Mullvad VPN Problems

blueboat · March 29, 2015, 10:26pm

I want to setup whonix in the following way:

host > tor > mullvad vpn

I have followed the short instruction on the Mullvad site and read the Whonix documentations but I can’t get the VPN to work.

[code]Option 2: root

Install OpenVPN and resolvconf (sudo apt-get install openvpn resolvconf)
Extract the configuration files into /etc/openvpn/
Start with sudo /etc/init.d/openvpn start

[/code]

At the latest command it gives this error:

Some relevant logs:

Sun Mar 29 21:54:02 2015 OpenVPN 2.2.1 i486-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014 Sun Mar 29 21:54:02 2015 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Sun Mar 29 21:54:02 2015 Cannot load certificate file mullvad.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib Sun Mar 29 21:54:02 2015 Exiting

Daemon.log

Sun Mar 29 21:54:02 2015 OpenVPN 2.2.1 i486-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014 Sun Mar 29 21:54:02 2015 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Sun Mar 29 21:54:02 2015 Cannot load certificate file mullvad.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib Sun Mar 29 21:54:02 2015 Exiting user@host:~$ cat /etc/openvpn/server.conf cat: /etc/openvpn/server.conf: No such file or directory user@host:~$ grep ovpn-mullvad_linux /var/log/daemon.log Mar 29 20:45:51 host ovpn-mullvad_linux[9815]: OpenVPN 2.2.1 i486-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014 Mar 29 20:45:51 host ovpn-mullvad_linux[9815]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Mar 29 20:45:51 host ovpn-mullvad_linux[9815]: WARNING: file 'mullvad.key' is group or others accessible Mar 29 20:45:51 host ovpn-mullvad_linux[9815]: Problem with cipher list: TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-SEED-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA: error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match Mar 29 20:45:51 host ovpn-mullvad_linux[9815]: Exiting Mar 29 21:08:07 host ovpn-mullvad_linux[13594]: OpenVPN 2.2.1 i486-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014 Mar 29 21:08:07 host ovpn-mullvad_linux[13594]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Mar 29 21:08:07 host ovpn-mullvad_linux[13594]: WARNING: file 'mullvad.key' is group or others accessible Mar 29 21:08:07 host ovpn-mullvad_linux[13594]: Problem with cipher list: TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-SEED-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA: error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match Mar 29 21:08:07 host ovpn-mullvad_linux[13594]: Exiting Mar 29 21:32:27 host ovpn-mullvad_linux[24482]: OpenVPN 2.2.1 i486-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014 Mar 29 21:32:27 host ovpn-mullvad_linux[24482]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Mar 29 21:32:27 host ovpn-mullvad_linux[24482]: WARNING: file 'mullvad.key' is group or others accessible Mar 29 21:32:27 host ovpn-mullvad_linux[24482]: Problem with cipher list: TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-SEED-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA: error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match Mar 29 21:32:27 host ovpn-mullvad_linux[24482]: Exiting Mar 29 21:51:03 host ovpn-mullvad_linux[27861]: OpenVPN 2.2.1 i486-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014 Mar 29 21:51:03 host ovpn-mullvad_linux[27861]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Mar 29 21:51:03 host ovpn-mullvad_linux[27861]: WARNING: file 'mullvad.key' is group or others accessible Mar 29 21:51:03 host ovpn-mullvad_linux[27861]: Problem with cipher list: TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-SEED-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA: error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match Mar 29 21:51:03 host ovpn-mullvad_linux[27861]: Exiting

Mullvad has a 3 hour free trial, if someone could either test it or help me solve my problem that would be great.

blueboat · March 29, 2015, 11:29pm

I managed to solve a couple of errors with the help of this website ([url=https://devsite.pl/blog.2015-03-21.pi-vpn.html]https://devsite.pl/blog.2015-03-21.pi-vpn.html[/url]). It now says the following thing when I start openvpn:

[ ok ] Starting virtual private network daemon: mullvad_linux.

However when I test it with the TestVPN documentation then it still shows the TOR IP instead of the VPN IP.

With “openvpn --config mullvad_linux.conf” it just loops the following error over and over:

Sun Mar 29 22:23:01 2015 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Sun Mar 29 22:23:01 2015 Re-using SSL/TLS context Sun Mar 29 22:23:01 2015 LZO compression initialized Sun Mar 29 22:23:01 2015 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ] Sun Mar 29 22:23:01 2015 Socket Buffers: R=[87380->131072] S=[16384->131072] Sun Mar 29 22:23:01 2015 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ] Sun Mar 29 22:23:01 2015 Local Options hash (VER=V4): '958c5492' Sun Mar 29 22:23:01 2015 Expected Remote Options hash (VER=V4): '79ef4284' Sun Mar 29 22:23:01 2015 Attempting to establish TCP connection with [AF_INET]46.21.99.21:1300 [nonblock] Sun Mar 29 22:23:02 2015 TCP connection established with [AF_INET]46.21.99.21:1300 Sun Mar 29 22:23:02 2015 TCPv4_CLIENT link local: [undef] Sun Mar 29 22:23:02 2015 TCPv4_CLIENT link remote: [AF_INET]46.21.99.21:1300 Sun Mar 29 22:23:02 2015 Connection reset, restarting [0] Sun Mar 29 22:23:02 2015 TCP/UDP: Closing socket Sun Mar 29 22:23:02 2015 SIGUSR1[soft,connection-reset] received, process restarting Sun Mar 29 22:23:02 2015 Restart pause, 5 second(s)

Help would be appreciated.

Patrick · March 30, 2015, 8:00am

Saw this already?

lolodown · May 8, 2015, 2:44am

I’m trying to do the same thing and I can’t for the life of me figure out how to extract to etc folder or anywhere below.

Patrick · May 8, 2015, 9:55am

You need root, basic knowledge about linux desktop distributions, self-initiative, frustration resistance for using linux desktop distributions. See also Whonix - Overview, Free Support for Whonix and How To Ask Questions The Smart Way.

thelasttime · May 11, 2015, 9:07am

Hello all,
it looks that many of Mullvad users have pb with Whonix. I’m one of them, remember :

Then, Hijeck

Now, blueboat in this thread.
If someone knows the issue…

Patrick · May 11, 2015, 9:27am

Good point.

Hypothesis 1:
If it’s mostly with one specific VPN provider, likely the issue is on side of the VPN provider, perhaps not allowing connections from the Tor network due to some security software on their side, not Whonix. (Whonix doesn’t discriminate VPN providers.)

Hypothesis 2:
Hypothesis 1 is false, it’s just a coincidence, because that VPN provider is more popular, so more people asking on how to get that one going.

thelasttime · May 11, 2015, 9:41am

[quote=“Patrick, post:7, topic:943”]Good point.

Hypothesis 1:
If it’s mostly with one specific VPN provider, likely the issue is on side of the VPN provider, perhaps not allowing connections from the Tor network due to some security software on their side, not Whonix. (Whonix doesn’t discriminate VPN providers.)

Hypothesis 2:
Hypothesis 1 is false, it’s just a coincidence, because that VPN provider is more popular, so more people asking on how to get that one going.[/quote]

Hi Patrick,
i asked Mullvad months ago about this (when i started this thread, my question was exactly “do mullvad accept tor connections” etc… Their answer was “YES”, “there is no pb with Tor” etc. My Workstation was Windows XP. I tried with Mullvad Client and then with OpenVPN GUI (and my Mullvad configuration file) : same pb.

Mullvad pb description : once Mullvad is connected, the connection is lost almost instantaneously. Then it connects again… failed again, etc.
In my case, the longer Mullvad worked was nearly 2 minutes… Then connexion stopped. It’s very frustating.
I must add that Mullvad client or Mullvad (OpenVpn) work perfectly in no VMs machines.

Patrick · May 11, 2015, 3:37pm

“no VMs machines” is a big vague. This means, their client has issues in other, non-Whonix, virtual machines such as plain Debian VMs also or not?

thelasttime · May 11, 2015, 5:35pm

I really don’t know about others VMs.