crashsystemsyou there mhall119 ?02:58
mhall119crashsystems: yup03:03
crashsystemsyou said that setup via network manager was fairly easy. do you have any tips for that?03:04
crashsystemsI successfully connect to the vpn, but packets never get through03:04
mhall119well, it wasn't that easy, but the hard parts weren't Ubuntu's fault03:05
mhall119Verizon had a Nortel (I think) aggregator03:05
mhall119which was basically a Cisco aggregator with a broken protocol stack03:06
mhall119so I found a patch to vpnc that would make it not die when Nortel failed at parts of the connection setup sequence03:06
mhall119next, Verizon's IT gave out binary config files for their Windows client, which I had to find a way to extract to get the connection credentials, server address, etc03:07
mhall119once I had the info and a patched vpnc, network-manager-vpnc let me turn it on and off from the panel icon menu03:08
crashsystemsPRQ gave me a zip file with the vpn config and encryption key. network manager has a handy button for importing that config file, but while it connects to the vpn, my traffic goes nowhere03:09
mhall119the DHCP I got from the VPN didn't set the DNS, IIRC, so I had a script that would do that03:09
mhall119maybe it's not setting your routes?03:09
crashsystemswell, my routes are changing after I connect.03:10
mhall119make sure the VPN's IP subnet isn't the same as your local subnet03:10
crashsystemslemme get a pastebin03:10
mhall119and ifconfig?03:12
crashsystemswhile connected?03:13
crashsystemsjust a moment...03:13
mhall119I assume you've watched wireshark?03:13
crashsystemshah, no03:14
crashsystemsI've got it installed though03:15
mhall119and you can't get to anything on the network?03:15
crashsystemsnope, the only thing I can ping is my vpn IP address. Can't even ping their DNS, which is on that network03:16
mhall119do they use some kind of host checking?03:16
crashsystemsI did read something about adding a delay before NM sets up routes, to give the vpn opportunity to supply those.03:17
mhall119lots of VPNs now will require that the client tells it that it's Windows is patched and has an updated A/V running, before it'll allow it's packets through03:17
crashsystemshah, this vpn recommends that all it's users use linux or bsd03:17
mhall119ok, so probably not that03:17
mhall119try wireshark and tracert03:18
mhall119to make sure packets are at least going over the link03:18
mhall119if they are, then I don't know what to tell you03:18
mhall119something's not setup right for you on their end03:18
mhall119your routes and ipconfig look okay to me03:19
mhall119just use ssh03:19
crashsystemsthe above did not exactly work for me, but traffic did go through03:20
mhall119looks like your routes are already configured to only send traffic over the tunnel if it's for the remote network03:21
mhall119or was your pastebin from after you did that?03:22
crashsystemsfrom before03:22
crashsystemsI wish I could set a route delay from network manager03:25
mhall119well if they recommend using Linux, maybe they can give you better support than I can03:26
Chloricgood evening guys03:48
Chloricevening Katyl, i dont think we previously met03:50
katyl_Don't believe so.03:50
* crashsystems kicks openvpn03:51
ChloricWhat part of florida are you from?03:51
katyl_be careful there, crashsystems, openvpn is a delicate beast, tends to only fail harder if you kick it.03:52
crashsystemsit can't fail any harder than it is now03:52
Chloriccrashsystems, wanna wage a bet on that? xD03:52
Chlorici think we should03:53
katyl_Things still route locally when you're connected? I've had it not. Totally lost the network.03:53
katyl_Through Network Manager?03:53
crashsystemsits more like every single packet dies a firey death03:53
crashsystemsyes, network manager03:53
katyl_Just an idea, I had some similar issues when I didn't select the correct compression type.03:54
katyl_May I ask who you're trying to connect to?03:55
crashsystemsonly one available, LZO compression03:55
Chloricsometimes i forget that im probably the only international relations major here -__- *totally lost now*03:55
crashsystemshave you ever actually gotten openvpn working with network manager katyl_ ?03:56
crashsystemsI think my problems are with routing03:56
katyl_I use vyprvpn on a daily basis, and before that was using openvpn on my VPS without issues.03:56
katyl_Simple stuff, do you have VPN passthrough enabled on your router?03:57
crashsystemshah, I have no clue. didn't set up the router03:57
katyl_That might be your issue, VPN failed consistently for me, before I enabled passthrough.03:58
crashsystemsdo you know if that would be default on ddwrt?03:58
katyl_It is not03:58
katyl_Located under security.03:58
katyl_well, nm... looks like there is no openvpn passthrough option.03:58
crashsystemsthe vpn sucessfully connects, but then all traffic dies03:59
katyl_One sec. I may drop?03:59
katyl__There we go04:01
katyl__crashsystem, mind giving me the output of 'route'04:02
crashsystemsjust a min04:02
crashsystemsI hope that was not a password04:02
katyl__Crap... guess I'm changing that password...04:02
katyl__not like it's useful... nothing actually allows login with that remotely.04:02
katyl__aaand portforwarding for SSH is off now.04:03
katyl__I feel stupid04:03
katyl__is pingable?04:05
crashsystemswhile connected to vpn?04:05
crashsystemsits not pingable not connected04:06
crashsystemsthat is not my default gateway, if that is what you are thinking04:06
crashsystemsI can ping the local network while connected to the vpn04:06
katyl__Sorry, bad assumption on my part.04:07
crashsystemskatyl__: that is a wireshark capture04:13
katyl__as soon as my password crisis is fixed, I'll be happy to check04:14
crashsystemslol, ok04:14
crashsystemsdid you use that one many places?04:15
katyl__The one password I have that isn't completly random...04:17
katyl__Local Login .04:17
katyl__remote auth is all based off my encrypted SSH key with a random password... Password auth is disabled on all systems. I don't think I'm in any trouble.04:18
katyl__I also do not have sudo installed.04:18
katyl__So, I don't see any issues coming of this... but better safe than sorry04:18
katyl__Well, if it helps, I can tel you isn't pingable for me either04:24
katylI've never had so much trouble with this before.04:55
Chat6291wasup ladies05:09
katylNight all05:26
katylafternoon, everyone.16:32
mhall119crashsystems: you never tried restarting?22:15
crashsystemsI restarted my computer. It never occurred to me to hit restart on the vpn service itself in their little control panel22:17

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!