asked 2017-09-18 21:07:46 +0300
Ok just did a beta test on 2.1.1.26 on my Aquafish, imported Open VPN config file into VPN, Saved, rebooted phone, turned on VPN connection, still doesnt properly tunnel to the VPN server.
The same open VPN file from Astrill works just fine in securefishnet.
Has any Sailor actually gotten the open VPN import to work?
answered 2017-09-18 21:27:53 +0300
what says
ip route
when the tunnel is up? Is the default route going into the tunnel (default route to vpnx)? I needed to set
route 0.0.0.0 0.0.0.0 vpn_gateway
and/or (??)
redirect-gateway def1
into my ovpn file before importing it to the vpn setting to set the right default gateway.
@jolla: This problem occurs when the server distributes routes (e.g. the default route). Probably this is a normal behaviour from vpn providers. The parameters above are just a workaround!
answered 2017-09-23 22:58:09 +0300
@cy8aer Reposted your comment as answer you definately get the credit here! Absolutely amazing your solution works!! Steps to reproduce.
1. In your folder with open VPN *.ovpn files pick one you never use or barely and add line "redirect-gateway def1" somewhere in the top, above cert/key section.
2. Import profile in step 1., import. another profile/country you would like to connect using open VPN import from file function;
3. Restart phone;
4. You are now connected to VPN woooot.
5. I am using Intex Aquafish VPN 2.1.0.11 btw, caveat you have to select the first time the VPN connection wait till it says connected, select automatically connect, and reboot the phone, this has to happen for every first time of importing a profile and when switching between VPN profiles (SFOS limitation as of 2.1.1.26);
Asked: 2017-09-18 21:07:46 +0300
Seen: 849 times
Last updated: Sep 26 '17
@cy8aer
SailfishOS 2.1.1.26 (Jämsänjoki) (armv7hl) '--- [nemo@Sailfish ~]$ ip route default via 10.222.65.4 dev rmnet_data0 10.222.65.0/29 dev rmnet_data0 proto kernel scope link src 10.222.65.3 10.222.65.4 dev rmnet_data0 scope link 172.20.64.179 via 10.222.65.4 dev rmnet_data0 172.20.64.180 via 10.222.65.4 dev rmnet_data0 185.53.11.193 via 10.222.65.4 dev rmnet_data0 198.18.32.0/21 dev vpn0 proto kernel scope link src 198.18.38.9
Should be conmected to a Netherland Server, but check my ip location shows the USA aTnT server in Denver.
Where can i set route 0.0.0.0? VPN advanced setting after open VPN file import only allow tp edit the server address basically.
DarkTuring ( 2017-09-18 23:24:06 +0300 )editI observed a similar behaviour. I have tested the VPN with vpnbook, a free vpn provider: https://www.vpnbook.com/freevpn
When i open my browser and check the IP on https://www.dnsleaktest.com it seems like traffic doesn't get routed through the vpn tunnel.
When doing the DNS leak test it shows the right DNS server (from VPN).
When i connect to any VPN through terminal openvpn (manually) it is vice versa. I see the VPN IP but the wrong DNS servers (the ones from wifi via DHCP...
daywalker ( 2017-09-20 09:58:17 +0300 )edit@DarkTuring: as I expected: default route is your Cell provider not your tunnel (then you would have a vpnx device in the first default route provider). Try editing your ovpn file with my two lines above - just add the two lines if they do not exist, then re-configure your vpn setting with the new ovpn file. @jolla: connman seems not to listen on deployed routes from openvpn serverr!
cy8aer ( 2017-09-20 12:53:34 +0300 )edit@daywalker currently it appears it is using a NON VPN service to resolve my DNS requests (Google), is there a way in the configuration file to specify to only use the VPN provider DNS service? Securefishnet by the way lets the VPN server determine the request i believe.
DarkTuring ( 2017-09-23 23:08:14 +0300 )editJust went through 20 or so ovpn configs and found some that were leaking and others that werent. Also i wont use the ones with Level-3 or Google DNS servers, way too mainstream (aka corporate aka NSA backdporish).