Не работает antizapret через OpenVPN, блокировка у мобильных операторов на ТСПУ

antizapret.prostovpn.org
83

Keenetic Giga ростелеком. Подключается, но тут же рвется когда начинают идти пакеты.


Авг 8 12:23:45
OpenVPN0
Connection reset, restarting [-1]
Авг 8 12:23:46
OpenVPN0
SIGTERM[soft,connection-reset] received, process exiting
Авг 8 12:23:46
ndm
Service: "OpenVPN0": unexpectedly stopped.
Авг 8 12:23:46
upnp
shutting down MiniUPnPd
Авг 8 12:23:46
ndm
Core::Session: client disconnected.
Авг 8 12:23:46
ndm
Network::Interface::OpenVpn: "OpenVPN0": system failed [0xcffd0a9a], unable to set down tunnel interface: no such device.
Авг 8 12:23:46
ndm
Network::Interface::OpenVpn: "OpenVPN0": system failed [0xcffd0aa9], invalid argument.
Авг 8 12:23:46
ndm
Network::Interface::Ip: "OpenVPN0": IP address cleared.
Авг 8 12:23:46
ndm
Network::Interface::OpenVpn: "OpenVPN0": remove installed accepted routes.
Авг 8 12:23:47
ndm
Http::Nginx: loaded SSL certificate for "a98bb54f197bc499192862ee.keenetic.io".
Авг 8 12:23:47
ndm
Http::Nginx: loaded SSL certificate for "nailrouter.keenetic.link".
Авг 8 12:23:47
ndm
Core::Server: started Session /var/run/ndm.core.socket.
Авг 8 12:23:47
ndm
Core::Session: client disconnected.
Авг 8 12:23:47
ndm
Http::Manager: updated configuration.
Авг 8 12:23:47
ndm
Core::Server: started Session /var/run/ndm.core.socket.
Авг 8 12:23:47
ndm
Core::Session: client disconnected.
Авг 8 12:23:48
OpenVPN0
OpenVPN 2.4.6 [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [AEAD]
Авг 8 12:23:48
OpenVPN0
library versions: OpenSSL 1.1.1o 3 May 2022, LZO 2.10
Авг 8 12:23:48
OpenVPN0
Attempting to establish TCP connection with [AF_INET]51.75.75.245:1194 [nonblock]
Авг 8 12:23:49
ndm
Core::Server: started Session /var/run/ndm.core.socket.
Авг 8 12:23:49
upnp
HTTP listening on port 1900
Авг 8 12:23:49
upnp
Listening for NAT-PMP/PCP traffic on port 5351
Авг 8 12:23:49
OpenVPN0
TCP connection established with [AF_INET]51.75.75.245:1194
Авг 8 12:23:49
OpenVPN0
TCP_CLIENT link local: (not bound)
Авг 8 12:23:49
OpenVPN0
TCP_CLIENT link remote: [AF_INET]51.75.75.245:1194
Авг 8 12:23:49
OpenVPN0
NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Авг 8 12:23:50
OpenVPN0
WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1559', remote='link-mtu 1543'
Авг 8 12:23:50
OpenVPN0
WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC'
Авг 8 12:23:50
OpenVPN0
[antizapret-server-shared] Peer Connection Initiated with [AF_INET]51.75.75.245:1194
Авг 8 12:23:50
ndm
Network::Interface::OpenVpn: "OpenVPN0": connecting via PPPoE0 (PPPoE0).
Авг 8 12:23:50
ndm
Network::Interface::OpenVpn: "OpenVPN0": added host route to remote endpoint 51.75.75.245 via PPPoE0.
Авг 8 12:23:51
upnp
shutting down MiniUPnPd
Авг 8 12:23:51
ndm
Core::Session: client disconnected.
Авг 8 12:23:52
OpenVPN0
TUN/TAP device tun0 opened
Авг 8 12:23:52
OpenVPN0
do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Авг 8 12:23:52
ndm
Network::Interface::Ip: "OpenVPN0": IP address is 192.168.107.50/21.
Авг 8 12:23:52
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 8.8.8.8/255.255.255.255 via 192.168.104.1.
Авг 8 12:23:52
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 77.88.8.8/255.255.255.255 via 192.168.104.1.
Авг 8 12:23:52
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 10.224.0.0/255.254.0.0 via 192.168.104.1.
Авг 8 12:23:52
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 103.246.200.0/255.255.252.0 via 192.168.104.1.
Авг 8 12:23:52
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 178.239.88.0/255.255.248.0 via 192.168.104.1.
Авг 8 12:23:52
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 185.104.45.0/255.255.255.0 via 192.168.104.1.
Авг 8 12:23:52
ndm
Http::Nginx: loaded SSL certificate for "a98bb54f197bc499192862ee.keenetic.io".
Авг 8 12:23:53
ndm
Http::Nginx: loaded SSL certificate for "nailrouter.keenetic.link".
Авг 8 12:23:53
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 193.105.213.36/255.255.255.252 via 192.168.104.1.
Авг 8 12:23:53
ndm
Core::Server: started Session /var/run/ndm.core.socket.
Авг 8 12:23:53
ndm
Core::Session: client disconnected.
Авг 8 12:23:53
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 203.104.128.0/255.255.240.0 via 192.168.104.1.
Авг 8 12:23:53
ndm
Core::Server: started Session /var/run/ndm.core.socket.
Авг 8 12:23:53
upnp
HTTP listening on port 1900
Авг 8 12:23:53
upnp
Listening for NAT-PMP/PCP traffic on port 5351
Авг 8 12:23:53
ndm
Http::Manager: updated configuration.
Авг 8 12:23:53
ndm
Core::Server: started Session /var/run/ndm.core.socket.
Авг 8 12:23:53
ndm
Core::Session: client disconnected.
Авг 8 12:23:53
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 203.104.144.0/255.255.248.0 via 192.168.104.1.
Авг 8 12:23:53
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 203.104.152.0/255.255.252.0 via 192.168.104.1.
Авг 8 12:23:53
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 68.171.224.0/255.255.224.0 via 192.168.104.1.
Авг 8 12:23:53
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 74.82.64.0/255.255.224.0 via 192.168.104.1.
Авг 8 12:23:53
ndm
Network::Interface::OpenVpn: "OpenVPN0": adding nameserver 192.168.104.1.
Авг 8 12:23:53
ndm
Dns::Manager: name server 192.168.104.1 is disregarded while public is active.
Авг 8 12:23:53
ndm
Network::Interface::OpenVpn: "OpenVPN0": add route to nameserver 192.168.104.1 via 0.0.0.0 (OpenVPN0).
Авг 8 12:23:53
OpenVPN0
GID set to nobody
Авг 8 12:23:53
OpenVPN0
UID set to nobody
Авг 8 12:23:53
OpenVPN0
Initialization Sequence Completed
Авг 8 12:23:54
upnp
shutting down MiniUPnPd
Авг 8 12:23:54
ndm
Core::Session: client disconnected.
Авг 8 12:23:56
ndm
Core::Server: started Session /var/run/ndm.core.socket.
Авг 8 12:23:56
upnp
HTTP listening on port 1900
Авг 8 12:23:56
upnp
Listening for NAT-PMP/PCP traffic on port 5351
Авг 8 12:23:57
OpenVPN0
Connection reset, restarting [-1]
Авг 8 12:23:57
OpenVPN0
SIGTERM[soft,connection-reset] received, process exiting
Авг 8 12:23:57
ndm
Service: "OpenVPN0": unexpectedly stopped.
Авг 8 12:23:58
ndm
Network::Interface::OpenVpn: "OpenVPN0": system failed [0xcffd0a9a], unable to set down tunnel interface: no such device.
Авг 8 12:23:58
ndm
Network::Interface::OpenVpn: "OpenVPN0": system failed [0xcffd0aa9], invalid argument.
Авг 8 12:23:58
ndm
Network::Interface::Ip: "OpenVPN0": IP address cleared.
Авг 8 12:23:58
ndm
Network::Interface::OpenVpn: "OpenVPN0": remove installed accepted routes.
Авг 8 12:23:58
upnp
shutting down MiniUPnPd
Авг 8 12:23:58
ndm
Core::Session: client disconnected.
Авг 8 12:23:58
ndm
Http::Nginx: loaded SSL certificate for "a98bb54f197bc499192862ee.keenetic.io".
Авг 8 12:23:59
ndm
Http::Nginx: loaded SSL certificate for "nailrouter.keenetic.link".
Авг 8 12:23:59
ndm
Core::Server: started Session /var/run/ndm.core.socket.
Авг 8 12:23:59
ndm
Core::Session: client disconnected.
Авг 8 12:23:59
ndm
Http::Manager: updated configuration.
Авг 8 12:23:59
ndm
Core::Server: started Session /var/run/ndm.core.socket.
Авг 8 12:23:59
ndm
Core::Session: client disconnected.
Авг 8 12:24:00
OpenVPN0
OpenVPN 2.4.6 [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [AEAD]
Авг 8 12:24:00
OpenVPN0
library versions: OpenSSL 1.1.1o 3 May 2022, LZO 2.10
Авг 8 12:24:00
OpenVPN0
Attempting to establish TCP connection with [AF_INET]51.75.75.245:1194 [nonblock]
Авг 8 12:24:00
ndm
Core::Server: started Session /var/run/ndm.core.socket.
Авг 8 12:24:00
upnp
HTTP listening on port 1900
Авг 8 12:24:00
upnp
Listening for NAT-PMP/PCP traffic on port 5351
Авг 8 12:24:01
OpenVPN0
TCP connection established with [AF_INET]51.75.75.245:1194
Авг 8 12:24:01
OpenVPN0
TCP_CLIENT link local: (not bound)
Авг 8 12:24:01
OpenVPN0
TCP_CLIENT link remote: [AF_INET]51.75.75.245:1194
Авг 8 12:24:01
OpenVPN0
NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Авг 8 12:24:02
OpenVPN0
WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1559', remote='link-mtu 1543'
Авг 8 12:24:02
OpenVPN0
WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC'
Авг 8 12:24:02
OpenVPN0
[antizapret-server-shared] Peer Connection Initiated with [AF_INET]51.75.75.245:1194
Авг 8 12:24:02
ndm
Network::Interface::OpenVpn: "OpenVPN0": connecting via PPPoE0 (PPPoE0).
Авг 8 12:24:02
ndm
Network::Interface::OpenVpn: "OpenVPN0": added host route to remote endpoint 51.75.75.245 via PPPoE0.
Авг 8 12:24:02
upnp
shutting down MiniUPnPd
Авг 8 12:24:02
ndm
Core::Session: client disconnected.
Авг 8 12:24:03
OpenVPN0
TUN/TAP device tun0 opened
Авг 8 12:24:03
OpenVPN0
do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Авг 8 12:24:03
ndm
Network::Interface::Ip: "OpenVPN0": IP address is 192.168.114.11/21.
Авг 8 12:24:04
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 8.8.8.8/255.255.255.255 via 192.168.112.1.
Авг 8 12:24:04
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 77.88.8.8/255.255.255.255 via 192.168.112.1.
Авг 8 12:24:04
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 192.168.104.1/255.255.255.255 via 192.168.112.1.
Авг 8 12:24:04
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 10.224.0.0/255.254.0.0 via 192.168.112.1.
Авг 8 12:24:04
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 103.246.200.0/255.255.252.0 via 192.168.112.1.
Авг 8 12:24:04
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 178.239.88.0/255.255.248.0 via 192.168.112.1.
Авг 8 12:24:04
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 185.104.45.0/255.255.255.0 via 192.168.112.1.
Авг 8 12:24:04
ndm
Http::Nginx: loaded SSL certificate for "a98bb54f197bc499192862ee.keenetic.io".
Авг 8 12:24:04
ndm
Http::Nginx: loaded SSL certificate for "nailrouter.keenetic.link".
Авг 8 12:24:04
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 193.105.213.36/255.255.255.252 via 192.168.112.1.
Авг 8 12:24:04
ndm
Core::Server: started Session /var/run/ndm.core.socket.
Авг 8 12:24:04
upnp
HTTP listening on port 1900
Авг 8 12:24:04
upnp
Listening for NAT-PMP/PCP traffic on port 5351
Авг 8 12:24:04
ndm
Core::Server: started Session /var/run/ndm.core.socket.
Авг 8 12:24:04
ndm
Core::Session: client disconnected.
Авг 8 12:24:04
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 203.104.128.0/255.255.240.0 via 192.168.112.1.
Авг 8 12:24:04
ndm
Http::Manager: updated configuration.
Авг 8 12:24:04
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 203.104.144.0/255.255.248.0 via 192.168.112.1.
Авг 8 12:24:04
ndm
Core::Server: started Session /var/run/ndm.core.socket.
Авг 8 12:24:04
ndm
Core::Session: client disconnected.
Авг 8 12:24:05
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 203.104.152.0/255.255.252.0 via 192.168.112.1.
Авг 8 12:24:05
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 68.171.224.0/255.255.224.0 via 192.168.112.1.
Авг 8 12:24:05
ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted route to 74.82.64.0/255.255.224.0 via 192.168.112.1.
Авг 8 12:24:05
ndm
Network::Interface::OpenVpn: "OpenVPN0": adding nameserver 192.168.104.1.
Авг 8 12:24:05
ndm
Dns::Manager: name server 192.168.104.1 is disregarded while public is active.
Авг 8 12:24:05
ndm
Network::Interface::OpenVpn: "OpenVPN0": add route to nameserver 192.168.104.1 via 0.0.0.0 (OpenVPN0).
Авг 8 12:24:05
OpenVPN0
GID set to nobody
Авг 8 12:24:05
OpenVPN0
UID set to nobody
Авг 8 12:24:05
OpenVPN0
Initialization Sequence Completed
Авг 8 12:24:05
upnp
shutting down MiniUPnPd
Авг 8 12:24:05
ndm
Core::Session: client disconnected.
84

Ещё немного подкрутил.
@lipisin, @Mysya, @renat.zinatulin, @OneTema, @FreePaul напишите, заработало ли.

85

Да. заработало. (до этого подключалось 2 минуты - обрыв)
Сейчас подключение стабильное!

86

Заработало на дом.ру. спасибо большое.

87

Спасибо, заработало! Ростелеком, кинетик гига

88

Спасибо! Тоже все заработало!

89

Огромное спасибо.
Ростелеком, Keenetic 4G (KN-1210) работает.

90
Спойлер

Aug 8 18:20:41 MI-R3G: MAN up (eth3)
Aug 8 18:20:46 NTP Client: System time changed, offset: 4.413774s
Aug 8 18:20:48 openvpn-cli[636]: VERIFY OK: depth=1, CN=AntiZapret CA2
Aug 8 18:20:48 openvpn-cli[636]: VERIFY KU OK
Aug 8 18:20:48 openvpn-cli[636]: Validating certificate extended key usage
Aug 8 18:20:48 openvpn-cli[636]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Aug 8 18:20:48 openvpn-cli[636]: VERIFY EKU OK
Aug 8 18:20:48 openvpn-cli[636]: VERIFY OK: depth=0, CN=antizapret-server-shared
Aug 8 18:20:49 openvpn-cli[636]: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
Aug 8 18:20:49 openvpn-cli[636]: [antizapret-server-shared] Peer Connection Initiated with [AF_INET]51.75.70.203:1194
Aug 8 18:20:49 openvpn-cli[636]: PUSH: Received control message: 'PUSH_REPLY,route 192.168.104.1 255.255.255.255,route 10.224.0.0 255.254.0.0,dhcp-option DNS 192.168.104.1,block-outside-dns,route-gateway 192.168.120.1,topology subnet,ping 110,ping-restart 360,route 103.246.200.0 255.255.252.0,route 178.239.88.0 255.255.248.0,route 185.104.45.0 255.255.255.0,route 193.105.213.36 255.255.255.252,route 203.104.128.0 255.255.240.0,route 203.104.144.0 255.255.248.0,route 203.104.152.0 255.255.252.0,route 6
Aug 8 18:20:49 openvpn-cli[636]: Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:4: block-outside-dns (2.5.9)
Aug 8 18:20:49 openvpn-cli[636]: OPTIONS IMPORT: timers and/or timeouts modified
Aug 8 18:20:49 openvpn-cli[636]: OPTIONS IMPORT: --ifconfig/up options modified
Aug 8 18:20:49 openvpn-cli[636]: OPTIONS IMPORT: route options modified
Aug 8 18:20:49 openvpn-cli[636]: OPTIONS IMPORT: route-related options modified
Aug 8 18:20:49 openvpn-cli[636]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Aug 8 18:20:49 openvpn-cli[636]: OPTIONS IMPORT: peer-id set
Aug 8 18:20:49 openvpn-cli[636]: OPTIONS IMPORT: adjusting link_mtu to 1626
Aug 8 18:20:49 openvpn-cli[636]: OPTIONS IMPORT: data channel crypto options modified
Aug 8 18:20:49 openvpn-cli[636]: Data Channel: using negotiated cipher ‘AES-128-GCM’
Aug 8 18:20:49 openvpn-cli[636]: Outgoing Data Channel: Cipher ‘AES-128-GCM’ initialized with 128 bit key
Aug 8 18:20:49 openvpn-cli[636]: Incoming Data Channel: Cipher ‘AES-128-GCM’ initialized with 128 bit key
Aug 8 18:20:49 openvpn-cli[636]: net_route_v4_best_gw query: dst 0.0.0.0
Aug 8 18:20:49 openvpn-cli[636]: net_route_v4_best_gw result: via 213.140.228.144 dev ppp0
Aug 8 18:20:49 openvpn-cli[636]: TUN/TAP device tun0 opened
Aug 8 18:20:49 openvpn-cli[636]: net_iface_mtu_set: mtu 1500 for tun0
Aug 8 18:20:49 openvpn-cli[636]: net_iface_up: set tun0 up
Aug 8 18:20:49 openvpn-cli[636]: net_addr_v4_add: 192.168.121.95/21 dev tun0
Aug 8 18:20:49 openvpn-cli[636]: ovpnc.script tun0 1500 1554 192.168.121.95 255.255.248.0 init
Aug 8 18:20:49 vpnc-script: tun0 up
Aug 8 18:20:49 openvpn-cli[636]: net_route_v4_add: 192.168.104.1/32 via 192.168.120.1 dev [NULL] table 0 metric -1
Aug 8 18:20:49 openvpn-cli[636]: net_route_v4_add: 10.224.0.0/15 via 192.168.120.1 dev [NULL] table 0 metric -1
Aug 8 18:20:49 openvpn-cli[636]: net_route_v4_add: 103.246.200.0/22 via 192.168.120.1 dev [NULL] table 0 metric -1
Aug 8 18:20:49 openvpn-cli[636]: net_route_v4_add: 178.239.88.0/21 via 192.168.120.1 dev [NULL] table 0 metric -1
Aug 8 18:20:49 openvpn-cli[636]: net_route_v4_add: 185.104.45.0/24 via 192.168.120.1 dev [NULL] table 0 metric -1
Aug 8 18:20:49 openvpn-cli[636]: net_route_v4_add: 193.105.213.36/30 via 192.168.120.1 dev [NULL] table 0 metric -1
Aug 8 18:20:49 openvpn-cli[636]: net_route_v4_add: 203.104.128.0/20 via 192.168.120.1 dev [NULL] table 0 metric -1
Aug 8 18:20:49 openvpn-cli[636]: net_route_v4_add: 203.104.144.0/21 via 192.168.120.1 dev [NULL] table 0 metric -1
Aug 8 18:20:49 openvpn-cli[636]: net_route_v4_add: 203.104.152.0/22 via 192.168.120.1 dev [NULL] table 0 metric -1
Aug 8 18:20:49 openvpn-cli[636]: net_route_v4_add: 68.171.224.0/19 via 192.168.120.1 dev [NULL] table 0 metric -1
Aug 8 18:20:49 openvpn-cli[636]: net_route_v4_add: 74.82.64.0/19 via 192.168.120.1 dev [NULL] table 0 metric -1
Aug 8 18:20:49 openvpn-cli[636]: Initialization Sequence Completed

Ростелеком. К VPN подключение активно, но к “некоторым” сайтам доступа нет. Может можно это исправить на данных логов?

91

Спасибо, заработало (Дом.ру, СПб)

92

Мегафон работает! Спасибо!

93

AX6000 Router WIFI 6 заработало! Самаралан (Дом.ру).
Спасибо огромное VladikSS!

94

а как смотрите на смену порта у ovpn? например, 443 там поставить, тот же wireguard подозрительно еще шустрее становится…

95

Миранда медиа, Крым, все работает прекрасно!

96

Сейчас со вчера всё работает . Спасибо

97

Приветствую! Подскажите как настроить, какой конфиг вносить? Я новенький на Вашем форуме.

98

Смотрите здесь

99

Не подключает опен впн на кинетике.
В логах вот такое:

Screenshot_2023-08-10-07-55-17-821-edit_com.keenetic.kn
Screenshot_2023-08-10-07-55-17-821-edit_com.keenetic.kn1080×1892 170 KB

100

Здравствуйте!
Keenetic Ultra, Дом.ру, СПб
“Антизапрет” не работает? В роутере статус “Готов”, а сайты (Instagram, Rutor, NNM) не открываются…

101

Заработало. Не знаю, то ли у меня на компьютере что было, то ли у Dom.ru

102

“Готов” обычно означает, что пользователь по недосмотру включил в настройках туннеля “использовать для выхода в интернет” (что в случае Antizapret бессмысленно). Если же эта галка выключена, то в описании туннеля будет видно, установлено соединение или нет.