Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No internet connection on Ubuntu #1357

Open
evgkhm opened this issue Jan 13, 2025 · 6 comments
Open

No internet connection on Ubuntu #1357

evgkhm opened this issue Jan 13, 2025 · 6 comments

Comments

@evgkhm
Copy link

evgkhm commented Jan 13, 2025
edited
Loading

When app connected to my VPS server using AmneziaWG no internet on Ubuntu. But on another devices (iOS, MAC) it works perfectly. It looks like internet is blocking, because when I start pinging or try to open iptables on terminal they are blocking and don't do anything until I turn off the button in app.

OpenVPN over Cloak and Amnezia Free v3 works, another methods don't.

Steps to reproduce the behavior:

  1. Install AmneziaVPN_4.8.2.3_Linux_installer
  2. Import connection config
  3. Press "Connect"

Expected behavior: Access to internet using AmneziaWG.

Log files
2025-01-13 10:38:53 debug LocalServer new connection
2025-01-13 10:38:53 debug Amnezia "DaemonLocalServer" "New connection received"
2025-01-13 10:38:53 debug Amnezia "DaemonLocalServerConnection" "Connection created"
2025-01-13 10:38:53 debug Amnezia "DaemonLocalServerConnection" "Read Data"
2025-01-13 10:38:53 debug Amnezia "DaemonLocalServerConnection" "Command received: status"
2025-01-13 10:38:53 debug Amnezia "Daemon" "Status request"
2025-01-13 10:38:53 debug Amnezia "DaemonLocalServerConnection" "Read Data"
2025-01-13 10:38:53 debug Amnezia "DaemonLocalServerConnection" "Command received: activate"
2025-01-13 10:38:53 debug Amnezia "Daemon" "Activating interface"
2025-01-13 10:38:53 debug Amnezia "WireguardUtilsLinux" "Created wireguard interface amn0"
2025-01-13 10:38:53 debug Amnezia "LinuxRouteMonitor" "LinuxRouteMonitor created."
2025-01-13 10:38:53 debug Amnezia "LinuxRouteMonitor" "Adding exclusion route for /32"
2025-01-13 10:38:53 debug Amnezia "WireguardUtilsLinux" "Configuring peer C9I9PfDjGHStnsOMU6iud5MZRULN2p8zh8l3KAbt6CY= via "
2025-01-13 10:38:53 debug Amnezia "LinuxRouteMonitor" "Adding exclusion route for /32"
2025-01-13 10:38:53 debug Amnezia "LinuxRouteMonitor" "Adding exclusion route for /999999"
2025-01-13 10:38:53 debug Amnezia "LinuxRouteMonitor" "Invalid destination prefix"
2025-01-13 10:38:53 debug Amnezia "LinuxRouteMonitor" "Netlink request failed: Network is unreachable"
2025-01-13 10:38:53 debug Amnezia "LinuxRouteMonitor" "Netlink request failed: Network is unreachable"
2025-01-13 10:38:53 debug Amnezia "DnsUtilsLinux" "Adding DNS resolver 1.1.1.1 via amn0"
2025-01-13 10:38:53 debug Amnezia "LinuxRouteMonitor" "Adding route to 0.0.0.0/1"
2025-01-13 10:38:53 debug Amnezia "LinuxRouteMonitor" "Adding route to 128.0.0.0/1"
2025-01-13 10:38:53 debug Amnezia "LinuxRouteMonitor" "Adding route to ::/1"
2025-01-13 10:38:53 debug Amnezia "LinuxRouteMonitor" "Adding route to 8000::/1"
2025-01-13 10:38:53 debug Amnezia "Daemon" "Connection status: 1"
2025-01-13 10:38:53 debug Amnezia "DnsUtilsLinux" "Setting DNS domain: XXXXXXXX via amn0 search"
2025-01-13 10:38:53 debug Amnezia "Daemon" "Checking for handshake..."
2025-01-13 10:38:53 debug Amnezia "Daemon" "awaiting C9I9PfDjGHStnsOMU6iud5MZRULN2p8zh8l3KAbt6CY="
2025-01-13 10:38:53 debug Flush dns completed

Screenshot from 2025-01-13 11-11-14

Desktop:

  • OS: Ubuntu 24.04.1 LTS

Server:

  • Ubuntu-22.04

To fix an issue I tried:

  • Add DNS-servers: 1.1.1.1, 1.0.0.1, 8.8.8.8
  • Turn off "Use AmneziaDNS", "KillSwitch".
  • Launch iptables, but it blocked when button connects in app
  • Start systemd-resolved
@dazmagar
Copy link

I confirm the bug; I am experiencing the same issue on Ubuntu 24.04.1 LTS.

I have temporarily resolved it using the following workaround:

  1. Create a script at /usr/local/bin/vpn-routing.sh with the following content:
#!/bin/bash

LOGFILE="/var/log/vpn-routing.log"
INTERFACE="amn0"
OLD_IP="10.8.0.0/32"  # Replace with the IP automatically assigned after connecting the VPN
NEW_IP="10.8.0.3/24"  # Replace with the client-configured IP
VPN_ROUTE1="0.0.0.0/1"
VPN_ROUTE2="128.0.0.0/1"
MAX_RETRIES=10
SLEEP_INTERVAL=2

log() {
    echo "$(date) - $1" >> $LOGFILE
}

log "Running vpn-routing.sh script ($1)"

if [ "$1" == "remove" ]; then
    log "Restoring default routes..."
    ip route del $VPN_ROUTE1 dev $INTERFACE 2>/dev/null
    ip route del $VPN_ROUTE2 dev $INTERFACE 2>/dev/null
    log "Removed VPN routes: $VPN_ROUTE1, $VPN_ROUTE2"
elif [ "$1" == "add" ]; then
    RETRY_COUNT=0
    while ! ip link show $INTERFACE | grep -q "LOWER_UP"; do
        if [ $RETRY_COUNT -ge $MAX_RETRIES ]; then
            log "Interface $INTERFACE not up after $MAX_RETRIES attempts, skipping IP addition"
            exit 1
        fi
        log "Waiting for $INTERFACE to be up... (attempt $((RETRY_COUNT+1)))"
        sleep $SLEEP_INTERVAL
        RETRY_COUNT=$((RETRY_COUNT + 1))
    done

    log "$INTERFACE is up"

    log "Adding new IP $NEW_IP to $INTERFACE"
    ip addr add $NEW_IP dev $INTERFACE
    log "IP $NEW_IP added"

    log "Deleting old IP $OLD_IP from $INTERFACE"
    ip address del $OLD_IP dev $INTERFACE
    log "IP $OLD_IP deleted"

    log "Configuring routes for VPN interface..."
    ip route add $VPN_ROUTE1 dev $INTERFACE
    ip route add $VPN_ROUTE2 dev $INTERFACE
    log "Routes through VPN configured: $VPN_ROUTE1, $VPN_ROUTE2"
else
    log "Invalid argument. Use 'add' or 'remove'."
fi
  1. Make the script executable:
sudo chmod +x /usr/local/bin/vpn-routing.sh
  1. Add the following rule at /etc/udev/rules.d/99-vpn-routing.rules:
ACTION=="add", KERNEL=="amn0", RUN+="/usr/bin/sudo /usr/local/bin/vpn-routing.sh add"
ACTION=="remove", KERNEL=="amn0", RUN+="/usr/bin/sudo /usr/local/bin/vpn-routing.sh remove"
  1. Add an entry to the /etc/sudoers file to allow the script to run without requiring a password:
ALL ALL=(ALL) NOPASSWD: /usr/local/bin/vpn-routing.sh
  1. Reload the udev rules to apply the changes:
sudo udevadm control --reload-rules

@evgkhm
Copy link
Author

evgkhm commented Jan 17, 2025

@dazmagar Thanks for answer, but it did't help me :(
I take "OLD_ID" from there

Image

And "NEW_IP" from

Image

After I followed your instructions and nothing changed. Here is my "ip a" info

Image

@Data-Bike
Copy link

I have same error

@dazmagar
Copy link

dazmagar commented Jan 18, 2025
edited
Loading

evgkhm Thanks for answer, but it did't help me :(

OLD_IP - the IP that is assigned to your amn0 interface when you "connect" to the VPN using AmneziaVPN on your Ubuntu.

NEW_IP - the IP that you should take from your client VPN config file.

Below is an example of a client VPN config file from which you need to take the IP (the 'Address' field in the 'Interface' section)

[Interface]
Address = 10.10.0.2/24 <--- NEW_IP
DNS = 1.1.1.1
Jc = 
Jmin = 
Jmax = 
S1 = 
S2 = 
H1 = 
H2 = 
H3 = 
H4 = 
PrivateKey = 

[Peer]
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = 
PreSharedKey = 
PublicKey =

@evgkhm
Copy link
Author

evgkhm commented Jan 19, 2025

@dazmagar It seems like I have the same OLD_IP and NEW_IP. Where can I find VPN config file?

@dazmagar
Copy link

dazmagar commented Jan 19, 2025
edited
Loading

evgkhm Where can I find VPN config file?

Typically, the client configuration is generated on the VPN server. (This can be a text file or a picture - QR code)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Data-Bike @dazmagar @evgkhm