PIA trying to connect then fails, tried all ports.

Tried all ports and steps in https://helpdesk.privateinternetaccess.com/hc/en-us/articles/219059608-Why-is-the-VPN-connection-not-working-or-slow-with-the-PIA-App-

Also tried to completely reinstall using guide from PIA website.

But I still have the same problem with PIA; it tries to connect then fails, most combos of countries and ports have been tried, also tcp and udp both tried.

**It started when I wanted to set up port forwarding on my ASUS DSL AC68U router, after port forwarding and trying to port forward in PIA client it could not connect, I have since rolled back the port forwarding in the router and client but no matter what I do the problem still persists.**

Anyone interested in the log?

    
    Sat Dec 02 09:33:49 2017 OpenVPN 2.2.2 x86_64-w64-mingw32 [SSL] [LZO2] [PKCS11] built on Oct 25 2017
    Sat Dec 02 09:33:49 2017 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page).
    Sat Dec 02 09:33:49 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Sat Dec 02 09:33:49 2017 LZO compression initialized
    Sat Dec 02 09:33:49 2017 UDPv4 link local: [undef]
    Sat Dec 02 09:33:49 2017 UDPv4 link remote: 5.157.16.42:8080
    Sat Dec 02 09:33:49 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Sat Dec 02 09:33:49 2017 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1570', remote='link-mtu 1542'
    Sat Dec 02 09:33:49 2017 WARNING: 'cipher' is used inconsistently, local='cipher AES-256-CBC', remote='cipher BF-CBC'
    Sat Dec 02 09:33:49 2017 WARNING: 'auth' is used inconsistently, local='auth SHA256', remote='auth SHA1'
    Sat Dec 02 09:33:49 2017 WARNING: 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
    Sat Dec 02 09:33:49 2017 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Sat Dec 02 09:33:49 2017 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
    Sat Dec 02 09:33:49 2017 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Sat Dec 02 09:33:49 2017 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
    Sat Dec 02 09:33:49 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
    Sat Dec 02 09:33:49 2017 [f16ea9d327322f336a56578d1a384856] Peer Connection Initiated with 5.157.16.42:8080
    Sat Dec 02 09:33:55 2017 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{0110D07F-4B29-4C42-9F9F-6F02A76F9CD5}.tap
    Sat Dec 02 09:33:55 2017 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.55.10.6/255.255.255.252 on interface {0110D07F-4B29-4C42-9F9F-6F02A76F9CD5} [DHCP-serv: 10.55.10.5, lease-time: 31536000]
    Sat Dec 02 09:33:55 2017 Successful ARP Flush on interface [7] {0110D07F-4B29-4C42-9F9F-6F02A76F9CD5}
    Sat Dec 02 09:35:40 2017 OpenVPN 2.2.2 x86_64-w64-mingw32 [SSL] [LZO2] [PKCS11] built on Oct 25 2017
    Sat Dec 02 09:35:40 2017 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page).
    Sat Dec 02 09:35:40 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Sat Dec 02 09:35:40 2017 LZO compression initialized
    Sat Dec 02 09:35:40 2017 UDPv4 link local: [undef]
    Sat Dec 02 09:35:40 2017 UDPv4 link remote: 5.157.16.42:8080
    Sat Dec 02 09:35:40 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Sat Dec 02 09:35:40 2017 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1558', remote='link-mtu 1542'
    Sat Dec 02 09:35:40 2017 WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC'
    Sat Dec 02 09:35:40 2017 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Sat Dec 02 09:35:40 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sat Dec 02 09:35:40 2017 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Sat Dec 02 09:35:40 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sat Dec 02 09:35:40 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
    Sat Dec 02 09:35:40 2017 [f16ea9d327322f336a56578d1a384856] Peer Connection Initiated with 5.157.16.42:8080
    Sat Dec 02 09:35:41 2017 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{0110D07F-4B29-4C42-9F9F-6F02A76F9CD5}.tap
    Sat Dec 02 09:35:41 2017 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.39.10.6/255.255.255.252 on interface {0110D07F-4B29-4C42-9F9F-6F02A76F9CD5} [DHCP-serv: 10.39.10.5, lease-time: 31536000]
    Sat Dec 02 09:35:41 2017 Successful ARP Flush on interface [7] {0110D07F-4B29-4C42-9F9F-6F02A76F9CD5}
    Sat Dec 02 09:38:08 2017 OpenVPN 2.2.2 x86_64-w64-mingw32 [SSL] [LZO2] [PKCS11] built on Oct 25 2017
    Sat Dec 02 09:38:08 2017 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page).
    Sat Dec 02 09:38:08 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Sat Dec 02 09:38:08 2017 LZO compression initialized
    Sat Dec 02 09:38:08 2017 UDPv4 link local: [undef]
    Sat Dec 02 09:38:08 2017 UDPv4 link remote: 5.157.16.42:1194
    Sat Dec 02 09:38:08 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Sat Dec 02 09:38:08 2017 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1558', remote='link-mtu 1542'
    Sat Dec 02 09:38:08 2017 WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC'
    Sat Dec 02 09:38:08 2017 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Sat Dec 02 09:38:08 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sat Dec 02 09:38:08 2017 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Sat Dec 02 09:38:08 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sat Dec 02 09:38:08 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
    Sat Dec 02 09:38:08 2017 [f16ea9d327322f336a56578d1a384856] Peer Connection Initiated with 5.157.16.42:1194
    Sat Dec 02 09:38:09 2017 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{0110D07F-4B29-4C42-9F9F-6F02A76F9CD5}.tap
    Sat Dec 02 09:38:09 2017 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.65.10.6/255.255.255.252 on interface {0110D07F-4B29-4C42-9F9F-6F02A76F9CD5} [DHCP-serv: 10.65.10.5, lease-time: 31536000]
    Sat Dec 02 09:38:09 2017 Successful ARP Flush on interface [7] {0110D07F-4B29-4C42-9F9F-6F02A76F9CD5}
    Sat Dec 02 09:39:58 2017 OpenVPN 2.2.2 x86_64-w64-mingw32 [SSL] [LZO2] [PKCS11] built on Oct 25 2017
    Sat Dec 02 09:39:58 2017 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page).
    Sat Dec 02 09:39:58 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Sat Dec 02 09:39:58 2017 LZO compression initialized
    Sat Dec 02 09:39:58 2017 UDPv4 link local: [undef]
    Sat Dec 02 09:39:58 2017 UDPv4 link remote: 5.157.16.42:53
    Sat Dec 02 09:39:58 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Sat Dec 02 09:39:58 2017 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1558', remote='link-mtu 1542'
    Sat Dec 02 09:39:58 2017 WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC'
    Sat Dec 02 09:39:58 2017 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Sat Dec 02 09:39:58 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sat Dec 02 09:39:58 2017 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Sat Dec 02 09:39:58 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sat Dec 02 09:39:58 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
    Sat Dec 02 09:39:58 2017 [f16ea9d327322f336a56578d1a384856] Peer Connection Initiated with 5.157.16.42:53
    Sat Dec 02 09:39:59 2017 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{0110D07F-4B29-4C42-9F9F-6F02A76F9CD5}.tap
    Sat Dec 02 09:39:59 2017 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.68.10.10/255.255.255.252 on interface {0110D07F-4B29-4C42-9F9F-6F02A76F9CD5} [DHCP-serv: 10.68.10.9, lease-time: 31536000]
    Sat Dec 02 09:39:59 2017 Successful ARP Flush on interface [7] {0110D07F-4B29-4C42-9F9F-6F02A76F9CD5}
    Sat Dec 02 09:40:20 2017 Initialization Sequence Completed
    Sat Dec 02 09:41:13 2017 OpenVPN 2.2.2 x86_64-w64-mingw32 [SSL] [LZO2] [PKCS11] built on Oct 25 2017
    Sat Dec 02 09:41:13 2017 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page).
    Sat Dec 02 09:41:13 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Sat Dec 02 09:41:13 2017 LZO compression initialized
    Sat Dec 02 09:41:13 2017 Attempting to establish TCP connection with 5.157.16.42:500
    Sat Dec 02 09:41:13 2017 TCP connection established with 5.157.16.42:500
    Sat Dec 02 09:41:13 2017 TCPv4_CLIENT link local: [undef]
    Sat Dec 02 09:41:13 2017 TCPv4_CLIENT link remote: 5.157.16.42:500
    Sat Dec 02 09:41:13 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Sat Dec 02 09:41:13 2017 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1560', remote='link-mtu 1544'
    Sat Dec 02 09:41:13 2017 WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC'
    Sat Dec 02 09:41:13 2017 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Sat Dec 02 09:41:13 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sat Dec 02 09:41:13 2017 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Sat Dec 02 09:41:13 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sat Dec 02 09:41:13 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
    Sat Dec 02 09:41:13 2017 [f16ea9d327322f336a56578d1a384856] Peer Connection Initiated with 5.157.16.42:500
    Sat Dec 02 09:41:14 2017 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{0110D07F-4B29-4C42-9F9F-6F02A76F9CD5}.tap
    Sat Dec 02 09:41:14 2017 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.39.1.10/255.255.255.252 on interface {0110D07F-4B29-4C42-9F9F-6F02A76F9CD5} [DHCP-serv: 10.39.1.9, lease-time: 31536000]
    Sat Dec 02 09:41:14 2017 Successful ARP Flush on interface [7] {0110D07F-4B29-4C42-9F9F-6F02A76F9CD5}
    Sat Dec 02 09:42:29 2017 OpenVPN 2.2.2 x86_64-w64-mingw32 [SSL] [LZO2] [PKCS11] built on Oct 25 2017
    Sat Dec 02 09:42:29 2017 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page).
    Sat Dec 02 09:42:29 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Sat Dec 02 09:42:29 2017 LZO compression initialized
    Sat Dec 02 09:42:29 2017 Attempting to establish TCP connection with 5.157.16.42:80
    Sat Dec 02 09:42:29 2017 TCP connection established with 5.157.16.42:80
    Sat Dec 02 09:42:29 2017 TCPv4_CLIENT link local: [undef]
    Sat Dec 02 09:42:29 2017 TCPv4_CLIENT link remote: 5.157.16.42:80
    Sat Dec 02 09:42:29 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Sat Dec 02 09:42:29 2017 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1560', remote='link-mtu 1544'
    Sat Dec 02 09:42:29 2017 WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC'
    Sat Dec 02 09:42:29 2017 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Sat Dec 02 09:42:29 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sat Dec 02 09:42:29 2017 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Sat Dec 02 09:42:29 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sat Dec 02 09:42:29 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
    Sat Dec 02 09:42:29 2017 [f16ea9d327322f336a56578d1a384856] Peer Connection Initiated with 5.157.16.42:80
    Sat Dec 02 09:42:30 2017 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{0110D07F-4B29-4C42-9F9F-6F02A76F9CD5}.tap
    Sat Dec 02 09:42:30 2017 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.33.1.18/255.255.255.252 on interface {0110D07F-4B29-4C42-9F9F-6F02A76F9CD5} [DHCP-serv: 10.33.1.17, lease-time: 31536000]
    Sat Dec 02 09:42:30 2017 Successful ARP Flush on interface [7] {0110D07F-4B29-4C42-9F9F-6F02A76F9CD5}
    Sat Dec 02 09:43:58 2017 OpenVPN 2.2.2 x86_64-w64-mingw32 [SSL] [LZO2] [PKCS11] built on Oct 25 2017
    Sat Dec 02 09:43:58 2017 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page).
    Sat Dec 02 09:43:58 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Sat Dec 02 09:43:58 2017 LZO compression initialized
    Sat Dec 02 09:43:58 2017 Attempting to establish TCP connection with 46.166.186.215:500
    Sat Dec 02 09:43:58 2017 TCP connection established with 46.166.186.215:500
    Sat Dec 02 09:43:58 2017 TCPv4_CLIENT link local: [undef]
    Sat Dec 02 09:43:58 2017 TCPv4_CLIENT link remote: 46.166.186.215:500
    Sat Dec 02 09:43:58 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Sat Dec 02 09:43:59 2017 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1560', remote='link-mtu 1544'
    Sat Dec 02 09:43:59 2017 WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC'
    Sat Dec 02 09:43:59 2017 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Sat Dec 02 09:43:59 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sat Dec 02 09:43:59 2017 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Sat Dec 02 09:43:59 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sat Dec 02 09:43:59 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
    Sat Dec 02 09:43:59 2017 [235a1a51d654b6c6da50f15c78da0ca6] Peer Connection Initiated with 46.166.186.215:500
    Sat Dec 02 09:44:05 2017 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{0110D07F-4B29-4C42-9F9F-6F02A76F9CD5}.tap
    Sat Dec 02 09:44:05 2017 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.32.1.6/255.255.255.252 on interface {0110D07F-4B29-4C42-9F9F-6F02A76F9CD5} [DHCP-serv: 10.32.1.5, lease-time: 31536000]
    Sat Dec 02 09:44:05 2017 Successful ARP Flush on interface [7] {0110D07F-4B29-4C42-9F9F-6F02A76F9CD5}
       

Comments

  • Posts: 389
    I'm not seeing anything out of the ordinary in this log. There might be something wrong on the manager's end rather than OpenVPN.

    Can you submit a debug log and let us know the log ID here so we can have a closet look?
  • Max-P said:
    I'm not seeing anything out of the ordinary in this log. There might be something wrong on the manager's end rather than OpenVPN.

    Can you submit a debug log and let us know the log ID here so we can have a closet look?


    Hello thank you for your reply.

    Sure, here it is: 219C8


  • Posts: 389
    Hm, this is a bit strange. It seems to start connecting just fine but when it's almost finished connecting, the openvpn process just vanishes... None of the sessions stop at the same time, which seems to suggest something external is probably messing with the VPN.

    Do you run any antivirus suite and have you made sure to add all the exceptions as needed?

    Your log shows that OpenVPN is connecting and the manager manages to get a connection but it gets interrupted, and then after two tries the OpenVPN process is completely gone and the port not bound anymore:

    [2017-12-06T10:25:42.933Z] <info> #3040/41896632 |OpenvpnManager| Starting OpenVPN: PIA:\openvpn.exe "--client" "--persist-key" "--persist-tun" "--comp-lzo" "yes" "--dev" "tun" "--script-security" "2" "--remote" "5.153.233.34" "500" "--auth-user-pass" "PIA:\data\user_pass.txt" "--writepid" "PIA:\log\openvpn.pid" "--proto" "tcp-client" "--nobind" "--management" "127.0.0.1" "31749" "--log-append" "PIA:\log\openvpn.log" "--remote-cert-tls" "server" "--cipher" "aes-128-cbc" "--auth" "sha1" "--ca" "PIA:\data\ca.crt" "--sndbuf" "262144" "--rcvbuf" "262144" "--tls-remote" "099d8640923d949ef9448bc9aa948bd2" "--pia-signal-settings" "--plugin" "PIA:\pia-openvpn.dll"
    [2017-12-06T10:25:42.933Z] <debug> #3040/41896632 |Module| Creating process: PIA:\openvpn.exe "--client" "--persist-key" "--persist-tun" "--comp-lzo" "yes" "--dev" "tun" "--script-security" "2" "--remote" "5.153.233.34" "500" "--auth-user-pass" "PIA:\data\user_pass.txt" "--writepid" "PIA:\log\openvpn.pid" "--proto" "tcp-client" "--nobind" "--management" "127.0.0.1" "31749" "--log-append" "PIA:\log\openvpn.log" "--remote-cert-tls" "server" "--cipher" "aes-128-cbc" "--auth" "sha1" "--ca" "PIA:\data\ca.crt" "--sndbuf" "262144" "--rcvbuf" "262144" "--tls-remote" "099d8640923d949ef9448bc9aa948bd2" "--pia-signal-settings" "--plugin" "PIA:\pia-openvpn.dll"
    [2017-12-06T10:25:42.986Z] <debug> #3040/41896632 |OpenvpnManager| Created process
    [2017-12-06T10:25:43.017Z] <info> #3040/41896632 |OpenvpnManager| Connection status is connecting
    [2017-12-06T10:25:57.405Z] <debug> #3040/41904660 |OpenvpnManager| #<TO::Exception(cmd): cmd>
    [2017-12-06T10:25:58.421Z] <debug> #3040/41904660 |OpenvpnManager| Connecting to OpenVPN
    [2017-12-06T10:26:00.436Z] <debug> #3040/41904660 |OpenvpnManager| #<TO::Exception(cmd): cmd>
    [2017-12-06T10:26:01.452Z] <debug> #3040/41904660 |OpenvpnManager| Connecting to OpenVPN
    [2017-12-06T10:26:02.469Z] <debug> #3040/41904660 |OpenvpnManager| #<Errno::ECONNREFUSED: No connection could be made because the target machine actively refused it. - connect(2)>
    [Last two lines repeats a dozen times until it aborts]
Sign In or Register to comment.