I'm learning with a Kali Linux on a VM and I am not able to connect through any VPN from vpnbook.com. I am following this tutorials, but I get stuck in the part where it connects through the VPN.
After installing OpenVPN, and starting it with the .ovpn file I get the following:
──(root㉿kali)-[~/Downloads/OpenVPN/vpnbook-openvpn-de20]
└─# openvpn vpnbook-de20-udp53.ovpn
2023-12-01 07:54:13 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2023-12-01 07:54:13 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
2023-12-01 07:54:13 Note: '--allow-compression' is not set to 'no', disabling data channel offload.
2023-12-01 07:54:13 OpenVPN 2.6.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
2023-12-01 07:54:13 library versions: OpenSSL 3.0.11 19 Sep 2023, LZO 2.10
2023-12-01 07:54:13 DCO version: N/A
Enter Auth Username: vpnbook
Enter Auth Password: *******
2023-12-01 07:54:20 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2023-12-01 07:54:20 TCP/UDP: Preserving recently used remote address: [AF_INET]51.75.145.20:53
2023-12-01 07:54:20 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-12-01 07:54:20 UDPv4 link local: (not bound)
2023-12-01 07:54:20 UDPv4 link remote: [AF_INET]51.75.145.20:53
2023-12-01 07:54:20 TLS: Initial packet from [AF_INET]51.75.145.20:53, sid=73db1ef3 01a8d66b
2023-12-01 07:54:20 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2023-12-01 07:54:21 VERIFY OK: depth=1, CN=vpnbook.com
2023-12-01 07:54:21 VERIFY OK: depth=0, CN=server.vpnbook.com
2023-12-01 07:54:21 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bits RSA, signature: RSA-SHA256, peer temporary key: 253 bits X25519
2023-12-01 07:54:21 [server.vpnbook.com] Peer Connection Initiated with [AF_INET]51.75.145.20:53
2023-12-01 07:54:21 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2023-12-01 07:54:21 TLS: tls_multi_process: initial untrusted session promoted to trusted
2023-12-01 07:54:21 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 213.186.33.99,dhcp-option DNS 91.239.100.100,route 10.8.0.1,topology net30,ping 5,ping-restart 30,ifconfig 10.8.0.26 10.8.0.25,peer-id 2,cipher AES-256-GCM'
2023-12-01 07:54:21 WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2023-12-01 07:54:21 OPTIONS IMPORT: --ifconfig/up options modified
2023-12-01 07:54:21 OPTIONS IMPORT: route options modified
2023-12-01 07:54:21 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2023-12-01 07:54:21 net_route_v4_best_gw query: dst 0.0.0.0
2023-12-01 07:54:21 net_route_v4_best_gw result: via 192.168.1.1 dev eth0
2023-12-01 07:54:21 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=eth0 HWADDR=08:00:27:cb:7e:f5
2023-12-01 07:54:21 TUN/TAP device tun0 opened
2023-12-01 07:54:21 net_iface_mtu_set: mtu 1500 for tun0
2023-12-01 07:54:21 net_iface_up: set tun0 up
2023-12-01 07:54:21 net_addr_ptp_v4_add: 10.8.0.26 peer 10.8.0.25 dev tun0
2023-12-01 07:54:21 Data Channel: cipher 'AES-256-GCM', peer-id: 2, compression: 'lzo'
2023-12-01 07:54:21 Timers: ping 5, ping-restart 30
2023-12-01 07:54:23 net_route_v4_add: 51.75.145.20/32 via 192.168.1.1 dev [NULL] table 0 metric -1
2023-12-01 07:54:23 net_route_v4_add: 0.0.0.0/1 via 10.8.0.25 dev [NULL] table 0 metric -1
2023-12-01 07:54:23 net_route_v4_add: 128.0.0.0/1 via 10.8.0.25 dev [NULL] table 0 metric -1
2023-12-01 07:54:23 net_route_v4_add: 10.8.0.1/32 via 10.8.0.25 dev [NULL] table 0 metric -1
2023-12-01 07:54:23 Initialization Sequence Completed
But firefox is not able to load any web page.
The traceroute 8.8.8.8
(with the vpn up) gives me:
┌──(root㉿kali)-[/etc]
└─# traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 10.8.0.1 (10.8.0.1) 32.022 ms 31.965 ms 31.913 ms
2 51.75.145.252 (51.75.145.252) 32.077 ms 32.099 ms 32.106 ms
3 10.161.42.124 (10.161.42.124) 31.896 ms 31.831 ms 31.770 ms
4 10.17.242.98 (10.17.242.98) 31.922 ms 31.772 ms 10.17.242.96 (10.17.242.96) 31.588 ms
5 * 10.73.40.36 (10.73.40.36) 31.418 ms *
6 * * *
7 91.121.215.116 (91.121.215.116) 33.100 ms 32.963 ms 94.23.122.246 (94.23.122.246) 32.993 ms
8 10.200.0.19 (10.200.0.19) 31.426 ms * 31.325 ms
9 * * *
10 108.170.251.193 (108.170.251.193) 32.662 ms * *
11 * * *
12 * * *
13 8.8.8.8 (8.8.8.8) 30.591 ms 30.569 ms 31.968 ms
Any ideas? Thanks in advanced for the patience.
Edit:
My resolv.conf
# Generated by NetworkManager
search Home
nameserver 77.26.11.233
nameserver 212.142.173.65
ping
a public IP like8.8.8.8
? What about a domain name likewww.google.com
?/etc/resolv.conf
and output ofresolvectl
?resolv.conf
. And theresolvectl
times out.nslookup www.google.com 77.26.11.233
/nslookup www.google.com 212.142.173.65
resolve the domain name successfully? Sounds weird thatresolvectl
"times out". Maybe you want tosudo systemctl disable --now systemd-resolved
.