I have issue connecting getting ping back from active machines.

Off-topic
1

this is my openvpn log

Sun Dec 27 20:18:56 2020 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2019
Sun Dec 27 20:18:56 2020 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Sun Dec 27 20:18:56 2020 Outgoing Control Channel Encryption: Cipher ‘AES-256-CTR’ initialized with 256 bit key
Sun Dec 27 20:18:56 2020 Outgoing Control Channel Encryption: Using 256 bit message hash ‘SHA256’ for HMAC authentication
Sun Dec 27 20:18:56 2020 Incoming Control Channel Encryption: Cipher ‘AES-256-CTR’ initialized with 256 bit key
Sun Dec 27 20:18:56 2020 Incoming Control Channel Encryption: Using 256 bit message hash ‘SHA256’ for HMAC authentication
Sun Dec 27 20:18:56 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]172.241.166.196:443
Sun Dec 27 20:18:56 2020 Socket Buffers: R=[131072->131072] S=[16384->16384]
Sun Dec 27 20:18:56 2020 Attempting to establish TCP connection with [AF_INET]172.241.166.196:443 [nonblock]
Sun Dec 27 20:18:57 2020 TCP connection established with [AF_INET]172.241.166.196:443
Sun Dec 27 20:18:57 2020 TCP_CLIENT link local: (not bound)
Sun Dec 27 20:18:57 2020 TCP_CLIENT link remote: [AF_INET]172.241.166.196:443
Sun Dec 27 20:18:57 2020 TLS: Initial packet from [AF_INET]172.241.166.196:443, sid=8f06b48d b8aba114
Sun Dec 27 20:18:57 2020 VERIFY OK: depth=1, C=UK, ST=City, L=London, O=HackTheBox, CN=HackTheBox CA, name=htb, emailAddress=info@hackthebox.eu
Sun Dec 27 20:18:57 2020 VERIFY KU OK
Sun Dec 27 20:18:57 2020 Validating certificate extended key usage
Sun Dec 27 20:18:57 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sun Dec 27 20:18:57 2020 VERIFY EKU OK
Sun Dec 27 20:18:57 2020 VERIFY OK: depth=0, C=UK, ST=City, L=London, O=HackTheBox, CN=htb, name=htb, emailAddress=info@hackthebox.eu
Sun Dec 27 20:18:58 2020 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sun Dec 27 20:18:58 2020 [htb] Peer Connection Initiated with [AF_INET]172.241.166.196:443
Sun Dec 27 20:18:59 2020 SENT CONTROL [htb]: ‘PUSH_REQUEST’ (status=1)
Sun Dec 27 20:19:00 2020 PUSH: Received control message: ‘PUSH_REPLY,route 10.129.0.0 255.255.0.0,route-ipv6 dead:beef::/64,tun-ipv6,route-gateway 10.10.16.1,topology subnet,ping 10,ping-restart 120,ifconfig-ipv6 dead:beef:4::10c6/64 dead:beef:4::1,ifconfig 10.10.16.200 255.255.254.0,peer-id 0,cipher AES-256-GCM’
Sun Dec 27 20:19:00 2020 OPTIONS IMPORT: timers and/or timeouts modified
Sun Dec 27 20:19:00 2020 OPTIONS IMPORT: --ifconfig/up options modified
Sun Dec 27 20:19:00 2020 OPTIONS IMPORT: route options modified
Sun Dec 27 20:19:00 2020 OPTIONS IMPORT: route-related options modified
Sun Dec 27 20:19:00 2020 OPTIONS IMPORT: peer-id set
Sun Dec 27 20:19:00 2020 OPTIONS IMPORT: adjusting link_mtu to 1627
Sun Dec 27 20:19:00 2020 OPTIONS IMPORT: data channel crypto options modified
Sun Dec 27 20:19:00 2020 Data Channel: using negotiated cipher ‘AES-256-GCM’
Sun Dec 27 20:19:00 2020 Outgoing Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key
Sun Dec 27 20:19:00 2020 Incoming Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key
Sun Dec 27 20:19:00 2020 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=eno1 HWADDR=00:22:4d:a7:2b:4d
Sun Dec 27 20:19:00 2020 GDG6: remote_host_ipv6=n/a
Sun Dec 27 20:19:00 2020 ROUTE6: default_gateway=UNDEF
Sun Dec 27 20:19:00 2020 TUN/TAP device tun0 opened
Sun Dec 27 20:19:00 2020 TUN/TAP TX queue length set to 100
Sun Dec 27 20:19:00 2020 /sbin/ip link set dev tun0 up mtu 1500
Sun Dec 27 20:19:00 2020 /sbin/ip addr add dev tun0 10.10.16.200/23 broadcast 10.10.17.255
Sun Dec 27 20:19:00 2020 /sbin/ip -6 addr add dead:beef:4::10c6/64 dev tun0
Sun Dec 27 20:19:00 2020 /sbin/ip route add 10.129.0.0/16 via 10.10.16.1
Sun Dec 27 20:19:00 2020 add_route_ipv6(dead:beef::/64 → dead:beef:4::1 metric -1) dev tun0
Sun Dec 27 20:19:00 2020 /sbin/ip -6 route add dead:beef::/64 dev tun0
Sun Dec 27 20:19:00 2020 WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
Sun Dec 27 20:19:00 2020 Initialization Sequence Completed

2

What issues do you have? What is the response from ping? What is the response from traceroute/tracert?

Your OpenVPN connection seems to be working. Have you made sure its a live box?

3

Type your comment> @TazWake said:

What issues do you have? What is the response from ping? What is the response from traceroute/tracert?

Your OpenVPN connection seems to be working. Have you made sure its a live box?

Ping has no response , 25 packets transfered 0 receieved (All active machines)

Works good, with edge-us-release-1.hackthebox.eu when pinged, traceroute reaches the destination

But when traceroute to active machines 10.10.10.203 it doesn’t reach the destination , the hop doesn’t even leave my country it hops 2 ip address within my isp and stops .

4

The likely issues are:

  • Your OpenVPN connection isn’t working. Check you have downloaded the right one (if you are VIP, you need VIP, if you are looking at starting point, you need a starting point one etc).
  • The boxes aren’t active. If you are VIP, you need to assign the boxes to your server for them to respond.

If traceroute is hitting your ISP, then the openvpn connection isn’t working as the traffic should go from your machine, over the VPN - not via your ISP.

5

Kill OpenVPN and paste output of ip r. I had the same problem and was able to fix it by manually removing tun0 routes.