[02:58] <crashsystems> you there mhall119 ?
[03:03] <mhall119> crashsystems: yup
[03:04] <crashsystems> you said that setup via network manager was fairly easy. do you have any tips for that?
[03:04] <crashsystems> I successfully connect to the vpn, but packets never get through
[03:05] <mhall119> well, it wasn't that easy, but the hard parts weren't Ubuntu's fault
[03:05] <crashsystems> hah
[03:05] <mhall119> Verizon had a Nortel (I think) aggregator
[03:06] <mhall119> which was basically a Cisco aggregator with a broken protocol stack
[03:06] <mhall119> so I found a patch to vpnc that would make it not die when Nortel failed at parts of the connection setup sequence
[03:07] <mhall119> next, Verizon's IT gave out binary config files for their Windows client, which I had to find a way to extract to get the connection credentials, server address, etc
[03:08] <mhall119> once I had the info and a patched vpnc, network-manager-vpnc let me turn it on and off from the panel icon menu
[03:09] <crashsystems> PRQ gave me a zip file with the vpn config and encryption key. network manager has a handy button for importing that config file, but while it connects to the vpn, my traffic goes nowhere
[03:09] <mhall119> the DHCP I got from the VPN didn't set the DNS, IIRC, so I had a script that would do that
[03:09] <mhall119> maybe it's not setting your routes?
[03:10] <crashsystems> well, my routes are changing after I connect.
[03:10] <mhall119> make sure the VPN's IP subnet isn't the same as your local subnet
[03:10] <crashsystems> lemme get a pastebin
[03:11] <crashsystems> http://pastebin.com/qVPqBCdU
[03:12] <mhall119> and ifconfig?
[03:13] <crashsystems> while connected?
[03:13] <mhall119> yes
[03:13] <crashsystems> just a moment...
[03:13] <mhall119> I assume you've watched wireshark?
[03:14] <crashsystems> http://pastebin.com/G70cV60c
[03:14] <crashsystems> hah, no
[03:15] <crashsystems> I've got it installed though
[03:15] <mhall119> and you can't get to anything on the 88.80.29.128 network?
[03:16] <crashsystems> nope, the only thing I can ping is my vpn IP address. Can't even ping their DNS, which is on that network
[03:16] <mhall119> do they use some kind of host checking?
[03:16] <crashsystems> no
[03:17] <crashsystems> I did read something about adding a delay before NM sets up routes, to give the vpn opportunity to supply those.
[03:17] <mhall119> lots of VPNs now will require that the client tells it that it's Windows is patched and has an updated A/V running, before it'll allow it's packets through
[03:17] <crashsystems> hah, this vpn recommends that all it's users use linux or bsd
[03:17] <mhall119> ok, so probably not that
[03:18] <mhall119> try wireshark and tracert
[03:18] <mhall119> to make sure packets are at least going over the link
[03:18] <mhall119> if they are, then I don't know what to tell you
[03:18] <mhall119> something's not setup right for you on their end
[03:19] <mhall119> your routes and ipconfig look okay to me
[03:19] <mhall119> just use ssh
[03:19] <mhall119> ;)
[03:20] <crashsystems> http://www.debuntu.org/how-to-network-manager-openvpn-overwrites-default-route
[03:20] <crashsystems> the above did not exactly work for me, but traffic did go through
[03:21] <mhall119> looks like your routes are already configured to only send traffic over the tunnel if it's for the remote network
[03:22] <mhall119> or was your pastebin from after you did that?
[03:22] <crashsystems> from before
[03:22] <mhall119> hmmm...
[03:25] <crashsystems> I wish I could set a route delay from network manager
[03:26] <mhall119> well if they recommend using Linux, maybe they can give you better support than I can
[03:48] <Chloric> good evening guys
[03:49] <katyl_> Evening
[03:50] <Chloric> evening Katyl, i dont think we previously met
[03:50] <katyl_> Don't believe so.
[03:51]  * crashsystems kicks openvpn
[03:51] <Chloric> What part of florida are you from?
[03:52] <katyl_> be careful there, crashsystems, openvpn is a delicate beast, tends to only fail harder if you kick it.
[03:52] <crashsystems> o_O
[03:52] <crashsystems> it can't fail any harder than it is now
[03:52] <Chloric> crashsystems, wanna wage a bet on that? xD
[03:52] <crashsystems> no
[03:53] <crashsystems> ugh
[03:53] <Chloric> i think we should
[03:53] <katyl_> Things still route locally when you're connected? I've had it not. Totally lost the network.
[03:53] <katyl_> Through Network Manager?
[03:53] <crashsystems> its more like every single packet dies a firey death
[03:53] <crashsystems> yes, network manager
[03:54] <katyl_> Just an idea, I had some similar issues when I didn't select the correct compression type.
[03:55] <katyl_> May I ask who you're trying to connect to?
[03:55] <crashsystems> only one available, LZO compression
[03:55] <crashsystems> PRQ
[03:55] <Chloric> sometimes i forget that im probably the only international relations major here -__- *totally lost now*
[03:56] <crashsystems> have you ever actually gotten openvpn working with network manager katyl_ ?
[03:56] <katyl_> Yes\
[03:56] <crashsystems> I think my problems are with routing
[03:56] <katyl_> I use vyprvpn on a daily basis, and before that was using openvpn on my VPS without issues.
[03:57] <katyl_> Simple stuff, do you have VPN passthrough enabled on your router?
[03:57] <crashsystems> hah, I have no clue. didn't set up the router
[03:58] <katyl_> That might be your issue, VPN failed consistently for me, before I enabled passthrough.
[03:58] <crashsystems> do you know if that would be default on ddwrt?
[03:58] <katyl_> It is not
[03:58] <katyl_> Located under security.
[03:58] <katyl_> well, nm... looks like there is no openvpn passthrough option.
[03:59] <crashsystems> the vpn sucessfully connects, but then all traffic dies
[03:59] <katyl_> One sec. I may drop?
[03:59] <crashsystems> ok
[04:01] <katyl__> There we go
[04:02] <katyl__> crashsystem, mind giving me the output of 'route'
[04:02] <katyl__> Q3rJ^n*p
[04:02] <crashsystems> just a min
[04:02] <crashsystems> I hope that was not a password
[04:02] <katyl__> Crap... guess I'm changing that password...
[04:02] <crashsystems> lol
[04:02] <katyl__> not like it's useful... nothing actually allows login with that remotely.
[04:03] <katyl__> aaand portforwarding for SSH is off now.
[04:03] <katyl__> I feel stupid
[04:04] <crashsystems> http://pastebin.com/FkLCgydz
[04:05] <katyl__> is 10.10.10.1 pingable?
[04:05] <crashsystems> while connected to vpn?
[04:05] <katyl__> yes
[04:06] <crashsystems> its not pingable not connected
[04:06] <crashsystems> that is not my default gateway, if that is what you are thinking
[04:06] <crashsystems> router*
[04:06] <katyl__> Oh.
[04:06] <crashsystems> I can ping the local network while connected to the vpn
[04:07] <katyl__> Sorry, bad assumption on my part.
[04:13] <crashsystems1> http://db.tt/C7dNyuj
[04:13] <crashsystems> katyl__: that is a wireshark capture
[04:14] <katyl__> as soon as my password crisis is fixed, I'll be happy to check
[04:14] <crashsystems> lol, ok
[04:15] <crashsystems> did you use that one many places?
[04:17] <katyl__> The one password I have that isn't completly random...
[04:17] <katyl__> Local Login .
[04:18] <katyl__> remote auth is all based off my encrypted SSH key with a random password... Password auth is disabled on all systems. I don't think I'm in any trouble.
[04:18] <katyl__> I also do not have sudo installed.
[04:18] <katyl__> So, I don't see any issues coming of this... but better safe than sorry
[04:18] <crashsystems> yep
[04:24] <katyl__> Well, if it helps, I can tel you 88.80.30.9 isn't pingable for me either
[04:25] <crashsystems> :/
[04:55] <katyl> I've never had so much trouble with this before.
[04:56] <crashsystems> likewise
[05:09] <Chat6291> wasup ladies
[05:26] <katyl> Night all
[16:32] <katyl> afternoon, everyone.
[22:15] <mhall119> crashsystems: you never tried restarting?
[22:17] <crashsystems> I restarted my computer. It never occurred to me to hit restart on the vpn service itself in their little control panel