Pritunl client connection failure with Ubuntu 22.04

Pritunl
1

I am running Pritunl Client v1.3.3585.79 on Ubuntu 22.04, connecting to my company’s VPN server. Unfortunately the connection seems to fail, whereas with the Ubuntu built-in network manager VPN client the connection works fine. Below is the contents of the log file. Thanks for any advice with this problem, and please let me know if you need more info.

Phil

[2023-07-17 09:38:43][INFO] :arrow_forward: main: Service starting ◆ version=“1.3.3585.79”
[2023-07-17 10:09:01][INFO] :arrow_forward: profile: Connecting ◆ device_auth=false ◆ disable_dns=false ◆ disable_gateway=false ◆ dynamic_firewall=false ◆ force_dns=false ◆ mode=“ovpn” ◆ profile_id=“6ae03
657dc2ab307” ◆ reconnect=true ◆ sso_auth=false
[2023-07-17 17:11:15][INFO] :arrow_forward: profile: Disconnecting ◆ profile_id=“6ae03657dc2ab307”
[2023-07-17 17:11:15][INFO] :arrow_forward: profile: Disconnected ◆ profile_id=“6ae03657dc2ab307”
[2023-07-17 17:17:58][INFO] :arrow_forward: profile: Connecting ◆ device_auth=false ◆ disable_dns=false ◆ disable_gateway=false ◆ dynamic_firewall=false ◆ force_dns=false ◆ mode=“ovpn” ◆ profile_id=“6ae03
657dc2ab307” ◆ reconnect=true ◆ sso_auth=false
[2023-07-17 17:18:06][INFO] :arrow_forward: profile: Disconnecting ◆ profile_id=“6ae03657dc2ab307”
[2023-07-17 17:18:06][INFO] :arrow_forward: profile: Disconnected ◆ profile_id=“6ae03657dc2ab307”
[2023-07-17 17:18:23][INFO] :arrow_forward: profile: Connecting ◆ device_auth=false ◆ disable_dns=false ◆ disable_gateway=false ◆ dynamic_firewall=false ◆ force_dns=false ◆ mode=“ovpn” ◆ profile_id=“6ae03
657dc2ab307” ◆ reconnect=true ◆ sso_auth=false
[2023-07-17 17:31:26][INFO] :arrow_forward: profile: Disconnecting ◆ profile_id=“6ae03657dc2ab307”
[2023-07-17 17:31:26][INFO] :arrow_forward: profile: Disconnected ◆ profile_id=“6ae03657dc2ab307”
[2023-07-17 17:32:02][ERRO] :arrow_forward: main: Server error
main: Server listen error
http: Server closed
ORIGINAL STACK TRACE:
main.main.func2
/pacur_build/src/pritunl-client-electron-1.3.3585.79/service/main.go:193 +0xa44b35
runtime.goexit
/usr/local/go/src/runtime/asm_amd64.s:1598 +0x469c60
[2023-07-17 17:32:05][INFO] :arrow_forward: main: Service starting ◆ version=“1.3.3585.79”
[2023-07-17 17:32:22][ERRO] :arrow_forward: main: Server error
main: Server listen error
http: Server closed
ORIGINAL STACK TRACE:
main.main.func2
/pacur_build/src/pritunl-client-electron-1.3.3585.79/service/main.go:193 +0xa44b35
runtime.goexit
/usr/local/go/src/runtime/asm_amd64.s:1598 +0x469c60
[2023-07-17 17:32:48][INFO] :arrow_forward: main: Service starting ◆ version=“1.3.3585.79”
[2023-07-17 17:33:43][INFO] :arrow_forward: profile: Connecting ◆ device_auth=false ◆ disable_dns=false ◆ disable_gateway=false ◆ dynamic_firewall=false ◆ force_dns=false ◆ mode=“ovpn” ◆ profile_id=“6ae03
657dc2ab307” ◆ reconnect=true ◆ sso_auth=false

2

These log messages don’t indicate any issues. The server error is just indicating the socket server is closed which will occur when the background service stops or is restarted. Check the profile logs for issues with the VPN connection.

3

Hello Zach,

Here is the Omi profile log from today, after I connected to our VPN server and tried (and failed) to use our services. Does this help?

Phil

2023-07-18 08:34:56 DEPRECATED OPTION: --cipher set to ‘AES-128-CBC’ but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add ‘AES-128-CBC’ to --data-ciphers or change --cipher ‘AES-128-CBC’ to --data-ciphers-fallback ‘AES-128-CBC’ to silence this warning./n
2023-07-18 08:34:56 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 14 2022/n
2023-07-18 08:34:56 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10/n
2023-07-18 08:34:56 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts/n
2023-07-18 08:34:56 Outgoing Control Channel Authentication: Using 160 bit message hash ‘SHA1’ for HMAC authentication/n
2023-07-18 08:34:56 Incoming Control Channel Authentication: Using 160 bit message hash ‘SHA1’ for HMAC authentication/n
2023-07-18 08:34:56 TCP/UDP: Preserving recently used remote address: [AF_INET]15.237.22.186:4500/n
2023-07-18 08:34:56 UDP link local: (not bound)/n
2023-07-18 08:34:56 UDP link remote: [AF_INET]15.237.22.186:4500/n
2023-07-18 08:34:56 VERIFY SCRIPT OK: depth=1, O=5f806bb46725dd821c3c38f4, CN=5f806bb46725dd821c3c3901/n
2023-07-18 08:34:56 VERIFY OK: depth=1, O=5f806bb46725dd821c3c38f4, CN=5f806bb46725dd821c3c3901/n
2023-07-18 08:34:56 VERIFY KU OK/n
2023-07-18 08:34:56 NOTE: --mute triggered…/n
2023-07-18 08:34:56 6 variation(s) on previous 3 message(s) suppressed by --mute/n
2023-07-18 08:34:56 [5f806bb76725dd821c3c3906] Peer Connection Initiated with [AF_INET]15.237.22.186:4500/n
2023-07-18 08:34:58 AUTH: Received control message: AUTH_FAILED,CRV1:R,E:85c5c353fa1d461aa2728e049f599fbf:bmls:Enter OTP Code/n
2023-07-18 08:34:58 SIGTERM[soft,auth-failure] received, process exiting/n
2023-07-18 08:35:27 DEPRECATED OPTION: --cipher set to ‘AES-128-CBC’ but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add ‘AES-128-CBC’ to --data-ciphers or change --cipher ‘AES-128-CBC’ to --data-ciphers-fallback ‘AES-128-CBC’ to silence this warning./n
2023-07-18 08:35:27 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 14 2022/n
2023-07-18 08:35:27 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10/n
2023-07-18 08:35:27 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts/n
2023-07-18 08:35:27 Outgoing Control Channel Authentication: Using 160 bit message hash ‘SHA1’ for HMAC authentication/n
2023-07-18 08:35:27 Incoming Control Channel Authentication: Using 160 bit message hash ‘SHA1’ for HMAC authentication/n
2023-07-18 08:35:27 TCP/UDP: Preserving recently used remote address: [AF_INET]15.237.22.186:4500/n
2023-07-18 08:35:27 UDP link local: (not bound)/n
2023-07-18 08:35:27 UDP link remote: [AF_INET]15.237.22.186:4500/n
2023-07-18 08:35:28 VERIFY SCRIPT OK: depth=1, O=5f806bb46725dd821c3c38f4, CN=5f806bb46725dd821c3c3901/n
2023-07-18 08:35:28 VERIFY OK: depth=1, O=5f806bb46725dd821c3c38f4, CN=5f806bb46725dd821c3c3901/n
2023-07-18 08:35:28 VERIFY KU OK/n
2023-07-18 08:35:28 NOTE: --mute triggered…/n
2023-07-18 08:35:28 6 variation(s) on previous 3 message(s) suppressed by --mute/n
2023-07-18 08:35:28 [5f806bb76725dd821c3c3906] Peer Connection Initiated with [AF_INET]15.237.22.186:4500/n
2023-07-18 08:35:29 Outgoing Data Channel: Cipher ‘AES-128-CBC’ initialized with 128 bit key/n
2023-07-18 08:35:29 Outgoing Data Channel: Using 160 bit message hash ‘SHA1’ for HMAC authentication/n
2023-07-18 08:35:29 Incoming Data Channel: Cipher ‘AES-128-CBC’ initialized with 128 bit key/n
2023-07-18 08:35:29 NOTE: --mute triggered…/n
2023-07-18 08:35:29 1 variation(s) on previous 3 message(s) suppressed by --mute/n
2023-07-18 08:35:29 TUN/TAP device tun0 opened/n
2023-07-18 08:35:29 net_iface_mtu_set: mtu 1500 for tun0/n
2023-07-18 08:35:29 net_iface_up: set tun0 up/n
2023-07-18 08:35:29 net_addr_v4_add: 192.168.228.55/24 dev tun0/n
2023-07-18 08:35:29 /tmp/pritunl/6ae03657dc2ab307-up.sh tun0 1500 1622 192.168.228.55 255.255.255.0 init/n
<14>Jul 18 08:35:29 6ae03657dc2ab307-up.sh: Link ‘tun0’ coming up/n
<14>Jul 18 08:35:29 6ae03657dc2ab307-up.sh: Adding IPv4 DNS Server 10.10.0.2/n
<14>Jul 18 08:35:29 6ae03657dc2ab307-up.sh: SetLinkDNS(5 1 2 4 10 10 0 2)/n
2023-07-18 08:35:29 WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this/n
2023-07-18 08:35:29 Initialization Sequence Completed/n
2023-07-18 08:36:04 event_wait : Interrupted system call (code=4)/n
2023-07-18 08:36:04 /tmp/pritunl/6ae03657dc2ab307-block.sh tun0 1500 1622 192.168.228.55 255.255.255.0 init/n
2023-07-18 08:36:04 Closing TUN/TAP interface/n
2023-07-18 08:36:04 net_addr_v4_del: 192.168.228.55 dev tun0/n
2023-07-18 08:36:04 /tmp/pritunl/6ae03657dc2ab307-down.sh tun0 1500 1622 192.168.228.55 255.255.255.0 init/n
Device “tun0” does not exist./n
<11>Jul 18 08:36:04 6ae03657dc2ab307-down.sh: Invalid device name: ‘tun0’. Usage: 6ae03657dc2ab307-down.sh up|down device_name./n
2023-07-18 08:36:04 WARNING: Failed running command (–up/–down): external program exited with error status: 1/n
2023-07-18 08:36:04 Exiting due to fatal error/n
2023-07-18 08:36:38 DEPRECATED OPTION: --cipher set to ‘AES-128-CBC’ but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add ‘AES-128-CBC’ to --data-ciphers or change --cipher ‘AES-128-CBC’ to --data-ciphers-fallback ‘AES-128-CBC’ to silence this warning./n
2023-07-18 08:36:38 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 14 2022/n
2023-07-18 08:36:38 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10/n
2023-07-18 08:36:38 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts/n
2023-07-18 08:36:38 Outgoing Control Channel Authentication: Using 160 bit message hash ‘SHA1’ for HMAC authentication/n
2023-07-18 08:36:38 Incoming Control Channel Authentication: Using 160 bit message hash ‘SHA1’ for HMAC authentication/n
2023-07-18 08:36:38 TCP/UDP: Preserving recently used remote address: [AF_INET]15.237.22.186:4500/n
2023-07-18 08:36:38 UDP link local: (not bound)/n
2023-07-18 08:36:38 UDP link remote: [AF_INET]15.237.22.186:4500/n
2023-07-18 08:36:38 VERIFY SCRIPT OK: depth=1, O=5f806bb46725dd821c3c38f4, CN=5f806bb46725dd821c3c3901/n
2023-07-18 08:36:38 VERIFY OK: depth=1, O=5f806bb46725dd821c3c38f4, CN=5f806bb46725dd821c3c3901/n
2023-07-18 08:36:38 VERIFY KU OK/n
2023-07-18 08:36:38 NOTE: --mute triggered…/n
2023-07-18 08:36:38 6 variation(s) on previous 3 message(s) suppressed by --mute/n
2023-07-18 08:36:38 [5f806bb76725dd821c3c3906] Peer Connection Initiated with [AF_INET]15.237.22.186:4500/n
2023-07-18 08:36:39 Outgoing Data Channel: Cipher ‘AES-128-CBC’ initialized with 128 bit key/n
2023-07-18 08:36:39 Outgoing Data Channel: Using 160 bit message hash ‘SHA1’ for HMAC authentication/n
2023-07-18 08:36:39 Incoming Data Channel: Cipher ‘AES-128-CBC’ initialized with 128 bit key/n
2023-07-18 08:36:39 NOTE: --mute triggered…/n
2023-07-18 08:36:39 1 variation(s) on previous 3 message(s) suppressed by --mute/n
2023-07-18 08:36:39 TUN/TAP device tun0 opened/n
2023-07-18 08:36:39 net_iface_mtu_set: mtu 1500 for tun0/n
2023-07-18 08:36:39 net_iface_up: set tun0 up/n
2023-07-18 08:36:39 net_addr_v4_add: 192.168.228.55/24 dev tun0/n
2023-07-18 08:36:39 /tmp/pritunl/6ae03657dc2ab307-up.sh tun0 1500 1622 192.168.228.55 255.255.255.0 init/n
<14>Jul 18 08:36:39 6ae03657dc2ab307-up.sh: Link ‘tun0’ coming up/n
<14>Jul 18 08:36:39 6ae03657dc2ab307-up.sh: Adding IPv4 DNS Server 10.10.0.2/n
<14>Jul 18 08:36:39 6ae03657dc2ab307-up.sh: SetLinkDNS(6 1 2 4 10 10 0 2)/n
2023-07-18 08:36:39 WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this/n
2023-07-18 08:36:39 Initialization Sequence Completed/n