Backtrack 5 R3 - Refuses to connect to VPN

Question

I wanted to ask this on the Backtrack Linux forums but for some reason I couldn't register, reading it was disabled by the administrator. So I apologize if I'm in the wrong place (which I feel like I am, even though BT is based on Ubuntu).

A week ago my VPN connections were fine. I'm using network-manager on GNOME. My OpenVPN connections (done via terminal) also connected fine. Now, out of nowhere, the PPTP VPN setup in my network-manager keep reporting a failed connection, and when I try OpenVPN it reports a success, but I can't access the internet. If I enter in a site it just hangs forever :(

The same VPN with same config, same credentials, same everything works perfectly on Ubuntu 12.04 LTS and Windows 7 (I have a triple boot). I did not run any updates or upgrades since then. What can I do?

Answer 1

The first place I'd look for clues would be the openvpn log, which is often sent to syslog. That may give you some clues (possibly failures to create routes, or a disconnection for some reason after the client is executed).

If there are no obvious signs of issues in the logs, next would be the routes it creates. Use ip route show and see if the correct networks are being added to the route table and that they are pointing at the tun/tap device that OpenVPN is creating. If they look correct and ip route get x.x.x.x (where x.x.x.x is an IP on the VPN network) shows the correct route, next would be firewalls.

If you are using iptables do you have a rules for the OUTPUT and/or FORWARD chains to allow traffic out through the tun/tap device, and to the networks you are trying to reach. On trying to connect to a host does tcpdump show any signs of the traffic being routed over the VPN?

You also mention "entering a site", is that on your broswer? If so, what does dig <domain> show for its results? (Where <domain> is the DNS domain you are trying to reach via your browser, for example dig www.google.com. It may be that your client is being pushed a set of nameserver to put in resolv.conf that can't be reached via your VPN, and then DNS is failing.