 LEN=50 TOS=0x00 PREC=0x00 TTL=255 ID=39197 PROTO=UDP SPT=5355 DPT=5355 LEN=30
16:08:43 dhclient: bound to 192.168.0.2 -- renewal in 38180 seconds.
16:08:43 whoopsie: [16:08:43] Cannot reach: https://daisy.ubuntu.com
16:08:43 NetworkManager: <info> [1516316923.2800] manager: NetworkManager state is now CONNECTED_LOCAL
16:08:43 avahi-daemon: Registering new address record for 192.168.0.2 on enp4s0f1.IPv4.
16:08:43 NetworkManager: <info> [1516316923.2761] dhcp4 (enp4s0f1): state changed unknown -> bound
16:08:43 avahi-daemon: Joining mDNS multicast group on interface enp4s0f1.IPv4 with address 192.168.0.2.
16:08:43 NetworkManager: <info> [1516316923.2761] dhcp4 (enp4s0f1): domain name 'Home'
16:08:43 charon: 01[KNL] 192.168.0.2 appeared on enp4s0f1
16:08:43 NetworkManager: <info> [1516316923.2761] dhcp4 (enp4s0f1): nameserver '192.168.0.1'
16:08:43 dhclient: DHCPACK of 192.168.0.2 from 192.168.0.1
16:08:41 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC= SRC=fe80:0000:0000:0000:82fa:5bff:fe1a:f873 DST=ff02:0000:0000:0000:0000:0000:0001:0003 LEN=70 TC=0 HOPLIMIT=255 FLOWLBL=518280 PROTO=UDP SPT=5355 DPT=5355 LEN=30
16:08:41 avahi-daemon: Registering new address record for fe80::82fa:5bff:fe1a:f873 on enp4s0f1.*.
16:08:41 charon: 06[KNL] fe80::82fa:5bff:fe1a:f873 appeared on enp4s0f1
16:08:41 avahi-daemon: Joining mDNS multicast group on interface enp4s0f1.IPv6 with address fe80::82fa:5bff:fe1a:f873.
16:08:40 dhclient: DHCPREQUEST of 192.168.0.2 on enp4s0f1 to 255.255.255.255 port 67 (xid=0x2071d22c)

Update:

It happened again, here is a snip of the logs, it seems UFW blocked something from my router default gateway:

14:30:48 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2


right before the VPN connection stops working. I saw in there "Speed Dial" page is getting worked around for causing problems and I think Opera may be the problem here, but would like someone to confirm if you can from these logs alone:

PS: I took Speed Dial off Opera just a second ago and will report back with the status...

14:37:04 nm-dispatcher: req:1 'connectivity-change': start running ordered scripts...
14:37:04 nm-dispatcher: req:1 'connectivity-change': start running ordered scripts...
14:37:04 nm-dispatcher: req:1 'connectivity-change': new request (1 scripts)
14:37:04 systemd: Started Network Manager Script Dispatcher Service.
14:37:04 dbus-daemon: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
14:37:04 systemd: Starting Network Manager Script Dispatcher Service...
14:37:04 dbus-daemon: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service'
14:37:03 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:37:03 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:34:58 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:32:53 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:32:11 sudo: pam_unix(sudo:session): session closed for user root
14:32:11 sudo: pam_unix(sudo:session): session closed for user root
14:32:11 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
14:32:11 sudo: name : TTY=pts/0 ; PWD=/home/name ; USER=root ; COMMAND=/usr/sbin/ipsec status
14:32:11 sudo: pam_ecryptfs: pam_sm_authenticate: /home/name is already mounted
14:31:01 charon: 09[IKE] sending keep alive to 134.19.180.167[4500]
14:30:48 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:30:23 charon: 10[IKE] sending keep alive to 134.19.180.167[4500]
14:28:52 opera: [0120/142852.579960:ERROR:service_manager.cc(157)] Connection InterfaceProviderSpec prevented service: content_renderer from binding interface: blink::mojom::ReportingServiceProxy exposed by: content_browser
14:28:43 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:28:11 charon: 05[NET] sending packet: from 192.168.0.2[4500] to 134.19.180.167[4500] (76 bytes)
14:26:38 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:26:33 charon: 05[IKE] sending keep alive to 134.19.180.167[4500]
14:26:29 opera: [0120/142629.130850:ERRORs_exchange_data_provider_aurax11.cc(505)] Not implemented reached in virtual uint32_t ui::OSExchangeDataProviderAuraX11:ispatchEvent(const ui::PlatformEvent &)
14:26:07 charon: 08[IKE] sending keep alive to 134.19.180.167[4500]
14:24:33 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:23:48 charon: 11[IKE] sending keep alive to 134.19.180.167[4500]
14:23:45 pkexec: name: Executing command [USER=root] [TTY=unknown] [CWD=/home/name] [COMMAND=/usr/lib/gnome-settings-daemon/gsd-backlight-helper --set-brightness 976]
14:23:28 charon: 06[IKE] sending keep alive to 134.19.180.167[4500]
14:22:28 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:21:23 charon: 12[IKE] sending keep alive to 134.19.180.167[4500]
14:20:23 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:20:02 charon: 07[IKE] sending keep alive to 134.19.180.167[4500]
14:19:16 gnome-shell: Window manager warning: 0x2000001 (DuckDuckGo) appears to be one of the offending windows with a timestamp of 5359555. Working around...
14:18:34 opera: [0120/141834.508459:ERROR:ssl_client_socket_impl.cc(1093)] handshake failed; returned -1, SSL error code 5, net_error -2
14:18:30 gnome-shell: Window manager warning: 0x2000001 (Speed Dial) appears to be one of the offending windows with a timestamp of 5313703. Working around...
14:18:18 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:17:28 dbus-daemon: Successfully activated service 'org.gnome.ControlCenter.SearchProvider'
14:17:22 charon: 07[IKE] sending keep alive to 134.19.180.167[4500]
14:17:01 cron: pam_unix(cron:session): session closed for user root
14:16:57 charon: 01[IKE] sending keep alive to 134.19.180.167[4500]
14:16:23 sudo: pam_unix(sudo:session): session closed for user root
14:16:13 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:15:53 charon: 11[IKE] sending keep alive to 134.19.180.167[4500]
14:14:08 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:13:59 opera: [0120/141359.650410:ERROR:service_manager.cc(157)] Connection InterfaceProviderSpec prevented service: content_renderer from binding interface: blink::mojom::ReportingServiceProxy exposed by: content_browser
14:13:27 charon: 11[IKE] sending keep alive to 134.19.180.167[4500]
14:12:48 opera: [0120/141248.902417:ERROR:blacklist.cc(191)] Invalid pattern
14:12:03 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:10:46 charon: 07[IKE] sending keep alive to 134.19.180.167[4500]
14:09:58 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:09:50 charon: 10[IKE] sending keep alive to 134.19.180.167[4500]
14:09:13 opera: [0120/140913.192776:ERRORs_exchange_data_provider_aurax11.cc(505)] Not implemented reached in virtual uint32_t ui::OSExchangeDataProviderAuraX11:ispatchEvent(const ui::PlatformEvent &)
14:07:53 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
14:03:56 anacron: Normal exit (0 jobs run)
14:03:56 systemd: Started Run anacron jobs.
14:03:43 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
13:53:25 charon: 10[NET] sending packet: from 192.168.0.2[4500] to 134.19.180.167[4500] (76 bytes)
13:53:17 kernel: [UFW BLOCK] IN=enp4s0f1 OUT= MAC=01:00:5e:00:00:01:e4:18:6b:e8:c0:0d:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2

It appears to be happening quite a bit with Youtube, does anyone know anything about IPSec troubleshooting or if a VPN would get throttled from new US regulations? I wouldn't think so...