I'm running 2 instances of Dante server on my Linux machine, one of them is called danted which is supposed to connect me to the internet through the ethernet cable and the other is sockd which is supposed to connect me through an OpenVPN connection..
The first one, danted is configured to use my ethernet cable (ens33):
internal: ens33 port=1080
external: ens33
The second one, sockd is configured to use the OpenVPN interface (tun0):
internal: ens33 port=2080
external: tun0
The Dante servers are configured properly and when OpenVPN is not connected, danted works fine but when OpenVPN connects, danted doesn't work anymore. When I check it's logs, I just see that the connection times out.
My routing table when OpenVPN is not connected looks like this:
default via 192.168.1.1 dev ens33 src 192.168.1.10 metric 202
default via 192.168.1.1 dev ens33 proto dhcp metric 20001
169.254.0.0/16 dev ens33 scope link metric 1000
192.168.1.0/24 dev ens33 proto kernel scope link src 192.168.1.10 metric 1
192.168.1.0/24 dev ens33 proto dhcp scope link src 192.168.1.10 metric 202
And when OpenVPN connects, it looks like this:
0.0.0.0/1 via 10.123.58.1 dev tun0
default via 192.168.1.1 dev ens33 src 192.168.1.10 metric 202
default via 192.168.1.1 dev ens33 proto dhcp metric 20001
10.123.58.0/23 dev tun0 proto kernel scope link src 10.123.58.65
128.0.0.0/1 via 10.123.58.1 dev tun0
169.254.0.0/16 dev ens33 scope link metric 1000
openvpn.server.wan.ipaddress via 192.168.1.1 dev ens33
192.168.1.0/24 dev ens33 proto kernel scope link src 192.168.1.10 metric 1
192.168.1.0/24 dev ens33 proto dhcp scope link src 192.168.1.10 metric 202
So OpenVPN adds 4 new routes to my table. I've tried individually deleting each of these rules or also did ip route flush dev tun0 or deleted the 0/1 rule and added a default rule for the tun0 interface; but when I try these, and test the sockd proxy server, my IP is my ethernet cable's IP, not OpenVPN's server IP.
I have no idea how to fix this, I've been Googling this a lot, I thought this was an easy task since Dante proxy server just binds to external connections.
Summary for the bounty:
I've tried using my interface's IPv4 addresses instead of the interface names, for example I used 192.168.1.10 instead of ens33 and used 10.123.58.1 instead of tun0, but didn't fix the issue (I know that OpenVPN's internal address changes every time we reconnect).
I am specifying the external (outgoing) interface in Dante configs, so from my understanding, it really shouldn't be using the Ubuntu's routing table, doesn't it just listen to incoming connections and forward them to the external interface? I don't understand why the OpenVPN added routes causes me issues, even thought I can easily ping computers on my local network, I've checked there are no firewall rules added to my iptables (iptables -n -v -L).
Here are the logs when I test the SOCKS server:
[18:18] Testing Started.
Proxy Server
Address: 192.168.1.10:1080
Protocol: SOCKS 5
Authentication: NO
[18:18] Starting: Test 1: Connection to the Proxy Server
[18:18] IP Address: 192.168.1.10
[18:18] Connection established
[18:18] Test passed.
[18:18] Starting: Test 2: Connection through the Proxy Server
[18:18] Authentication was successful.
[18:49] Error : the proxy server cannot establish connection to www.google.com:80
Error = 0x06 (Timeout).
Please confirm that the target host address is correct.
The error may also indicate that the proxy server is not operating properly.
[18:49] Test failed.
[18:49] Testing Finished.
The target host address is correct, I've checked dante-server's logs as I've said above, and I can see google.com's IP address:
Aug 26 19:01:11 (1629988271.706256) danted[106897]: info: pass(2): tcp/connect ]: 0 -> 192.168.1.15.9786 192.168.1.10.1080 -> 0, 0 -> 192.168.1.10.9786 142.250.186.174.443 -> 0: connect timeout. Session duration: 31s
When OpenVPN is disconnected, a successful connection looks like this:
Aug 26 19:06:18 (1629988578.802869) danted[106897]: info: pass(2): tcp/connect ]: 0 -> 192.168.1.15.9796 192.168.1.10.1080 -> 0, 0 -> 192.168.1.129.9796 142.250.185.238.443 -> 0: local client closed. Session duration: 10s
My question is specific about Dante-SOCKS5-Server, although I have tried Squid-HTTPS-Server and I had the same issue with it:
My question is specific about Dante-SOCKS5-Server, although I have tried Squid-HTTPS-Server and I had the same issue with it:
[05:40] Starting: Test 1: Connection to the Proxy Server
[05:40] IP Address: 192.168.1.10
[05:40] Connection established
[05:40] Test passed.
[05:40] Starting: Test 2: Connection through the Proxy Server
[06:40] Error : the proxy server cannot establish connection with 142.250.186.174:443
The error indicates that the target host is down or unreachable.
Please try to use another host and/or port as a test target.
The proxy server reply header is:
HTTP/1.1 503 Service Unavailable
Server: squid/4.10
Mime-Version: 1.0
Date: Thu, 26 Aug 2021 16:36:40 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3438
X-Squid-Error: ERR_CONNECT_FAIL 110
Vary: Accept-Language
Content-Language: en
[06:40] Test failed.
[06:40] Testing Finished.
0 Answers