DNS is leaked

Got a problem with Viscosity or need help? Ask here!

pexis

Posts: 7
Joined: Mon Sep 06, 2021 8:54 am

Post by pexis » Mon Sep 06, 2021 9:04 am
Hi all,

I noticed that my DNS is leaking when using viscosity.

I saw the following on the logs:
2021-09-06 00:49:31: WARNING: The DNS server 192.168.100.1 is not routed through the VPN connection. DNS lookups to this server may travel over a different network interface (en0)
I have the options of full DNS (with the IP of the router where the vpn is installed) and I am redirecting all the traffic via the VPN.

I think it might be due to a misconfiguration. The full log:
2021-09-06 00:49:25: Viscosity Mac 1.9.4 (1578)
2021-09-06 00:49:25: Viscosity OpenVPN Engine Started
2021-09-06 00:49:25: Running on macOS 11.5.2
2021-09-06 00:49:25: ---------
2021-09-06 00:49:25: State changed to Connecting
2021-09-06 00:49:25: Checking reachability status of connection...
2021-09-06 00:49:25: Connection is reachable. Starting connection attempt.
2021-09-06 00:49:25: OpenVPN 2.4.11 arm-apple-darwin20.0.0 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Aug 26 2021
2021-09-06 00:49:25: library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10
2021-09-06 00:49:26: Resolving address: x.ddns.net
2021-09-06 00:49:26: Valid endpoint found: XXXXX:udp
2021-09-06 00:49:26: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2021-09-06 00:49:26: TCP/UDP: Preserving recently used remote address: [AF_INET]XXXXX
2021-09-06 00:49:26: UDP link local: (not bound)
2021-09-06 00:49:26: UDP link remote: [AF_INET]XXXXX
2021-09-06 00:49:26: State changed to Authenticating
2021-09-06 00:49:26: [netgear] Peer Connection Initiated with [AF_INET]109.192.219.5:12974
2021-09-06 00:49:26: GDG6: problem writing to routing socket: No such process (errno=3)
2021-09-06 00:49:26: OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options
2021-09-06 00:49:26: OpenVPN ROUTE: failed to parse/resolve route for host/network: fc00::/7
2021-09-06 00:49:26: OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options
2021-09-06 00:49:26: OpenVPN ROUTE: failed to parse/resolve route for host/network: 3000::/4
2021-09-06 00:49:26: OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options
2021-09-06 00:49:26: OpenVPN ROUTE: failed to parse/resolve route for host/network: 2000::/4
2021-09-06 00:49:26: OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options
2021-09-06 00:49:26: OpenVPN ROUTE: failed to parse/resolve route for host/network: ::/3
2021-09-06 00:49:26: DHCP enabled on tap interface en7
2021-09-06 00:49:27: TUN/TAP device en7 opened
2021-09-06 00:49:31: NOTE: unable to redirect default gateway -- VPN gateway parameter (--route-gateway or --ifconfig) is missing
2021-09-06 00:49:31: WARNING: OpenVPN was configured to add an IPv6 route over en7. However, no IPv6 has been configured for this interface, therefore the route installation may fail or may not work as expected.
2021-09-06 00:49:31: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2021-09-06 00:49:31: Initialization Sequence Completed
2021-09-06 00:49:31: DNS mode set to Full
2021-09-06 00:49:31: DNS Server/s: 192.168.x.x
2021-09-06 00:49:31: WARNING: The DNS server 192.168.x.x is not routed through the VPN connection. DNS lookups to this server may travel over a different network interface (en0).
2021-09-06 00:49:31: State changed to Connected
2021-09-06 00:49:31: DNS change detected, restoring DNS settings
2021-09-06 00:49:54: Extracted DHCP router address: 192.168.x.x
2021-09-06 00:49:57: DNS change detected, restoring DNS settings

The extra configuration params are:
cipher AES-128-CBC
push "sndbuf 393216"
push "rcvbuf 393216"
sndbuf 393216
resolv-retry infinite
rcvbuf 393216
comp-lzo
verb 0
Any suggestion?

I would be really happy to get a couple of helping eyes here, thanks before hand!

James

User avatar
Posts: 2312
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Mon Sep 06, 2021 6:06 pm
Hi pexis,

The problem here is that your IP address information (and routing) is coming from a DHCP server, which is taking a few seconds, however OpenVPN isn't configured to wait for this information. You can fix this with two quick changes:

1. Edit your connection in Viscosity
2. Click on the "Networking" tab
3. Enter "dhcp" (without the quotes) into the "Default Gateway" field
4. Click on the "Advanced" tab
5. On a new line in the configuration commands area enter "route-delay auto" (without the quotes)
6. Click Save and try connecting

Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs

pexis

Posts: 7
Joined: Mon Sep 06, 2021 8:54 am

Post by pexis » Tue Sep 07, 2021 6:00 am
Thanks!
Works like a charm :)

pexis

Posts: 7
Joined: Mon Sep 06, 2021 8:54 am

Post by pexis » Thu Sep 09, 2021 1:42 am
Update: After a couple of day the problem persists. I double check your answer and everything is as you wrote, the updated logs are:
2021-09-08 17:33:04: Viscosity Mac 1.9.4 (1578)
2021-09-08 17:33:04: Viscosity OpenVPN Engine Started
2021-09-08 17:33:04: Running on macOS 11.5.2
2021-09-08 17:33:04: ---------
2021-09-08 17:33:04: State changed to Connecting
2021-09-08 17:33:04: Checking reachability status of connection...
2021-09-08 17:33:04: DNS resolution failed for x.ddns.net
2021-09-08 17:33:04: Connection is not reachable. Disconnecting.
2021-09-08 17:33:04: State changed to Disconnected (Not Reachable)
2021-09-08 17:33:04: Connection will be reconnected when it becomes reachable
2021-09-08 17:33:07: Reconnecting connection as it is now reachable
2021-09-08 17:33:07: Viscosity Mac 1.9.4 (1578)
2021-09-08 17:33:07: Viscosity OpenVPN Engine Started
2021-09-08 17:33:07: Running on macOS 11.5.2
2021-09-08 17:33:07: ---------
2021-09-08 17:33:07: State changed to Connecting
2021-09-08 17:33:07: Checking reachability status of connection...
2021-09-08 17:33:07: Connection is reachable. Starting connection attempt.
2021-09-08 17:33:07: OpenVPN 2.4.11 arm-apple-darwin20.0.0 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Aug 26 2021
2021-09-08 17:33:07: library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10
2021-09-08 17:33:07: Resolving address: XXXX
2021-09-08 17:33:07: Valid endpoint found: XXXX:12974:udp
2021-09-08 17:33:07: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2021-09-08 17:33:07: TCP/UDP: Preserving recently used remote address: [AF_INET]109.192.219.5:12974
2021-09-08 17:33:07: UDP link local: (not bound)
2021-09-08 17:33:07: UDP link remote: [AF_INET]XXXX:12974
2021-09-08 17:33:07: State changed to Authenticating
2021-09-08 17:33:07: [netgear] Peer Connection Initiated with [AF_INET]109.192.219.5:12974
2021-09-08 17:33:07: GDG6: problem writing to routing socket: No such process (errno=3)
2021-09-08 17:33:07: OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options
2021-09-08 17:33:07: OpenVPN ROUTE: failed to parse/resolve route for host/network: fc00::/7
2021-09-08 17:33:07: OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options
2021-09-08 17:33:07: OpenVPN ROUTE: failed to parse/resolve route for host/network: 3000::/4
2021-09-08 17:33:07: OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options
2021-09-08 17:33:07: OpenVPN ROUTE: failed to parse/resolve route for host/network: 2000::/4
2021-09-08 17:33:07: OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options
2021-09-08 17:33:07: OpenVPN ROUTE: failed to parse/resolve route for host/network: ::/3
2021-09-08 17:33:07: TUN/TAP device en7 opened
2021-09-08 17:33:07: DHCP enabled on tap interface en7
2021-09-08 17:33:29: NOTE: unable to redirect default gateway -- VPN gateway parameter (--route-gateway or --ifconfig) is missing
2021-09-08 17:33:29: WARNING: OpenVPN was configured to add an IPv6 route over en7. However, no IPv6 has been configured for this interface, therefore the route installation may fail or may not work as expected.
2021-09-08 17:33:29: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2021-09-08 17:33:29: Initialization Sequence Completed
2021-09-08 17:33:29: DNS mode set to Full
2021-09-08 17:33:29: DNS Server/s: 192.168.100.1
2021-09-08 17:33:29: WARNING: The DNS server 192.168.XXXi s not routed through the VPN connection. DNS lookups to this server may travel over a different network interface (en0).
2021-09-08 17:33:29: State changed to Connected
2021-09-08 17:33:37: Extracted DHCP router address: 192.168.XXX
2021-09-08 17:33:39: DNS change detected, restoring DNS settings
Any further suggestions?

pexis

Posts: 7
Joined: Mon Sep 06, 2021 8:54 am

Post by pexis » Thu Sep 09, 2021 2:33 am
I was able to get rid of many of those warnings following:
viewtopic.php?t=2457

Nevertheless, I still see:
2021-09-08 18:29:26: WARNING: The DNS server 192.168.100.1 is not routed through the VPN connection. DNS lookups to this server may travel over a different network interface (en0).
I think it could be a misconfiguration at my side....

James

User avatar
Posts: 2312
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Thu Sep 09, 2021 7:48 pm
Hi pexis,

Can you please post a copy of the raw configuration data for your connection? Please feel free to censor out any sensitive details before posting.
https://www.sparklabs.com/support/kb/ar ... ation-data

Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs

pexis

Posts: 7
Joined: Mon Sep 06, 2021 8:54 am

Post by pexis » Thu Sep 09, 2021 8:50 pm
Hi James,

Would yo mind to remove the ddns website of my first post?

This is the log with verb 5:
2021-09-09 12:42:30: Viscosity Mac 1.9.4 (1578)
2021-09-09 12:42:30: Viscosity OpenVPN Engine Started
2021-09-09 12:42:30: Running on macOS 11.5.2
2021-09-09 12:42:30: ---------
2021-09-09 12:42:30: State changed to Connecting
2021-09-09 12:42:30: Checking reachability status of connection...
2021-09-09 12:42:30: Connection is reachable. Starting connection attempt.
2021-09-09 12:42:30: Current Parameter Settings:
2021-09-09 12:42:30: config = 'config.conf'
2021-09-09 12:42:30: mode = 0
2021-09-09 12:42:30: show_ciphers = DISABLED
2021-09-09 12:42:30: show_digests = DISABLED
2021-09-09 12:42:30: show_engines = DISABLED
2021-09-09 12:42:30: genkey = DISABLED
2021-09-09 12:42:30: key_pass_file = '[UNDEF]'
2021-09-09 12:42:30: show_tls_ciphers = DISABLED
2021-09-09 12:42:30: connect_retry_max = 0
2021-09-09 12:42:30: Connection profiles [0]:
2021-09-09 12:42:30: proto = udp
2021-09-09 12:42:30: local = '[UNDEF]'
2021-09-09 12:42:30: local_port = '[UNDEF]'
2021-09-09 12:42:30: remote = ‘ddns’
2021-09-09 12:42:30: remote_port = '12974'
2021-09-09 12:42:30: remote_float = DISABLED
2021-09-09 12:42:30: bind_defined = DISABLED
2021-09-09 12:42:30: bind_local = DISABLED
2021-09-09 12:42:30: bind_ipv6_only = DISABLED
2021-09-09 12:42:30: connect_retry_seconds = 5
2021-09-09 12:42:30: connect_timeout = 120
2021-09-09 12:42:30: socks_proxy_server = '[UNDEF]'
2021-09-09 12:42:30: socks_proxy_port = '[UNDEF]'
2021-09-09 12:42:30: tun_mtu = 1500
2021-09-09 12:42:30: tun_mtu_defined = ENABLED
2021-09-09 12:42:30: link_mtu = 1500
2021-09-09 12:42:30: link_mtu_defined = DISABLED
2021-09-09 12:42:30: tun_mtu_extra = 32
2021-09-09 12:42:30: tun_mtu_extra_defined = ENABLED
2021-09-09 12:42:30: mtu_discover_type = -1
2021-09-09 12:42:30: fragment = 0
2021-09-09 12:42:30: mssfix = 1450
2021-09-09 12:42:30: explicit_exit_notification = 0
2021-09-09 12:42:30: Connection profiles END
2021-09-09 12:42:30: remote_random = DISABLED
2021-09-09 12:42:30: ipchange = '[UNDEF]'
2021-09-09 12:42:30: dev = 'vtap'
2021-09-09 12:42:30: dev_type = 'tap'
2021-09-09 12:42:30: dev_node = '[UNDEF]'
2021-09-09 12:42:30: lladdr = '[UNDEF]'
2021-09-09 12:42:30: topology = 1
2021-09-09 12:42:30: ifconfig_local = '[UNDEF]'
2021-09-09 12:42:30: ifconfig_remote_netmask = '[UNDEF]'
2021-09-09 12:42:30: ifconfig_noexec = DISABLED
2021-09-09 12:42:30: ifconfig_nowarn = DISABLED
2021-09-09 12:42:30: ifconfig_ipv6_local = '[UNDEF]'
2021-09-09 12:42:30: ifconfig_ipv6_netbits = 0
2021-09-09 12:42:30: ifconfig_ipv6_remote = '[UNDEF]'
2021-09-09 12:42:30: shaper = 0
2021-09-09 12:42:30: mtu_test = 0
2021-09-09 12:42:30: mlock = DISABLED
2021-09-09 12:42:30: keepalive_ping = 0
2021-09-09 12:42:30: keepalive_timeout = 0
2021-09-09 12:42:30: inactivity_timeout = 0
2021-09-09 12:42:30: ping_send_timeout = 0
2021-09-09 12:42:30: ping_rec_timeout = 0
2021-09-09 12:42:30: ping_rec_timeout_action = 0
2021-09-09 12:42:30: ping_timer_remote = DISABLED
2021-09-09 12:42:30: remap_sigusr1 = 0
2021-09-09 12:42:30: persist_tun = ENABLED
2021-09-09 12:42:30: persist_local_ip = DISABLED
2021-09-09 12:42:30: persist_remote_ip = DISABLED
2021-09-09 12:42:30: persist_key = ENABLED
2021-09-09 12:42:30: passtos = DISABLED
2021-09-09 12:42:30: resolve_retry_seconds = 1000000000
2021-09-09 12:42:30: resolve_in_advance = DISABLED
2021-09-09 12:42:30: username = '[UNDEF]'
2021-09-09 12:42:30: groupname = '[UNDEF]'
2021-09-09 12:42:30: chroot_dir = '[UNDEF]'
2021-09-09 12:42:30: cd_dir = '[UNDEF]'
2021-09-09 12:42:30: writepid = '[UNDEF]'
2021-09-09 12:42:30: up_script = '[UNDEF]'
2021-09-09 12:42:30: down_script = '[UNDEF]'
2021-09-09 12:42:30: down_pre = DISABLED
2021-09-09 12:42:30: up_restart = DISABLED
2021-09-09 12:42:30: up_delay = DISABLED
2021-09-09 12:42:30: daemon = DISABLED
2021-09-09 12:42:30: inetd = 0
2021-09-09 12:42:30: log = DISABLED
2021-09-09 12:42:30: suppress_timestamps = DISABLED
2021-09-09 12:42:30: machine_readable_output = DISABLED
2021-09-09 12:42:30: nice = 0
2021-09-09 12:42:30: verbosity = 5
2021-09-09 12:42:30: mute = 100
2021-09-09 12:42:30: status_file = '[UNDEF]'
2021-09-09 12:42:30: status_file_version = 1
2021-09-09 12:42:30: status_file_update_freq = 60
2021-09-09 12:42:30: occ = ENABLED
2021-09-09 12:42:30: rcvbuf = 393216
2021-09-09 12:42:30: sndbuf = 393216
2021-09-09 12:42:30: sockflags = 0
2021-09-09 12:42:30: fast_io = DISABLED
2021-09-09 12:42:30: comp.alg = 2
2021-09-09 12:42:30: comp.flags = 1
2021-09-09 12:42:30: route_script = '[UNDEF]'
2021-09-09 12:42:30: route_default_gateway = '[UNDEF]'
2021-09-09 12:42:30: route_default_metric = 0
2021-09-09 12:42:30: route_noexec = DISABLED
2021-09-09 12:42:30: route_delay = 120
2021-09-09 12:42:30: NOTE: --mute triggered...
2021-09-09 12:42:30: 182 variation(s) on previous 100 message(s) suppressed by --mute
2021-09-09 12:42:30: OpenVPN 2.4.11 arm-apple-darwin20.0.0 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Aug 26 2021
2021-09-09 12:42:30: library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10
2021-09-09 12:42:31: Resolving address: ddns
2021-09-09 12:42:31: Valid endpoint found: Server:udp
2021-09-09 12:42:31: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2021-09-09 12:42:31: LZO compression initializing
2021-09-09 12:42:31: Control Channel MTU parms [ L:1654 D:1212 EF:38 EB:0 ET:0 EL:3 ]
2021-09-09 12:42:31: Data Channel MTU parms [ L:1654 D:1450 EF:122 EB:411 ET:32 EL:3 ]
2021-09-09 12:42:31: Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
2021-09-09 12:42:31: Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
2021-09-09 12:42:31: TCP/UDP: Preserving recently used remote address: [AF_INET]Server:12974
2021-09-09 12:42:31: Socket Buffers: R=[786896->393216] S=[9216->393216]
2021-09-09 12:42:31: UDP link local: (not bound)
2021-09-09 12:42:31: UDP link remote: [AF_INET]Server:12974
2021-09-09 12:42:31: State changed to Authenticating
2021-09-09 12:42:31: TLS: Initial packet from [AF_INET]Server:12974, sid=1c5ffdfd 8b669bef
2021-09-09 12:42:31: VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear, emailAddress=[email protected]
2021-09-09 12:42:31: VERIFY OK: depth=0, C=TW, ST=TW, O=netgear, OU=netgear, CN=netgear, emailAddress=[email protected]
2021-09-09 12:42:31: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 1024 bit RSA
2021-09-09 12:42:31: [netgear] Peer Connection Initiated with [AF_INET]Server:12974
2021-09-09 12:42:31: SENT CONTROL [netgear]: 'PUSH_REQUEST' (status=1)
2021-09-09 12:42:31: PUSH: Received control message: 'PUSH_REPLY,sndbuf 393216,rcvbuf 393216,route 192.XXX.XXX.XXX 255.255.255.0,route-delay 5,route-gateway dhcp,ping 10,ping-restart 120,peer-id 0,cipher AES-256-GCM'
2021-09-09 12:42:31: Pushed option removed by filter: 'route-delay 5'
2021-09-09 12:42:31: OPTIONS IMPORT: timers and/or timeouts modified
2021-09-09 12:42:31: OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
2021-09-09 12:42:31: Socket Buffers: R=[393216->393216] S=[393216->393216]
2021-09-09 12:42:31: OPTIONS IMPORT: route options modified
2021-09-09 12:42:31: OPTIONS IMPORT: route-related options modified
2021-09-09 12:42:31: OPTIONS IMPORT: peer-id set
2021-09-09 12:42:31: OPTIONS IMPORT: adjusting link_mtu to 1657
2021-09-09 12:42:31: OPTIONS IMPORT: data channel crypto options modified
2021-09-09 12:42:31: Data Channel: using negotiated cipher 'AES-256-GCM'
2021-09-09 12:42:31: Data Channel MTU parms [ L:1585 D:1450 EF:53 EB:411 ET:32 EL:3 ]
2021-09-09 12:42:31: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-09-09 12:42:31: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-09-09 12:42:31: DHCP enabled on tap interface en7
2021-09-09 12:42:32: TUN/TAP device en7 opened
2021-09-09 12:42:51: Extracted DHCP router address: 192.XXX.XXX.XXX

2021-09-09 12:42:52: /sbin/route add -net 192.168.XXX.0 192.168.XXX.1 255.255.255.0
2021-09-09 12:42:52: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2021-09-09 12:42:52: Initialization Sequence Completed
2021-09-09 12:42:52: DNS mode set to Full
2021-09-09 12:42:52: DNS Server/s: 192.168.XXX.XXX
2021-09-09 12:42:52: WARNING: The DNS server 192.168.XXX.XXX is not routed through the VPN connection. DNS lookups to this server may travel over a different network interface (en0).
2021-09-09 12:42:53: State changed to Connected
2021-09-09 12:42:53: DNS change detected, restoring DNS settings
I was able to see the right IP (internal VPN network with its location using https://whatismyipaddress.com/de/meine-ip) after doing the first solution that you told me. Thanks for having a look to the problem again!

James

User avatar
Posts: 2312
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Fri Sep 10, 2021 10:26 pm
Hi pexis,

That's your log, however we really need a copy of your raw configuration file to see how your connection is configured. Information on how to obtain this can be found in the previous link.

I have edited out your server address.

Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs

James

User avatar
Posts: 2312
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Fri Sep 10, 2021 10:29 pm
Also, your remote VPN network is using the IP range 192.168.x.x. Is the network you are connecting from using the same 192.168.x.x range as well? If so, the remote range will be clashing with the local range, causing 192.168.x.x traffic to still use the local network.

Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs

pexis

Posts: 7
Joined: Mon Sep 06, 2021 8:54 am

Post by pexis » Sat Sep 11, 2021 5:37 am
The VPN network is 192.168.100.x so it shouldn't, clash with the usual 192.168.1.x networks, please correct me if I am wrong.

The configuration data is:
#-- Configuration Generated By Viscosity --#

#viscosity startonopen false
#viscosity usepeerdns true
#viscosity dns full
#viscosity protocol openvpn
#viscosity dnsserver 192.168.100.1
#viscosity autoreconnect true
#viscosity ipv6 false
#viscosity name test
#viscosity dhcp true
route-gateway dhcp
remote dens 12974 udp
nobind
dev tap
persist-tun
persist-key
compress lzo
pull
tls-client
ca ca.crt
cert cert.crt
key key.key
resolv-retry infinite
route-delay auto
push "sndbuf 393216"
push "rcvbuf 393216"
cipher AES-128-CBC
rcvbuf 393216
comp-lzo
verb 5
sndbuf 393216
Cheers,
J
13 posts Page 1 of 2