OpenVPN troubles

Off-topic
,
1

so for some odd reason a week ago the .ovpn was working then, i accidentally deleted it from the computer so i had to redownload it.
after i redownloaded it im getting error that i cant figure out how to solve.
i ran it as sudo of course.

"2020-11-17 15:47:50 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless “allow-compression yes” is also set.
2020-11-17 15:47:50 DEPRECATED OPTION: --cipher set to ‘AES-128-CBC’ but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add ‘AES-128-CBC’ to --data-ciphers or change --cipher ‘AES-128-CBC’ to --data-ciphers-fallback ‘AES-128-CBC’ to silence this warning.
2020-11-17 15:47:50 OpenVPN 2.5.0 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Oct 28 2020
2020-11-17 15:47:50 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10
2020-11-17 15:47:50 Outgoing Control Channel Authentication: Using 256 bit message hash ‘SHA256’ for HMAC authentication
2020-11-17 15:47:50 Incoming Control Channel Authentication: Using 256 bit message hash ‘SHA256’ for HMAC authentication
2020-11-17 15:47:50 TCP/UDP: Preserving recently used remote address: [AF_INET]5.44.235.168:1337
2020-11-17 15:47:50 Socket Buffers: R=[212992->212992] S=[212992->212992]
2020-11-17 15:47:50 UDP link local: (not bound)
2020-11-17 15:47:50 UDP link remote: [AF_INET]5.44.235.168:1337
2020-11-17 15:47:51 TLS: Initial packet from [AF_INET]5.44.235.168:1337, sid=c00988da 663aafb9
2020-11-17 15:47:51 VERIFY OK: depth=1, C=UK, ST=City, L=London, O=HackTheBox, CN=HackTheBox CA, name=htb, emailAddress=info@hackthebox.eu
2020-11-17 15:47:51 VERIFY KU OK
2020-11-17 15:47:51 Validating certificate extended key usage
2020-11-17 15:47:51 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2020-11-17 15:47:51 VERIFY EKU OK
2020-11-17 15:47:51 VERIFY OK: depth=0, C=UK, ST=City, L=London, O=HackTheBox, CN=htb, name=htb, emailAddress=info@hackthebox.eu
2020-11-17 15:47:51 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
2020-11-17 15:47:51 [htb] Peer Connection Initiated with [AF_INET]5.44.235.168:1337
2020-11-17 15:47:52 SENT CONTROL [htb]: ‘PUSH_REQUEST’ (status=1)
2020-11-17 15:47:52 PUSH: Received control message: ‘PUSH_REPLY,route 10.10.10.0 255.255.254.0,route-ipv6 dead:beef::/64,tun-ipv6,route-gateway 10.10.14.1,topology subnet,ping 10,ping-restart 120,ifconfig-ipv6 dead:beef:2::10c1/64 dead:beef:2::1,ifconfig 10.10.14.195 255.255.254.0,peer-id 61,cipher AES-256-GCM’
2020-11-17 15:47:52 OPTIONS IMPORT: timers and/or timeouts modified
2020-11-17 15:47:52 OPTIONS IMPORT: --ifconfig/up options modified
2020-11-17 15:47:52 OPTIONS IMPORT: route options modified
2020-11-17 15:47:52 OPTIONS IMPORT: route-related options modified
2020-11-17 15:47:52 OPTIONS IMPORT: peer-id set
2020-11-17 15:47:52 OPTIONS IMPORT: adjusting link_mtu to 1625
2020-11-17 15:47:52 OPTIONS IMPORT: data channel crypto options modified
2020-11-17 15:47:52 Data Channel: using negotiated cipher ‘AES-256-GCM’
2020-11-17 15:47:52 Outgoing Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key
2020-11-17 15:47:52 Incoming Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key
2020-11-17 15:47:52 net_route_v4_best_gw query: dst 0.0.0.0
2020-11-17 15:47:52 net_route_v4_best_gw result: via 192.168.1.1 dev wlan0
2020-11-17 15:47:52 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlan0 HWADDR=4c:eb:42:5f:38:9f
2020-11-17 15:47:52 GDG6: remote_host_ipv6=n/a
2020-11-17 15:47:52 net_route_v6_best_gw query: dst ::
2020-11-17 15:47:52 net_route_v6_best_gw result: via fe80::ae3b:77ff:fe5a:d162 dev wlan0
2020-11-17 15:47:52 ROUTE6_GATEWAY fe80::ae3b:77ff:fe5a:d162 IFACE=wlan0
2020-11-17 15:47:52 TUN/TAP device tun0 opened
2020-11-17 15:47:52 net_iface_mtu_set: mtu 1500 for tun0
2020-11-17 15:47:52 net_iface_up: set tun0 up
2020-11-17 15:47:52 net_addr_v4_add: 10.10.14.195/23 dev tun0
2020-11-17 15:47:52 net_iface_mtu_set: mtu 1500 for tun0
2020-11-17 15:47:52 net_iface_up: set tun0 up
2020-11-17 15:47:52 net_addr_v6_add: dead:beef:2::10c1/64 dev tun0
2020-11-17 15:47:52 sitnl_send: rtnl: generic error (-13): Permission denied
2020-11-17 15:47:52 Linux can’t add IPv6 to interface tun0
2020-11-17 15:47:52 Exiting due to fatal error
"

2

2020-11-17 15:47:52 Linux can’t add IPv6 to interface tun0

looks like some ipv6 misconfiguration

3

yeah i’ve noticed that but cant figure out how to fix it

4

https://help.hackthebox.eu/troubleshooting/v2-vpn-connection-troubleshooting

Description:

IPv6 is a requirement for the connection to the labs. You are receiving this error because IPv6 is currently turned off for your LinuxOS.

Solution:

If you see 0 at cat /proc/sys/net/ipv6/conf/all/disable_ipv6 that means you have it enabled, if you see 1 you can enable it by pressing the sysctl net.ipv6.conf.all.disable_ipv6=0 command.

5

Type your comment> @sfox said:

https://help.hackthebox.eu/troubleshooting/v2-vpn-connection-troubleshooting

Description:

IPv6 is a requirement for the connection to the labs. You are receiving this error because IPv6 is currently turned off for your LinuxOS.

Solution:

If you see 0 at cat /proc/sys/net/ipv6/conf/all/disable_ipv6 that means you have it enabled, if you see 1 you can enable it by pressing the sysctl net.ipv6.conf.all.disable_ipv6=0 command.

Thank you, sfox! This worked!
(note to noobs like me - run the suggested commands with sudo)

1 Like
6

happened the same to me and this solution worked , thanks! but how did that happened!???

7

@sfox you my friend are a life saver thank you!