Mullvad issue
Dinth opened this issue · 2 comments
Dinth commented
Hi. Ive got an issue connecting to mullvad VPN
my config file:
client
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
verb 3
remote-cert-tls server
ping 10
ping-restart 60
sndbuf 524288
rcvbuf 524288
cipher AES-256-CBC
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA
proto udp
auth-user-pass mullvad_userpass.txt
ca mullvad_ca.crt
tun-ipv6
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
fast-io
remote-random
remote nl-ams-013.mullvad.net 1300
remote nl-ams-005.mullvad.net 1300
remote nl-ams-010.mullvad.net 1300
remote nl-ams-003.mullvad.net 1300
remote nl-ams-011.mullvad.net 1300
remote nl-ams-017.mullvad.net 1300
remote nl-ams-016.mullvad.net 1300
remote nl-ams-004.mullvad.net 1300
remote nl-ams-009.mullvad.net 1300
remote nl-ams-015.mullvad.net 1300
remote nl-ams-012.mullvad.net 1300
remote nl-ams-002.mullvad.net 1300
remote nl-ams-014.mullvad.net 1300
remote nl-ams-018.mullvad.net 1300
remote nl-ams-006.mullvad.net 1300
and docker log:
root@debian-server1:/Data-local/docker# docker logs jackettvpn
2020-03-08 15:56:20.673612 [info] VPN_ENABLED defined as 'yes'
2020-03-08 15:56:20.735884 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/mullvad_nl_ams.ovpn
dos2unix: converting file /config/openvpn/mullvad_nl_ams.ovpn to Unix format...
2020-03-08 15:56:20.795382 [info] VPN remote line defined as 'nl-ams-013.mullvad.net 1300'
2020-03-08 15:56:20.854551 [info] VPN_REMOTE defined as 'nl-ams-013.mullvad.net'
2020-03-08 15:56:20.913531 [info] VPN_PORT defined as '1300'
2020-03-08 15:56:20.972432 [info] VPN_PROTOCOL defined as 'udp'
2020-03-08 15:56:21.030613 [info] VPN_DEVICE_TYPE defined as 'tun0'
2020-03-08 15:56:21.088646 [info] LAN_NETWORK defined as '10.10.0.0/16'
2020-03-08 15:56:21.145808 [info] NAME_SERVERS defined as '1.1.1.1,1.0.0.1'
2020-03-08 15:56:21.202843 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2020-03-08 15:56:21.261088 [info] Adding 1.1.1.1 to resolv.conf
2020-03-08 15:56:21.321050 [info] Adding 1.0.0.1 to resolv.conf
2020-03-08 15:56:21.375401 [info] PUID not defined. Defaulting to root user
2020-03-08 15:56:21.432535 [info] PGID not defined. Defaulting to root group
2020-03-08 15:56:21.487440 [info] Starting OpenVPN...
Sun Mar 8 15:56:21 2020 WARNING: file 'mullvad_userpass.txt' is group or others accessible
Sun Mar 8 15:56:21 2020 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019
Sun Mar 8 15:56:21 2020 library versions: OpenSSL 1.1.1 11 Sep 2018, LZO 2.08
Sun Mar 8 15:56:21 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]185.65.134.134:1300
Sun Mar 8 15:56:21 2020 Socket Buffers: R=[212992->425984] S=[212992->425984]
Sun Mar 8 15:56:21 2020 UDP link local: (not bound)
Sun Mar 8 15:56:21 2020 UDP link remote: [AF_INET]185.65.134.134:1300
Sun Mar 8 15:56:21 2020 TLS: Initial packet from [AF_INET]185.65.134.134:1300, sid=06321e0e 56f1764d
Sun Mar 8 15:56:21 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Mar 8 15:56:21 2020 VERIFY OK: depth=2, C=SE, ST=Gotaland, L=Gothenburg, O=Amagicom AB, OU=Mullvad, CN=Mullvad Root CA v2, emailAddress=security@mullvad.net
Sun Mar 8 15:56:21 2020 VERIFY OK: depth=1, C=SE, ST=Gotaland, O=Amagicom AB, OU=Mullvad, CN=Mullvad Intermediate CA v2, emailAddress=security@mullvad.net
Sun Mar 8 15:56:21 2020 VERIFY KU OK
Sun Mar 8 15:56:21 2020 Validating certificate extended key usage
Sun Mar 8 15:56:21 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sun Mar 8 15:56:21 2020 VERIFY EKU OK
Sun Mar 8 15:56:21 2020 VERIFY OK: depth=0, C=SE, ST=Gotaland, O=Amagicom AB, OU=Mullvad, CN=nl-ams-004.mullvad.net, emailAddress=security@mullvad.net
Sun Mar 8 15:56:21 2020 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1557', remote='link-mtu 1558'
Sun Mar 8 15:56:21 2020 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
Sun Mar 8 15:56:21 2020 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Sun Mar 8 15:56:21 2020 [nl-ams-004.mullvad.net] Peer Connection Initiated with [AF_INET]185.65.134.134:1300
Sun Mar 8 15:56:23 2020 SENT CONTROL [nl-ams-004.mullvad.net]: 'PUSH_REQUEST' (status=1)
Sun Mar 8 15:56:23 2020 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 10.14.0.1,redirect-gateway def1 bypass-dhcp,route-ipv6 0000::/2,route-ipv6 4000::/2,route-ipv6 8000::/2,route-ipv6 C000::/2,comp-lzo no,route-gateway 10.14.0.1,topology subnet,socket-flags TCP_NODELAY,ifconfig-ipv6 fdda:d0d0:cafe:1300::1009/64 fdda:d0d0:cafe:1300::,ifconfig 10.14.0.11 255.255.0.0,peer-id 1,cipher AES-256-GCM'
Sun Mar 8 15:56:23 2020 OPTIONS IMPORT: compression parms modified
Sun Mar 8 15:56:23 2020 OPTIONS IMPORT: --socket-flags option modified
Sun Mar 8 15:56:23 2020 NOTE: setsockopt TCP_NODELAY=1 failed
Sun Mar 8 15:56:23 2020 OPTIONS IMPORT: --ifconfig/up options modified
Sun Mar 8 15:56:23 2020 OPTIONS IMPORT: route options modified
Sun Mar 8 15:56:23 2020 OPTIONS IMPORT: route-related options modified
Sun Mar 8 15:56:23 2020 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sun Mar 8 15:56:23 2020 OPTIONS IMPORT: peer-id set
Sun Mar 8 15:56:23 2020 OPTIONS IMPORT: adjusting link_mtu to 1624
Sun Mar 8 15:56:23 2020 OPTIONS IMPORT: data channel crypto options modified
Sun Mar 8 15:56:23 2020 Data Channel: using negotiated cipher 'AES-256-GCM'
Sun Mar 8 15:56:23 2020 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sun Mar 8 15:56:23 2020 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sun Mar 8 15:56:23 2020 ROUTE_GATEWAY 172.17.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:11:00:08
Sun Mar 8 15:56:23 2020 GDG6: remote_host_ipv6=n/a
Sun Mar 8 15:56:23 2020 ROUTE6: default_gateway=UNDEF
Sun Mar 8 15:56:23 2020 TUN/TAP device tun0 opened
Sun Mar 8 15:56:23 2020 TUN/TAP TX queue length set to 100
Sun Mar 8 15:56:23 2020 do_ifconfig, tt->did_ifconfig_ipv6_setup=1
Sun Mar 8 15:56:23 2020 /sbin/ip link set dev tun0 up mtu 1500
Sun Mar 8 15:56:23 2020 /sbin/ip addr add dev tun0 10.14.0.11/16 broadcast 10.14.255.255
Sun Mar 8 15:56:23 2020 /sbin/ip -6 addr add fdda:d0d0:cafe:1300::1009/64 dev tun0
RTNETLINK answers: Permission denied
Sun Mar 8 15:56:23 2020 Linux ip -6 addr add failed: external program exited with error status: 2
Sun Mar 8 15:56:23 2020 Exiting due to fatal error
Dinth commented
Resolved. Added --sysctl net.ipv6.conf.all.disable_ipv6=0 to docker create.