No traffic but successful connection

Got a problem with Viscosity or need help? Ask here!

purpleparrot

Posts: 3
Joined: Tue Jul 23, 2024 8:22 am

Post by purpleparrot » Tue Jul 23, 2024 9:04 am
Hello,

I'm using a OSX 14.5 client 1.11.2 to connect to an PFsense access server. Authentication is working but there is no traffic routing. After 30 seconds ping timeout auto restarts the connection. I tried to manually add routes with the control panel and redirect IPv4 gateway force with the server. All traffic fails to route to the default gateway of the VPN.

I appreciate your help in resolving this issue. Please see attached logs:

2024-07-22 15:57:30: [mudpaw.mywire.org] Peer Connection Initiated with [AF_INET]xxxxxxxxxxxxxxx
2024-07-22 15:57:32: Preserving previous TUN/TAP instance: utun10
2024-07-22 15:57:32: Initialization Sequence Completed
2024-07-22 15:57:32: DNS mode set to Full
2024-07-22 15:57:32: DNS Server/s: 1.1.1.1
2024-07-22 15:57:32: Global DNS change detected, restoring DNS settings
2024-07-22 15:57:33: State changed to Connected
2024-07-22 15:57:33: DNS Engine Running
2024-07-22 15:57:33: Listening on [127.0.0.1]:50217, [::1]:50217
2024-07-22 15:57:33: Primary upstream endpoint/s: 1.1.1.1:53
2024-07-22 15:57:33: DNS Engine Running
2024-07-22 15:57:33: Listening on [127.0.0.1]:50224, [::1]:50224
2024-07-22 15:57:33: Primary upstream endpoint/s: 1.1.1.1:53
2024-07-22 15:57:35: State changed to Disconnecting (Manual)
2024-07-22 15:57:36: SIGTERM[hard,] received, process exiting
2024-07-22 15:57:36: State changed to Disconnected (Process Terminated)

James

User avatar
Posts: 2371
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Tue Jul 23, 2024 10:15 pm
Hi purpleparrot,

I'm afraid we need more information to be able to determine what is going on. Please send along the details listed in the following article and we can take a closer look for you:
https://www.sparklabs.com/support/kb/ar ... ort-staff/

If you'd prefer not to post them on a public forum please feel free to email them to our support email address instead.

Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs

purpleparrot

Posts: 3
Joined: Tue Jul 23, 2024 8:22 am

Post by purpleparrot » Thu Jul 25, 2024 3:16 am
I sent an email to support. Could someone please address this issue? I'm trying to support a client who is waiting for a repair.

James

User avatar
Posts: 2371
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Thu Jul 25, 2024 1:43 pm
Thank you for providing those details.

We've reviewed the configuration and log, and it all looks find from the client-side. All traffic is being correctly routed into the VPN connection, and as far as well can tell there are no clashing routes.

The only thing that stands out is that the OpenVPN server itself isn't pushing the command for all traffic, which could mean it isn't set up to support all network traffic being routed through it. It's possible it doesn't have NAT or firewall rules correctly set up to support all internet traffic, in which case the VPN server will be simply dropping the traffic. You can test this by seeing if you can successfully ping something in the VPN IP range (for example 192.168.15.1), but not in the global range (such as 1.1.1.1). If this is the case you'll need to get in touch with the administrator of the OpenVPN server.

It's also a good idea to check that no locally installed software could be blocking the internet traffic, such as security or endpoint management software. Such software includes things like Antivirus software, firewall software, device management software, DNS proxies and some other VPN clients.

Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs

purpleparrot

Posts: 3
Joined: Tue Jul 23, 2024 8:22 am

Post by purpleparrot » Thu Jul 25, 2024 10:45 pm
Thanks for the update. The other OVPN clients are functioning fine and can ping:

localhost
VPN gateway
1.1.1.1
9.9.9.9
Along with routing traffic properly.

If I run a continual ping on 1.1.1.1, the app will block this upon successful connection. Request time outs.
5 posts Page 1 of 1