So I’m trying to connect my VPN while reading the arch wiki, and it says standard kernel should have tun module… but according to this output, I don’t?
Mon Jul 16 21:28:27 2018 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Jul 16 21:28:27 2018 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Jul 16 21:28:27 2018 ROUTE_GATEWAY 10.0.0.1/255.255.255.0 IFACE=wlp1s0 HWADDR=3c:95:09:60:2b:db
Mon Jul 16 21:28:27 2018 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such device (errno=19)
Mon Jul 16 21:28:27 2018 Exiting due to fatal error
1 jase@yxia ~/ipvanish % sudo modprobe tun :(
modprobe: FATAL: Module tun not found in directory /lib/modules/4.17.5-1-ARCH
Thank you for your guidance. Unfortunately I don’t think that’s what I need, though I did try it, and still received a no such device /dev/net/tun error
I only tried to modprobe it out of old habit. This is an OpenVPN connection and I have networkmanager-openvpn but I don’t want to configure it manually, and they don’t exactly give detailed instructions on their sites how to do it in that method.
1 jase@yxia ~/ipvanish % sudo openvpn --config ipvanish-US-New-York-nyc-a21.ovpn :(
this is the command I am attempting to run.
find /lib/modules/ -iname 'tun.ko.gz'
# use the file found above, this is just for example
insmod /lib/modules/4.16.9-1-ARCH/kernel/drivers/net/tun.ko.gz
If that still fails try
sudo mkdir -p /dev/net
sudo mknod /dev/net/tun c 10 200
Try finding the module somewhere. You’ll need to do this as root and it might still throw some errors, but at the end it should give you a list of files it found matching the -name 'regexp' if you search through them perhaps it’s just buried somewhere else
find / -name 'tun*'
Beyond this and installing networkmanager-vpnc, I’m not sure what other advice to offer.
Have you asked ipvanish for help? It could be their module needs to be configured. I use NordVPN and had issues at first, but added other network managers to get it to work. I have forgotten exactly how I did it, but will try to reverse engineer to see how I did it and give you a possible solution.
Yes, I asked IP vanish for help, and am following the archWiki. They had a script for kali linux, but it seemed to be a generic script meant for Linux in general, and I followed the instructions for that.
130 jase@yxia ~/ipvanish % sudo ./ipvanish-vpn-linux start :(
./ipvanish-vpn-linux: line 123: cd: /root/ipvanish: No such file or directory
Checking Internet Connection
- Internet connection test: PASS
- DNS test: PASS
Connecting IPVanish VPN
- Enter your IPVanish username [nin.is.my.hero@gmail.com]:
- Enter your IPVanish password:
- Enter VPN server name [bos-c02.ipvanish.com]:
- Enter VPN protocol [udp]:
Options error: In [CMD-LINE]:1: Error opening configuration file: /root/ipvanish/openvpn.conf
Use --help for more information.
jase@yxia ~/ipvanish %
should I try that insmod command again with the tun.ko.xz?
–edit I tried the insmod command with the tun.ko.xz
Great success seems to be working. I’ll report back if it isn’t.
Now what to do when kernel updates?
Will I have to run insmod everytime I want to connect? after a reboot I mean
Thank you for your help guys
I also found the spot for importing a vpn connection too, in networkmanager GUI, so now I feel double dumb… I didn’t see it last night, only the spot to manually configure.
Alright… so I’ve tried connecting from terminal and from network manager… my IP never seems to change though even on successful connection. I’ll ask IPVanish again, and see if they responded to my email. <<<<< This is solved.
I’m afraid that doing that will break normal connections from how it’s worded. <<< concern
ALSO, it does seem to be working, according to ipleak.net. But my IPv6 doesn’t change… which I know IPVanish doesn’t “yet” support IPv6, so that’s fine… how could I possibly test/set whether or not all requests are sent and received over IPv4… I tried the dns leak tool at ipleak.net which showed fine, but how can I be certain I’m not using IPv6 without disabling it for the system? I will google this, and find out. Because it defeats the purpose if I’m giving away my location over ipv6, which it seems to be doing according to other metrics on the page.
I’ve just realized that the above, and below are the same thing probably huh, just worded differently?
was the one I was going to suggest to you as I tried to find other resources. If your IPv6 is not setup on your router, then you will not have to be concerned about that issue.
i’m also guessing that you’re using the openVPN app as well? As for breaking your communications, since you have it working through IPvanish, I would let it be.
I also found the spot for importing a vpn connection too, in networkmanager GUI, so now I feel double dumb… I didn’t see it last night, only the spot to manually configure.
Actually, that vpn spot would not have shown up unless did the manual configuration from the above wiki. If you had looked in the GUI, before doing the steps required in the wiki, you would have not found it.
I would also suggest that you choose several sites from IPvanish and configure them as well for when other sites are too busy.
Yeah, I have their full set of configs in the ipvanish folder. I noticed that when I ran the torrent test though on ipleak.net, that my IPv6 showed up as a result… That’s what concerns me. I have an IPv6 address actively being shown to the internet, is my understanding. Which still allows users to locate me, right? I don’t torrent often, but a hole is a hole. Guess I’ll have to try and wiggle out the worms.
If IPvanish doesn’t have any configuration for an IPv6 socket, you may have to make sure that you only us IPv4 socket. I will have to do some research on this, but yeah, if you have data going in and out through IPv6 it would be like putting a screen door on a submarine.
This may also help you to disable and enable IPv6 in AL. like this:
To disable IPv6 in NetworkManager, right click the network status icon, and select Edit Connections > Wired > Network name > Edit > IPv6 Settings > Method > Ignore/Disabled
Alright. So I’ll have to do that for any connection that I wish to use my VPN on? This is a laptop, so it’s a couple of connections. That would be best bet I guess then. Thank you @sevenday4
Setting it to ignore didn’t do anything it seemed, so I set it to link-local.
systemd-networkd
networkd supports disabling IPv6 on a per-interface basis. When a network unit's [Network] section has either LinkLocalAddressing=ipv4 or LinkLocalAddressing=no, networkd will not try to configure IPv6 on the matching interfaces.
Note however that even when using the above option, networkd will still be expecting to receive router advertisements if IPv6 is not disabled globally. If IPv6 traffic is not being received by the interface (e.g. due to sysctl or ip6tables settings), it will remain in the configuring state and potentially cause timeouts for services waiting for the network to be fully configured. To avoid this, the IPv6AcceptRA=no option should also be set in the [Network] section.
seems to be working. I’ll report back if it isn’t.