Welcome to our Support Portal

Connecting VPN Inside Virtual Machine

Follow

Comments

13 comments

  • Avatar
    Jerre Wesdorp

    My route -n shows me:
    Destination Gateway Genmask Flags Metric Ref Use Iface
    0.0.0.0 192.168.1.1 0.0.0.0 UG 100 0 0 eth0
    xxxx 192.168.1.3 255.255.255.255 UGH 100 0 0 eth0
    192.168.1.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0

    and my ip address is 192.168.1.65

    so my vpn script will be?:
    ip rule add table 128 from 192.168.1.65
    ip route add table 128 to 192.168.1.0/24 dev eth0
    ip route add table 128 default via 192.168.1.3
    exit 0

  • Avatar
    Micheal S. (Edited )

    Hello Sir

    Your script has a mistake. The correct details are as follows.

    ip rule add table 128 from 192.168.1.65 ( your internal IP )
    ip route add table 128 to 192.168.1.0/24 dev eth0
    ip route add table 128 default via 192.168.1.1  ( Your Public IP Gateway )
    exit 0

    It is easier when troubleshooting this to use the Console connection so you dont get disconnected if using NoMachine. I also must advise that if you intend on connecting the VPN and still use the GUI that the performance will be poor. The VPN is really only for customers using SSH with the VPN. In any event you also have the option of using the proxy if you have issues.

    What I may suggest to the team is we may build another Kali image with the VPN script already configured so that customers can simply run the OpenVPN command. I wave just been advised that we can create this new image tomorrow so if you cannot connect the VPN you can wait till tomorrow and then we will add the new image to cloud platform and you can elect to rebuild and once rebuilt which will take about 2 minutes the VPN wil already be configured. If you want this please submit a ticket tomorrow and we will assist you with the new image but it will be the same as the current one except this one will have the VPN already configured.

     

  • Avatar
    Jerre Wesdorp

    make

    ip rule add table 128 from 192.168.1.65
    ip route add table 128 to 192.168.1.0/24 dev eth0
    ip route add table 128 default via 51.255.101.254
    exit 0

    but still doesn't work - after command sudo openvpn --config openvpn.ovpn can't connect to server - "server timeout"

  • Avatar
    Jerre Wesdorp

    Is there new image with built-in VPN config?

  • Avatar
    Micheal S. (Edited )

    ip route add table 128 default via 51.255.101.254

    you need to replace the gateway with your own and NOT  what you see in the example.

    The VPN is a free service which we offer so support is limited. Customers are advised to use their own VPN  if they do not know how to setup routing tables.

    I personally just tested the VPN and it connects fine and the 1000 other customers using it have no issues so we will not be changing our Kali image to include the VPN setup until we need to build a new version.

    Your time out could mean you are trying to connect to the VPN from out side of your VM as the VPN only connects from our public IPs.

  • Avatar
    Jerre Wesdorp

    You have written to me in ticket:

    "The last line should be 
    ip route add table 128 default via your public IP followed by 254
    so if your public IP is 51.255.101.190  then you would enter 51.255.101.254"

     

    My IP address for exemple 51.255.101.111, should I write "ip route add table 128 default via 51.255.101.111" or "ip route add table 128 default via 51.255.101.254" ?

  • Avatar
    Micheal S.

    Yes that is correct.

    As you stated you received a time out when connecting the openvpn I suggest you download the script i provided as I have tested that personally.

     

  • Avatar
    Jerre Wesdorp

    sudo nano /etc/network/if-up.d/vpn-up

    #! /bin/sh

    ip rule add table 128 from 192.168.1.65
    ip route add table 128 to 192.168.1.0/24 dev eth0
    ip route add table 128 default via 51.255.101.254
    exit 0

    reboot

    sudo openvpn --config customers.ovpn

     

    and then server disconnect

  • Avatar
    Benjamin McGuire

    This is a very simple excercise. Here is the correct way to get it working... I test it 5 minutes ago so I know for a fact this works.

    Enter these commands via a terminal session in the correct order.

    ip rule add from YOUR INTERNAL IP table 128
    ip route add table 128 to 192.168.1.0/24 dev eth0
    ip route add table 128 default via 192.168.1.1

     

    Now download the new VPN script I just uploaded. You can find the link in the VPN folder on your desktop.

    Once you run the openvpn script you will now be routing all your traffic out via the public IP of the VPN. You can confirm this via a command line

    dig +short myip.opendns.com @resolver1.opendns.com

    I hope this resolves your issue as this has been tested by me personally which I rarely do as I have staff to do that but considering the misunderstanding I felt the need to help this time.

    Regards

     

    Ben McGuire

    Founder & Head of Cyber Operations

    OneHost Cloud

     

  • Avatar
    Jerre Wesdorp

    It seems connected but the last command gets error 

    root@localhhost:~# dig +short myip.opendns.com @resolver1.opendns.com
    dig: couldn't get address for 'resolver1.opendns.com': not found

  • Avatar
    Micheal S.

    Mr McGuire changed the DNS resolvers overnight so you will need to reboot your VM to pickup the new DNS. I am not sure if that will work for existing VMs but to get that command working add Google's DNS

    nano /etc/resolv.conf

    Add  Googles DNS   8.8.8.8

    I think there will be 213.186.33.99....Replace that with 8.8.8.8 then you dig command will work and will display the IP of the VPN

  • Avatar
    Jerre Wesdorp

    Now all is ok. Thanks!

Please sign in to leave a comment.

Powered by Zendesk