OpenVPN error status: 2, and can't connect to internet while usingAccessing VirtualBox guest via VPNInternet...
Why was Pan Am Flight 103 flying over Lockerbie?
Processes in a session in an interactive shell vs in a script
Is it OK to throw pebbles and stones in streams, waterfalls, ponds, etc.?
What happens if a caster is surprised while casting a spell with a long casting time?
Installed software from source, how to say yum not to install it from package?
Is it advisable to inform the CEO about his brother accessing his office?
Why should I allow multiple IP addresses on a website for a single session?
Enterprise Layers and Naming Conventions
Five 5-cent coins touching each other
Basis and cardinality
What prevents a US state from colonizing a smaller state?
Why would Dementors torture a Death Eater if they are loyal to Voldemort?
What is my external HDD doing?
Avoiding repetition when using the "snprintf idiom" to write text
Do electrons really perform instantaneous quantum leaps?
"in 60 seconds or less" or "in 60 seconds or fewer"?
Why isn't UDP with reliability (implemented at Application layer) a substitute of TCP?
iMac 2019: Can I mix the old modules with the new ones when upgrading RAM?
How far can gerrymandering go?
Does an NPC know when a character has passed the save for Truth Serum?
Advantages of using bra-ket notation
What does this Pokemon Trainer mean by saying the player is "SHELLOS"?
German idiomatic equivalents of 能骗就骗 (if you can cheat, then cheat)
How to track mail undetectably?
OpenVPN error status: 2, and can't connect to internet while using
Accessing VirtualBox guest via VPNInternet is not working when VPN is upConnect to mpd over Openvpn (without changing internet routing)Cannot access internet through OpenVPNCan't connect to the InternetOpenVPN Server and Client - Can No Longer Connect To Network?Connect through OpenVPN to VPN - network disconnectsOpenvpn can connect but cannot ping or browse internetConnect same machine to 2 openvpn serversCan't connect to openvpn using networkmanager on Debian
0
I recently installed openVPN and configured it with my client1.ovpn file:
client
dev tun
proto udp
remote 10.8.0.1 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
key-direction 1
cipher AES-128-CBC
auth SHA256
comp-lzo
verb 3
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
my server.conf file:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC # AES
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
When I do the command
sudo openvpn --config client1.ovpn
I get this error in the terminal:
Sat Aug 12 21:57:10 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL
(OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Sat Aug 12 21:57:10 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016,
LZO 2.08
Sat Aug 12 21:57:10 2017 Control Channel Authentication: tls-auth
using INLINE static key file
Sat Aug 12 21:57:10 2017 Outgoing Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Incoming Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Socket Buffers: R=[212992->212992] S=[212992-
>212992]
Sat Aug 12 21:57:10 2017 NOTE: UID/GID downgrade will be delayed
because of --client, --pull, or --up-delay
Sat Aug 12 21:57:10 2017 UDPv4 link local: [undef]
Sat Aug 12 21:57:10 2017 UDPv4 link remote: [AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:10 2017 TLS: Initial packet from
[AF_INET]10.8.0.1:1194, sid=640d1419 b8d9a3ee
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=1, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Fort-Funston CA,
name=Server, emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Validating certificate key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has key usage 00a0, expects
00a0
Sat Aug 12 21:57:10 2017 VERIFY KU OK
Sat Aug 12 21:57:10 2017 Validating certificate extended key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has EKU (str) TLS Web Server
Authentication, expects TLS Web Server Authentication
Sat Aug 12 21:57:10 2017 VERIFY EKU OK
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=0, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Ryan, name=Server,
emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3
DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat Aug 12 21:57:10 2017 [Ryan] Peer Connection Initiated with
[AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:12 2017 SENT CONTROL [Ryan]: 'PUSH_REQUEST'
(status=1)
Sat Aug 12 21:57:12 2017 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS
208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology
net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: timers and/or timeouts
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ifconfig/up options
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: route options modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-
option options modified
Sat Aug 12 21:57:12 2017 WARNING: potential conflict between --remote
address [10.8.0.1] and --ifconfig address pair [10.8.0.6, 10.8.0.5] --
this is a warning only that is triggered when local/remote addresses
exist within the same /24 subnet as --ifconfig endpoints. (silence
this warning with --ifconfig-nowarn)
Sat Aug 12 21:57:12 2017 ROUTE_GATEWAY 10.15.65.1/255.255.255.0
IFACE=wlp1s0 HWADDR=d0:57:7b:09:c7:c0
Sat Aug 12 21:57:12 2017 TUN/TAP device tun1 opened
Sat Aug 12 21:57:12 2017 TUN/TAP TX queue length set to 100
Sat Aug 12 21:57:12 2017 do_ifconfig, tt->ipv6=0, tt-
>did_ifconfig_ipv6_setup=0
Sat Aug 12 21:57:12 2017 /sbin/ip link set dev tun1 up mtu 1500
Sat Aug 12 21:57:12 2017 /sbin/ip addr add dev tun1 local 10.8.0.6
peer 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.15.65.1
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 /sbin/ip route add 0.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 128.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.8.0.5
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 GID set to nogroup
Sat Aug 12 21:57:12 2017 UID set to nobody
Sat Aug 12 21:57:12 2017 Initialization Sequence Completed
I also cannot connect to the internet while openvpn is in use in the terminal. It isn't until I hit crtl+c before I'm able to connect to the internet again.
After ctrl+c I get these errors as well:
^CSat Aug 12 21:57:56 2017 event_wait : Interrupted system call
(code=4)
Sat Aug 12 21:57:56 2017 /sbin/ip route del 10.8.0.1/32
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 0.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 128.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 Closing TUN/TAP interface
Sat Aug 12 21:57:56 2017 /sbin/ip addr del dev tun1 local 10.8.0.6
peer 10.8.0.5
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 Linux ip addr del failed: external program
exited with error status: 2
Sat Aug 12 21:57:56 2017 SIGINT[hard,] received, process exiting
I have been trying to find an answer to this question a lot on google already with no luck. What is causing this error of " ERROR: Linux route add command failed:
external program exited with error status: 2" as well as being able to connect to the internet when using. Thanks.
ubuntu networking openvpn
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11 bronze badge
bumped to the homepage by Community♦ 11 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
0
I recently installed openVPN and configured it with my client1.ovpn file:
client
dev tun
proto udp
remote 10.8.0.1 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
key-direction 1
cipher AES-128-CBC
auth SHA256
comp-lzo
verb 3
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
my server.conf file:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC # AES
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
When I do the command
sudo openvpn --config client1.ovpn
I get this error in the terminal:
Sat Aug 12 21:57:10 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL
(OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Sat Aug 12 21:57:10 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016,
LZO 2.08
Sat Aug 12 21:57:10 2017 Control Channel Authentication: tls-auth
using INLINE static key file
Sat Aug 12 21:57:10 2017 Outgoing Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Incoming Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Socket Buffers: R=[212992->212992] S=[212992-
>212992]
Sat Aug 12 21:57:10 2017 NOTE: UID/GID downgrade will be delayed
because of --client, --pull, or --up-delay
Sat Aug 12 21:57:10 2017 UDPv4 link local: [undef]
Sat Aug 12 21:57:10 2017 UDPv4 link remote: [AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:10 2017 TLS: Initial packet from
[AF_INET]10.8.0.1:1194, sid=640d1419 b8d9a3ee
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=1, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Fort-Funston CA,
name=Server, emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Validating certificate key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has key usage 00a0, expects
00a0
Sat Aug 12 21:57:10 2017 VERIFY KU OK
Sat Aug 12 21:57:10 2017 Validating certificate extended key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has EKU (str) TLS Web Server
Authentication, expects TLS Web Server Authentication
Sat Aug 12 21:57:10 2017 VERIFY EKU OK
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=0, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Ryan, name=Server,
emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3
DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat Aug 12 21:57:10 2017 [Ryan] Peer Connection Initiated with
[AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:12 2017 SENT CONTROL [Ryan]: 'PUSH_REQUEST'
(status=1)
Sat Aug 12 21:57:12 2017 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS
208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology
net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: timers and/or timeouts
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ifconfig/up options
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: route options modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-
option options modified
Sat Aug 12 21:57:12 2017 WARNING: potential conflict between --remote
address [10.8.0.1] and --ifconfig address pair [10.8.0.6, 10.8.0.5] --
this is a warning only that is triggered when local/remote addresses
exist within the same /24 subnet as --ifconfig endpoints. (silence
this warning with --ifconfig-nowarn)
Sat Aug 12 21:57:12 2017 ROUTE_GATEWAY 10.15.65.1/255.255.255.0
IFACE=wlp1s0 HWADDR=d0:57:7b:09:c7:c0
Sat Aug 12 21:57:12 2017 TUN/TAP device tun1 opened
Sat Aug 12 21:57:12 2017 TUN/TAP TX queue length set to 100
Sat Aug 12 21:57:12 2017 do_ifconfig, tt->ipv6=0, tt-
>did_ifconfig_ipv6_setup=0
Sat Aug 12 21:57:12 2017 /sbin/ip link set dev tun1 up mtu 1500
Sat Aug 12 21:57:12 2017 /sbin/ip addr add dev tun1 local 10.8.0.6
peer 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.15.65.1
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 /sbin/ip route add 0.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 128.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.8.0.5
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 GID set to nogroup
Sat Aug 12 21:57:12 2017 UID set to nobody
Sat Aug 12 21:57:12 2017 Initialization Sequence Completed
I also cannot connect to the internet while openvpn is in use in the terminal. It isn't until I hit crtl+c before I'm able to connect to the internet again.
After ctrl+c I get these errors as well:
^CSat Aug 12 21:57:56 2017 event_wait : Interrupted system call
(code=4)
Sat Aug 12 21:57:56 2017 /sbin/ip route del 10.8.0.1/32
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 0.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 128.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 Closing TUN/TAP interface
Sat Aug 12 21:57:56 2017 /sbin/ip addr del dev tun1 local 10.8.0.6
peer 10.8.0.5
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 Linux ip addr del failed: external program
exited with error status: 2
Sat Aug 12 21:57:56 2017 SIGINT[hard,] received, process exiting
I have been trying to find an answer to this question a lot on google already with no luck. What is causing this error of " ERROR: Linux route add command failed:
external program exited with error status: 2" as well as being able to connect to the internet when using. Thanks.
ubuntu networking openvpn
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11 bronze badge
bumped to the homepage by Community♦ 11 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
Instead of "Please let me know. Thank you." it would have been more appropriate to have an actual interrogative sentence in your post so we know what question you want answered. E.g. "How can I have a program sent the Ctrl+C, so I don't have to type that myself?"
– Anthon
Aug 14 '17 at 5:21
@Anthon is that more along the lines of questioning? thank you.
– Ryan Fasching
Aug 15 '17 at 0:45
add a comment |
0
0
0
I recently installed openVPN and configured it with my client1.ovpn file:
client
dev tun
proto udp
remote 10.8.0.1 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
key-direction 1
cipher AES-128-CBC
auth SHA256
comp-lzo
verb 3
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
my server.conf file:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC # AES
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
When I do the command
sudo openvpn --config client1.ovpn
I get this error in the terminal:
Sat Aug 12 21:57:10 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL
(OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Sat Aug 12 21:57:10 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016,
LZO 2.08
Sat Aug 12 21:57:10 2017 Control Channel Authentication: tls-auth
using INLINE static key file
Sat Aug 12 21:57:10 2017 Outgoing Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Incoming Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Socket Buffers: R=[212992->212992] S=[212992-
>212992]
Sat Aug 12 21:57:10 2017 NOTE: UID/GID downgrade will be delayed
because of --client, --pull, or --up-delay
Sat Aug 12 21:57:10 2017 UDPv4 link local: [undef]
Sat Aug 12 21:57:10 2017 UDPv4 link remote: [AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:10 2017 TLS: Initial packet from
[AF_INET]10.8.0.1:1194, sid=640d1419 b8d9a3ee
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=1, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Fort-Funston CA,
name=Server, emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Validating certificate key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has key usage 00a0, expects
00a0
Sat Aug 12 21:57:10 2017 VERIFY KU OK
Sat Aug 12 21:57:10 2017 Validating certificate extended key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has EKU (str) TLS Web Server
Authentication, expects TLS Web Server Authentication
Sat Aug 12 21:57:10 2017 VERIFY EKU OK
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=0, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Ryan, name=Server,
emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3
DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat Aug 12 21:57:10 2017 [Ryan] Peer Connection Initiated with
[AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:12 2017 SENT CONTROL [Ryan]: 'PUSH_REQUEST'
(status=1)
Sat Aug 12 21:57:12 2017 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS
208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology
net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: timers and/or timeouts
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ifconfig/up options
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: route options modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-
option options modified
Sat Aug 12 21:57:12 2017 WARNING: potential conflict between --remote
address [10.8.0.1] and --ifconfig address pair [10.8.0.6, 10.8.0.5] --
this is a warning only that is triggered when local/remote addresses
exist within the same /24 subnet as --ifconfig endpoints. (silence
this warning with --ifconfig-nowarn)
Sat Aug 12 21:57:12 2017 ROUTE_GATEWAY 10.15.65.1/255.255.255.0
IFACE=wlp1s0 HWADDR=d0:57:7b:09:c7:c0
Sat Aug 12 21:57:12 2017 TUN/TAP device tun1 opened
Sat Aug 12 21:57:12 2017 TUN/TAP TX queue length set to 100
Sat Aug 12 21:57:12 2017 do_ifconfig, tt->ipv6=0, tt-
>did_ifconfig_ipv6_setup=0
Sat Aug 12 21:57:12 2017 /sbin/ip link set dev tun1 up mtu 1500
Sat Aug 12 21:57:12 2017 /sbin/ip addr add dev tun1 local 10.8.0.6
peer 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.15.65.1
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 /sbin/ip route add 0.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 128.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.8.0.5
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 GID set to nogroup
Sat Aug 12 21:57:12 2017 UID set to nobody
Sat Aug 12 21:57:12 2017 Initialization Sequence Completed
I also cannot connect to the internet while openvpn is in use in the terminal. It isn't until I hit crtl+c before I'm able to connect to the internet again.
After ctrl+c I get these errors as well:
^CSat Aug 12 21:57:56 2017 event_wait : Interrupted system call
(code=4)
Sat Aug 12 21:57:56 2017 /sbin/ip route del 10.8.0.1/32
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 0.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 128.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 Closing TUN/TAP interface
Sat Aug 12 21:57:56 2017 /sbin/ip addr del dev tun1 local 10.8.0.6
peer 10.8.0.5
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 Linux ip addr del failed: external program
exited with error status: 2
Sat Aug 12 21:57:56 2017 SIGINT[hard,] received, process exiting
I have been trying to find an answer to this question a lot on google already with no luck. What is causing this error of " ERROR: Linux route add command failed:
external program exited with error status: 2" as well as being able to connect to the internet when using. Thanks.
ubuntu networking openvpn
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11 bronze badge
I recently installed openVPN and configured it with my client1.ovpn file:
client
dev tun
proto udp
remote 10.8.0.1 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
key-direction 1
cipher AES-128-CBC
auth SHA256
comp-lzo
verb 3
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
my server.conf file:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC # AES
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
When I do the command
sudo openvpn --config client1.ovpn
I get this error in the terminal:
Sat Aug 12 21:57:10 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL
(OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Sat Aug 12 21:57:10 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016,
LZO 2.08
Sat Aug 12 21:57:10 2017 Control Channel Authentication: tls-auth
using INLINE static key file
Sat Aug 12 21:57:10 2017 Outgoing Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Incoming Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Socket Buffers: R=[212992->212992] S=[212992-
>212992]
Sat Aug 12 21:57:10 2017 NOTE: UID/GID downgrade will be delayed
because of --client, --pull, or --up-delay
Sat Aug 12 21:57:10 2017 UDPv4 link local: [undef]
Sat Aug 12 21:57:10 2017 UDPv4 link remote: [AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:10 2017 TLS: Initial packet from
[AF_INET]10.8.0.1:1194, sid=640d1419 b8d9a3ee
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=1, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Fort-Funston CA,
name=Server, emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Validating certificate key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has key usage 00a0, expects
00a0
Sat Aug 12 21:57:10 2017 VERIFY KU OK
Sat Aug 12 21:57:10 2017 Validating certificate extended key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has EKU (str) TLS Web Server
Authentication, expects TLS Web Server Authentication
Sat Aug 12 21:57:10 2017 VERIFY EKU OK
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=0, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Ryan, name=Server,
emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3
DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat Aug 12 21:57:10 2017 [Ryan] Peer Connection Initiated with
[AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:12 2017 SENT CONTROL [Ryan]: 'PUSH_REQUEST'
(status=1)
Sat Aug 12 21:57:12 2017 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS
208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology
net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: timers and/or timeouts
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ifconfig/up options
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: route options modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-
option options modified
Sat Aug 12 21:57:12 2017 WARNING: potential conflict between --remote
address [10.8.0.1] and --ifconfig address pair [10.8.0.6, 10.8.0.5] --
this is a warning only that is triggered when local/remote addresses
exist within the same /24 subnet as --ifconfig endpoints. (silence
this warning with --ifconfig-nowarn)
Sat Aug 12 21:57:12 2017 ROUTE_GATEWAY 10.15.65.1/255.255.255.0
IFACE=wlp1s0 HWADDR=d0:57:7b:09:c7:c0
Sat Aug 12 21:57:12 2017 TUN/TAP device tun1 opened
Sat Aug 12 21:57:12 2017 TUN/TAP TX queue length set to 100
Sat Aug 12 21:57:12 2017 do_ifconfig, tt->ipv6=0, tt-
>did_ifconfig_ipv6_setup=0
Sat Aug 12 21:57:12 2017 /sbin/ip link set dev tun1 up mtu 1500
Sat Aug 12 21:57:12 2017 /sbin/ip addr add dev tun1 local 10.8.0.6
peer 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.15.65.1
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 /sbin/ip route add 0.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 128.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.8.0.5
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 GID set to nogroup
Sat Aug 12 21:57:12 2017 UID set to nobody
Sat Aug 12 21:57:12 2017 Initialization Sequence Completed
I also cannot connect to the internet while openvpn is in use in the terminal. It isn't until I hit crtl+c before I'm able to connect to the internet again.
After ctrl+c I get these errors as well:
^CSat Aug 12 21:57:56 2017 event_wait : Interrupted system call
(code=4)
Sat Aug 12 21:57:56 2017 /sbin/ip route del 10.8.0.1/32
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 0.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 128.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 Closing TUN/TAP interface
Sat Aug 12 21:57:56 2017 /sbin/ip addr del dev tun1 local 10.8.0.6
peer 10.8.0.5
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 Linux ip addr del failed: external program
exited with error status: 2
Sat Aug 12 21:57:56 2017 SIGINT[hard,] received, process exiting
I have been trying to find an answer to this question a lot on google already with no luck. What is causing this error of " ERROR: Linux route add command failed:
external program exited with error status: 2" as well as being able to connect to the internet when using. Thanks.
ubuntu networking openvpn
ubuntu networking openvpn
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11 bronze badge
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11 bronze badge
edited Aug 15 '17 at 2:09
Ryan Fasching
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11 bronze badge
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11 bronze badge
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11 bronze badge
11 bronze badge
bumped to the homepage by Community♦ 11 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
bumped to the homepage by Community♦ 11 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
Instead of "Please let me know. Thank you." it would have been more appropriate to have an actual interrogative sentence in your post so we know what question you want answered. E.g. "How can I have a program sent the Ctrl+C, so I don't have to type that myself?"
– Anthon
Aug 14 '17 at 5:21
@Anthon is that more along the lines of questioning? thank you.
– Ryan Fasching
Aug 15 '17 at 0:45
add a comment |
Instead of "Please let me know. Thank you." it would have been more appropriate to have an actual interrogative sentence in your post so we know what question you want answered. E.g. "How can I have a program sent the Ctrl+C, so I don't have to type that myself?"
– Anthon
Aug 14 '17 at 5:21
@Anthon is that more along the lines of questioning? thank you.
– Ryan Fasching
Aug 15 '17 at 0:45
Instead of "Please let me know. Thank you." it would have been more appropriate to have an actual interrogative sentence in your post so we know what question you want answered. E.g. "How can I have a program sent the Ctrl+C, so I don't have to type that myself?"
– Anthon
Aug 14 '17 at 5:21
Instead of "Please let me know. Thank you." it would have been more appropriate to have an actual interrogative sentence in your post so we know what question you want answered. E.g. "How can I have a program sent the Ctrl+C, so I don't have to type that myself?"
– Anthon
Aug 14 '17 at 5:21
@Anthon is that more along the lines of questioning? thank you.
– Ryan Fasching
Aug 15 '17 at 0:45
@Anthon is that more along the lines of questioning? thank you.
– Ryan Fasching
Aug 15 '17 at 0:45
add a comment |
1 Answer
1
active
oldest
votes
0
I encountered the same problem today and after an hour of googling about the problem i solved it by editing /proc/sys/net/ipv6/conf/all/disable_ipv6 file
$ cat /proc/sys/net/ipv6/conf/all/disable_ipv6
1
solved it by
$ echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6
answered Feb 11 at 8:48
l hl h
1
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f385966%2fopenvpn-error-status-2-and-cant-connect-to-internet-while-using%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
0
I encountered the same problem today and after an hour of googling about the problem i solved it by editing /proc/sys/net/ipv6/conf/all/disable_ipv6 file
$ cat /proc/sys/net/ipv6/conf/all/disable_ipv6
1
solved it by
$ echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6
answered Feb 11 at 8:48
l hl h
1
add a comment |
0
I encountered the same problem today and after an hour of googling about the problem i solved it by editing /proc/sys/net/ipv6/conf/all/disable_ipv6 file
$ cat /proc/sys/net/ipv6/conf/all/disable_ipv6
1
solved it by
$ echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6
answered Feb 11 at 8:48
l hl h
1
add a comment |
0
0
0
I encountered the same problem today and after an hour of googling about the problem i solved it by editing /proc/sys/net/ipv6/conf/all/disable_ipv6 file
$ cat /proc/sys/net/ipv6/conf/all/disable_ipv6
1
solved it by
$ echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6
answered Feb 11 at 8:48
l hl h
1
I encountered the same problem today and after an hour of googling about the problem i solved it by editing /proc/sys/net/ipv6/conf/all/disable_ipv6 file
$ cat /proc/sys/net/ipv6/conf/all/disable_ipv6
1
solved it by
$ echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6
answered Feb 11 at 8:48
l hl h
1
answered Feb 11 at 8:48
l hl h
1
answered Feb 11 at 8:48
l hl h
1
answered Feb 11 at 8:48
l hl h
1
1
add a comment |
add a comment |
draft saved
draft discarded
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f385966%2fopenvpn-error-status-2-and-cant-connect-to-internet-while-using%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Instead of "Please let me know. Thank you." it would have been more appropriate to have an actual interrogative sentence in your post so we know what question you want answered. E.g. "How can I have a program sent the Ctrl+C, so I don't have to type that myself?"
– Anthon
Aug 14 '17 at 5:21
@Anthon is that more along the lines of questioning? thank you.
– Ryan Fasching
Aug 15 '17 at 0:45