OpenVPN error status: 2, and can't connect to internet while using
0
I recently installed openVPN and configured it with my client1.ovpn file:
client
dev tun
proto udp
remote 10.8.0.1 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
key-direction 1
cipher AES-128-CBC
auth SHA256
comp-lzo
verb 3
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
my server.conf file:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC # AES
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
When I do the command
sudo openvpn --config client1.ovpn
I get this error in the terminal:
Sat Aug 12 21:57:10 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL
(OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Sat Aug 12 21:57:10 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016,
LZO 2.08
Sat Aug 12 21:57:10 2017 Control Channel Authentication: tls-auth
using INLINE static key file
Sat Aug 12 21:57:10 2017 Outgoing Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Incoming Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Socket Buffers: R=[212992->212992] S=[212992-
>212992]
Sat Aug 12 21:57:10 2017 NOTE: UID/GID downgrade will be delayed
because of --client, --pull, or --up-delay
Sat Aug 12 21:57:10 2017 UDPv4 link local: [undef]
Sat Aug 12 21:57:10 2017 UDPv4 link remote: [AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:10 2017 TLS: Initial packet from
[AF_INET]10.8.0.1:1194, sid=640d1419 b8d9a3ee
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=1, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Fort-Funston CA,
name=Server, emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Validating certificate key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has key usage 00a0, expects
00a0
Sat Aug 12 21:57:10 2017 VERIFY KU OK
Sat Aug 12 21:57:10 2017 Validating certificate extended key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has EKU (str) TLS Web Server
Authentication, expects TLS Web Server Authentication
Sat Aug 12 21:57:10 2017 VERIFY EKU OK
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=0, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Ryan, name=Server,
emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3
DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat Aug 12 21:57:10 2017 [Ryan] Peer Connection Initiated with
[AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:12 2017 SENT CONTROL [Ryan]: 'PUSH_REQUEST'
(status=1)
Sat Aug 12 21:57:12 2017 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS
208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology
net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: timers and/or timeouts
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ifconfig/up options
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: route options modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-
option options modified
Sat Aug 12 21:57:12 2017 WARNING: potential conflict between --remote
address [10.8.0.1] and --ifconfig address pair [10.8.0.6, 10.8.0.5] --
this is a warning only that is triggered when local/remote addresses
exist within the same /24 subnet as --ifconfig endpoints. (silence
this warning with --ifconfig-nowarn)
Sat Aug 12 21:57:12 2017 ROUTE_GATEWAY 10.15.65.1/255.255.255.0
IFACE=wlp1s0 HWADDR=d0:57:7b:09:c7:c0
Sat Aug 12 21:57:12 2017 TUN/TAP device tun1 opened
Sat Aug 12 21:57:12 2017 TUN/TAP TX queue length set to 100
Sat Aug 12 21:57:12 2017 do_ifconfig, tt->ipv6=0, tt-
>did_ifconfig_ipv6_setup=0
Sat Aug 12 21:57:12 2017 /sbin/ip link set dev tun1 up mtu 1500
Sat Aug 12 21:57:12 2017 /sbin/ip addr add dev tun1 local 10.8.0.6
peer 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.15.65.1
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 /sbin/ip route add 0.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 128.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.8.0.5
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 GID set to nogroup
Sat Aug 12 21:57:12 2017 UID set to nobody
Sat Aug 12 21:57:12 2017 Initialization Sequence Completed
I also cannot connect to the internet while openvpn is in use in the terminal. It isn't until I hit crtl+c before I'm able to connect to the internet again.
After ctrl+c I get these errors as well:
^CSat Aug 12 21:57:56 2017 event_wait : Interrupted system call
(code=4)
Sat Aug 12 21:57:56 2017 /sbin/ip route del 10.8.0.1/32
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 0.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 128.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 Closing TUN/TAP interface
Sat Aug 12 21:57:56 2017 /sbin/ip addr del dev tun1 local 10.8.0.6
peer 10.8.0.5
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 Linux ip addr del failed: external program
exited with error status: 2
Sat Aug 12 21:57:56 2017 SIGINT[hard,] received, process exiting
I have been trying to find an answer to this question a lot on google already with no luck. What is causing this error of " ERROR: Linux route add command failed:
external program exited with error status: 2" as well as being able to connect to the internet when using. Thanks.
ubuntu networking openvpn
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11
add a comment |
0
I recently installed openVPN and configured it with my client1.ovpn file:
client
dev tun
proto udp
remote 10.8.0.1 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
key-direction 1
cipher AES-128-CBC
auth SHA256
comp-lzo
verb 3
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
my server.conf file:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC # AES
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
When I do the command
sudo openvpn --config client1.ovpn
I get this error in the terminal:
Sat Aug 12 21:57:10 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL
(OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Sat Aug 12 21:57:10 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016,
LZO 2.08
Sat Aug 12 21:57:10 2017 Control Channel Authentication: tls-auth
using INLINE static key file
Sat Aug 12 21:57:10 2017 Outgoing Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Incoming Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Socket Buffers: R=[212992->212992] S=[212992-
>212992]
Sat Aug 12 21:57:10 2017 NOTE: UID/GID downgrade will be delayed
because of --client, --pull, or --up-delay
Sat Aug 12 21:57:10 2017 UDPv4 link local: [undef]
Sat Aug 12 21:57:10 2017 UDPv4 link remote: [AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:10 2017 TLS: Initial packet from
[AF_INET]10.8.0.1:1194, sid=640d1419 b8d9a3ee
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=1, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Fort-Funston CA,
name=Server, emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Validating certificate key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has key usage 00a0, expects
00a0
Sat Aug 12 21:57:10 2017 VERIFY KU OK
Sat Aug 12 21:57:10 2017 Validating certificate extended key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has EKU (str) TLS Web Server
Authentication, expects TLS Web Server Authentication
Sat Aug 12 21:57:10 2017 VERIFY EKU OK
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=0, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Ryan, name=Server,
emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3
DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat Aug 12 21:57:10 2017 [Ryan] Peer Connection Initiated with
[AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:12 2017 SENT CONTROL [Ryan]: 'PUSH_REQUEST'
(status=1)
Sat Aug 12 21:57:12 2017 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS
208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology
net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: timers and/or timeouts
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ifconfig/up options
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: route options modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-
option options modified
Sat Aug 12 21:57:12 2017 WARNING: potential conflict between --remote
address [10.8.0.1] and --ifconfig address pair [10.8.0.6, 10.8.0.5] --
this is a warning only that is triggered when local/remote addresses
exist within the same /24 subnet as --ifconfig endpoints. (silence
this warning with --ifconfig-nowarn)
Sat Aug 12 21:57:12 2017 ROUTE_GATEWAY 10.15.65.1/255.255.255.0
IFACE=wlp1s0 HWADDR=d0:57:7b:09:c7:c0
Sat Aug 12 21:57:12 2017 TUN/TAP device tun1 opened
Sat Aug 12 21:57:12 2017 TUN/TAP TX queue length set to 100
Sat Aug 12 21:57:12 2017 do_ifconfig, tt->ipv6=0, tt-
>did_ifconfig_ipv6_setup=0
Sat Aug 12 21:57:12 2017 /sbin/ip link set dev tun1 up mtu 1500
Sat Aug 12 21:57:12 2017 /sbin/ip addr add dev tun1 local 10.8.0.6
peer 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.15.65.1
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 /sbin/ip route add 0.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 128.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.8.0.5
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 GID set to nogroup
Sat Aug 12 21:57:12 2017 UID set to nobody
Sat Aug 12 21:57:12 2017 Initialization Sequence Completed
I also cannot connect to the internet while openvpn is in use in the terminal. It isn't until I hit crtl+c before I'm able to connect to the internet again.
After ctrl+c I get these errors as well:
^CSat Aug 12 21:57:56 2017 event_wait : Interrupted system call
(code=4)
Sat Aug 12 21:57:56 2017 /sbin/ip route del 10.8.0.1/32
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 0.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 128.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 Closing TUN/TAP interface
Sat Aug 12 21:57:56 2017 /sbin/ip addr del dev tun1 local 10.8.0.6
peer 10.8.0.5
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 Linux ip addr del failed: external program
exited with error status: 2
Sat Aug 12 21:57:56 2017 SIGINT[hard,] received, process exiting
I have been trying to find an answer to this question a lot on google already with no luck. What is causing this error of " ERROR: Linux route add command failed:
external program exited with error status: 2" as well as being able to connect to the internet when using. Thanks.
ubuntu networking openvpn
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11
Instead of "Please let me know. Thank you." it would have been more appropriate to have an actual interrogative sentence in your post so we know what question you want answered. E.g. "How can I have a program sent the Ctrl+C, so I don't have to type that myself?"
– Anthon
Aug 14 '17 at 5:21
@Anthon is that more along the lines of questioning? thank you.
– Ryan Fasching
Aug 15 '17 at 0:45
add a comment |
0
0
0
I recently installed openVPN and configured it with my client1.ovpn file:
client
dev tun
proto udp
remote 10.8.0.1 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
key-direction 1
cipher AES-128-CBC
auth SHA256
comp-lzo
verb 3
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
my server.conf file:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC # AES
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
When I do the command
sudo openvpn --config client1.ovpn
I get this error in the terminal:
Sat Aug 12 21:57:10 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL
(OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Sat Aug 12 21:57:10 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016,
LZO 2.08
Sat Aug 12 21:57:10 2017 Control Channel Authentication: tls-auth
using INLINE static key file
Sat Aug 12 21:57:10 2017 Outgoing Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Incoming Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Socket Buffers: R=[212992->212992] S=[212992-
>212992]
Sat Aug 12 21:57:10 2017 NOTE: UID/GID downgrade will be delayed
because of --client, --pull, or --up-delay
Sat Aug 12 21:57:10 2017 UDPv4 link local: [undef]
Sat Aug 12 21:57:10 2017 UDPv4 link remote: [AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:10 2017 TLS: Initial packet from
[AF_INET]10.8.0.1:1194, sid=640d1419 b8d9a3ee
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=1, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Fort-Funston CA,
name=Server, emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Validating certificate key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has key usage 00a0, expects
00a0
Sat Aug 12 21:57:10 2017 VERIFY KU OK
Sat Aug 12 21:57:10 2017 Validating certificate extended key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has EKU (str) TLS Web Server
Authentication, expects TLS Web Server Authentication
Sat Aug 12 21:57:10 2017 VERIFY EKU OK
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=0, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Ryan, name=Server,
emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3
DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat Aug 12 21:57:10 2017 [Ryan] Peer Connection Initiated with
[AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:12 2017 SENT CONTROL [Ryan]: 'PUSH_REQUEST'
(status=1)
Sat Aug 12 21:57:12 2017 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS
208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology
net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: timers and/or timeouts
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ifconfig/up options
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: route options modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-
option options modified
Sat Aug 12 21:57:12 2017 WARNING: potential conflict between --remote
address [10.8.0.1] and --ifconfig address pair [10.8.0.6, 10.8.0.5] --
this is a warning only that is triggered when local/remote addresses
exist within the same /24 subnet as --ifconfig endpoints. (silence
this warning with --ifconfig-nowarn)
Sat Aug 12 21:57:12 2017 ROUTE_GATEWAY 10.15.65.1/255.255.255.0
IFACE=wlp1s0 HWADDR=d0:57:7b:09:c7:c0
Sat Aug 12 21:57:12 2017 TUN/TAP device tun1 opened
Sat Aug 12 21:57:12 2017 TUN/TAP TX queue length set to 100
Sat Aug 12 21:57:12 2017 do_ifconfig, tt->ipv6=0, tt-
>did_ifconfig_ipv6_setup=0
Sat Aug 12 21:57:12 2017 /sbin/ip link set dev tun1 up mtu 1500
Sat Aug 12 21:57:12 2017 /sbin/ip addr add dev tun1 local 10.8.0.6
peer 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.15.65.1
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 /sbin/ip route add 0.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 128.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.8.0.5
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 GID set to nogroup
Sat Aug 12 21:57:12 2017 UID set to nobody
Sat Aug 12 21:57:12 2017 Initialization Sequence Completed
I also cannot connect to the internet while openvpn is in use in the terminal. It isn't until I hit crtl+c before I'm able to connect to the internet again.
After ctrl+c I get these errors as well:
^CSat Aug 12 21:57:56 2017 event_wait : Interrupted system call
(code=4)
Sat Aug 12 21:57:56 2017 /sbin/ip route del 10.8.0.1/32
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 0.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 128.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 Closing TUN/TAP interface
Sat Aug 12 21:57:56 2017 /sbin/ip addr del dev tun1 local 10.8.0.6
peer 10.8.0.5
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 Linux ip addr del failed: external program
exited with error status: 2
Sat Aug 12 21:57:56 2017 SIGINT[hard,] received, process exiting
I have been trying to find an answer to this question a lot on google already with no luck. What is causing this error of " ERROR: Linux route add command failed:
external program exited with error status: 2" as well as being able to connect to the internet when using. Thanks.
ubuntu networking openvpn
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11
I recently installed openVPN and configured it with my client1.ovpn file:
client
dev tun
proto udp
remote 10.8.0.1 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
key-direction 1
cipher AES-128-CBC
auth SHA256
comp-lzo
verb 3
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
my server.conf file:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC # AES
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
When I do the command
sudo openvpn --config client1.ovpn
I get this error in the terminal:
Sat Aug 12 21:57:10 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL
(OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Sat Aug 12 21:57:10 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016,
LZO 2.08
Sat Aug 12 21:57:10 2017 Control Channel Authentication: tls-auth
using INLINE static key file
Sat Aug 12 21:57:10 2017 Outgoing Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Incoming Control Channel Authentication:
Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Socket Buffers: R=[212992->212992] S=[212992-
>212992]
Sat Aug 12 21:57:10 2017 NOTE: UID/GID downgrade will be delayed
because of --client, --pull, or --up-delay
Sat Aug 12 21:57:10 2017 UDPv4 link local: [undef]
Sat Aug 12 21:57:10 2017 UDPv4 link remote: [AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:10 2017 TLS: Initial packet from
[AF_INET]10.8.0.1:1194, sid=640d1419 b8d9a3ee
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=1, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Fort-Funston CA,
name=Server, emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Validating certificate key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has key usage 00a0, expects
00a0
Sat Aug 12 21:57:10 2017 VERIFY KU OK
Sat Aug 12 21:57:10 2017 Validating certificate extended key usage
Sat Aug 12 21:57:10 2017 ++ Certificate has EKU (str) TLS Web Server
Authentication, expects TLS Web Server Authentication
Sat Aug 12 21:57:10 2017 VERIFY EKU OK
Sat Aug 12 21:57:10 2017 VERIFY OK: depth=0, C=US, ST=CA, L=Los
Angeles, O=Fort-Funston, OU=Community, CN=Ryan, name=Server,
emailAddress=fasching.ryan@gmail.com
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Cipher 'AES-128-CBC'
initialized with 128 bit key
Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Using 256 bit message
hash 'SHA256' for HMAC authentication
Sat Aug 12 21:57:10 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3
DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat Aug 12 21:57:10 2017 [Ryan] Peer Connection Initiated with
[AF_INET]10.8.0.1:1194
Sat Aug 12 21:57:12 2017 SENT CONTROL [Ryan]: 'PUSH_REQUEST'
(status=1)
Sat Aug 12 21:57:12 2017 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS
208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology
net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: timers and/or timeouts
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ifconfig/up options
modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: route options modified
Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-
option options modified
Sat Aug 12 21:57:12 2017 WARNING: potential conflict between --remote
address [10.8.0.1] and --ifconfig address pair [10.8.0.6, 10.8.0.5] --
this is a warning only that is triggered when local/remote addresses
exist within the same /24 subnet as --ifconfig endpoints. (silence
this warning with --ifconfig-nowarn)
Sat Aug 12 21:57:12 2017 ROUTE_GATEWAY 10.15.65.1/255.255.255.0
IFACE=wlp1s0 HWADDR=d0:57:7b:09:c7:c0
Sat Aug 12 21:57:12 2017 TUN/TAP device tun1 opened
Sat Aug 12 21:57:12 2017 TUN/TAP TX queue length set to 100
Sat Aug 12 21:57:12 2017 do_ifconfig, tt->ipv6=0, tt-
>did_ifconfig_ipv6_setup=0
Sat Aug 12 21:57:12 2017 /sbin/ip link set dev tun1 up mtu 1500
Sat Aug 12 21:57:12 2017 /sbin/ip addr add dev tun1 local 10.8.0.6
peer 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.15.65.1
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 /sbin/ip route add 0.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 128.0.0.0/1 via 10.8.0.5
Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.8.0.5
RTNETLINK answers: File exists
Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed:
external program exited with error status: 2
Sat Aug 12 21:57:12 2017 GID set to nogroup
Sat Aug 12 21:57:12 2017 UID set to nobody
Sat Aug 12 21:57:12 2017 Initialization Sequence Completed
I also cannot connect to the internet while openvpn is in use in the terminal. It isn't until I hit crtl+c before I'm able to connect to the internet again.
After ctrl+c I get these errors as well:
^CSat Aug 12 21:57:56 2017 event_wait : Interrupted system call
(code=4)
Sat Aug 12 21:57:56 2017 /sbin/ip route del 10.8.0.1/32
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 0.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 /sbin/ip route del 128.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed:
external program exited with error status: 2
Sat Aug 12 21:57:56 2017 Closing TUN/TAP interface
Sat Aug 12 21:57:56 2017 /sbin/ip addr del dev tun1 local 10.8.0.6
peer 10.8.0.5
RTNETLINK answers: Operation not permitted
Sat Aug 12 21:57:56 2017 Linux ip addr del failed: external program
exited with error status: 2
Sat Aug 12 21:57:56 2017 SIGINT[hard,] received, process exiting
I have been trying to find an answer to this question a lot on google already with no luck. What is causing this error of " ERROR: Linux route add command failed:
external program exited with error status: 2" as well as being able to connect to the internet when using. Thanks.
ubuntu networking openvpn
ubuntu networking openvpn
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11
edited Aug 15 '17 at 2:09
Ryan Fasching
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11
asked Aug 14 '17 at 4:19
Ryan FaschingRyan Fasching
11
11
Instead of "Please let me know. Thank you." it would have been more appropriate to have an actual interrogative sentence in your post so we know what question you want answered. E.g. "How can I have a program sent the Ctrl+C, so I don't have to type that myself?"
– Anthon
Aug 14 '17 at 5:21
@Anthon is that more along the lines of questioning? thank you.
– Ryan Fasching
Aug 15 '17 at 0:45
add a comment |
Instead of "Please let me know. Thank you." it would have been more appropriate to have an actual interrogative sentence in your post so we know what question you want answered. E.g. "How can I have a program sent the Ctrl+C, so I don't have to type that myself?"
– Anthon
Aug 14 '17 at 5:21
@Anthon is that more along the lines of questioning? thank you.
– Ryan Fasching
Aug 15 '17 at 0:45
Instead of "Please let me know. Thank you." it would have been more appropriate to have an actual interrogative sentence in your post so we know what question you want answered. E.g. "How can I have a program sent the Ctrl+C, so I don't have to type that myself?"
– Anthon
Aug 14 '17 at 5:21
Instead of "Please let me know. Thank you." it would have been more appropriate to have an actual interrogative sentence in your post so we know what question you want answered. E.g. "How can I have a program sent the Ctrl+C, so I don't have to type that myself?"
– Anthon
Aug 14 '17 at 5:21
@Anthon is that more along the lines of questioning? thank you.
– Ryan Fasching
Aug 15 '17 at 0:45
@Anthon is that more along the lines of questioning? thank you.
– Ryan Fasching
Aug 15 '17 at 0:45
add a comment |
1 Answer
1
active
oldest
votes
0
I encountered the same problem today and after an hour of googling about the problem i solved it by editing /proc/sys/net/ipv6/conf/all/disable_ipv6 file
$ cat /proc/sys/net/ipv6/conf/all/disable_ipv6
1
solved it by
$ echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6
answered 17 mins ago
l hl h
1
New contributor
l h is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f385966%2fopenvpn-error-status-2-and-cant-connect-to-internet-while-using%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
0
I encountered the same problem today and after an hour of googling about the problem i solved it by editing /proc/sys/net/ipv6/conf/all/disable_ipv6 file
$ cat /proc/sys/net/ipv6/conf/all/disable_ipv6
1
solved it by
$ echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6
answered 17 mins ago
l hl h
1
New contributor
l h is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
0
I encountered the same problem today and after an hour of googling about the problem i solved it by editing /proc/sys/net/ipv6/conf/all/disable_ipv6 file
$ cat /proc/sys/net/ipv6/conf/all/disable_ipv6
1
solved it by
$ echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6
answered 17 mins ago
l hl h
1
New contributor
l h is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
0
0
0
I encountered the same problem today and after an hour of googling about the problem i solved it by editing /proc/sys/net/ipv6/conf/all/disable_ipv6 file
$ cat /proc/sys/net/ipv6/conf/all/disable_ipv6
1
solved it by
$ echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6
answered 17 mins ago
l hl h
1
New contributor
l h is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I encountered the same problem today and after an hour of googling about the problem i solved it by editing /proc/sys/net/ipv6/conf/all/disable_ipv6 file
$ cat /proc/sys/net/ipv6/conf/all/disable_ipv6
1
solved it by
$ echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6
answered 17 mins ago
l hl h
1
New contributor
l h is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 17 mins ago
l hl h
1
New contributor
l h is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 17 mins ago
l hl h
1
answered 17 mins ago
l hl h
1
1
New contributor
l h is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
l h is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
l h is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
draft saved
draft discarded
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f385966%2fopenvpn-error-status-2-and-cant-connect-to-internet-while-using%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Instead of "Please let me know. Thank you." it would have been more appropriate to have an actual interrogative sentence in your post so we know what question you want answered. E.g. "How can I have a program sent the Ctrl+C, so I don't have to type that myself?"
– Anthon
Aug 14 '17 at 5:21
@Anthon is that more along the lines of questioning? thank you.
– Ryan Fasching
Aug 15 '17 at 0:45