@OP
The token checker is here. It only checks if a token is still in date though, it doesn't check current sessions in use.
Search found 1261 matches
- Mon Nov 09, 2020 3:51 pm
- Forum: member support & tech assistance
- Topic: AUTH_FAILED
- Replies: 2
- Views: 792
- Fri Oct 30, 2020 7:58 pm
- Forum: member support & tech assistance
- Topic: Cryptostorm network - news
- Replies: 23
- Views: 29293
Re: Cryptostorm network - news
All's good here, how's things with you?

I've cleaned the forums as best I can, but some of the entries in the forums seem to be "ghost" entries, which will require a sysadmin to clean out of the forum database.

- Fri Oct 30, 2020 7:53 pm
- Forum: member support & tech assistance
- Topic: Twitter.com not resolving
- Replies: 2
- Views: 983
- Thu Oct 29, 2020 11:26 pm
- Forum: member support & tech assistance
- Topic: Wireguard
- Replies: 3
- Views: 4741
- Mon Oct 19, 2020 2:01 pm
- Forum: member support & tech assistance
- Topic: Cryptostorm network - news
- Replies: 23
- Views: 29293
Re: Cryptostorm network - news
I'm back.Main Sequence wrote: ↑Sat Oct 03, 2020 5:17 pmLook at this way... September has come and gone.. we're now into October. No updates, no new news, no fixes. The Forum admin Parityboy hasn't logged-in for almost a month, with the result that the forum is overrun with spam postings. I can only conclude that the forum is essentially unmoderated, otherwise these spam posts would be long-gone. Everything seems to be running on autopilot.AnonAsPossible wrote: ↑Fri Sep 25, 2020 7:16 amWith cryptostorm.nu & Wireguard still down, it's a safe bet Df still ain't back. I hope he's OK, he is 'Cryptostorm', without him what do we have!?n8 wrote: ↑Thu Sep 24, 2020 11:49 amHey CS team
Any news on the network status?
- cryptostorm.nu is still bust
- Wireguard for CS is down
- OpenVPN is warning that it will soon discontinue 'compress' in your configs
- Is Df back? Last mention of him being available was end of August...
So an update would be higly appreciated. Thanks and take care.
n8
Over time, I can only anticipate that more and more services will break, and not be fixed. By all appearances, Cryptostorm is in terminal decline.


- Sat May 16, 2020 7:30 pm
- Forum: member support & tech assistance
- Topic: Wireguard
- Replies: 3
- Views: 4741
Re: Wireguard
@OP
The Wireguard support infrastrucure is down at the moment. It'll be back up when df returns.
The Wireguard support infrastrucure is down at the moment. It'll be back up when df returns.

- Sat Apr 25, 2020 7:13 pm
- Forum: member support & tech assistance
- Topic: Nodes down + Speed problems
- Replies: 3
- Views: 6026
Re: Nodes down + Speed problems
Your understanding would appear to be correct.

- Tue Mar 31, 2020 12:59 am
- Forum: member support & tech assistance
- Topic: Nodes down + Speed problems
- Replies: 3
- Views: 6026
Re: Nodes down + Speed problems
@OP
Dusseldorf went down a while ago, I believe. On a few nodes, the Wireguard instance is down but the OpenVPN instance is functioning, but I think with Dusseldorf the entire node is offline. See my sig. for the node status page.
Dusseldorf went down a while ago, I believe. On a few nodes, the Wireguard instance is down but the OpenVPN instance is functioning, but I think with Dusseldorf the entire node is offline. See my sig. for the node status page.

- Mon Feb 24, 2020 3:39 am
- Forum: member support & tech assistance
- Topic: Connection to Switzerland node being a little flaky
- Replies: 3
- Views: 1105
Re: Connection to Switzerland node being a little flaky
@OP
Can you provide a little more detail? What platform are you running? Are you using the Cryptostorm Widget to connect or something else?
Can you provide a little more detail? What platform are you running? Are you using the Cryptostorm Widget to connect or something else?
- Tue Feb 18, 2020 4:23 pm
- Forum: member support & tech assistance
- Topic: Default port forwarding
- Replies: 15
- Views: 3441
Re: Default port forwarding
@Main Sequence
Just to clarify, is this error showing up during leeching, seeding or both?
Just to clarify, is this error showing up during leeching, seeding or both?
- Mon Feb 17, 2020 4:11 am
- Forum: cryptofree: no-cost cryptostorm network access
- Topic: CryptoFree DNS problem
- Replies: 2
- Views: 3529
Re: CryptoFree DNS problem
@OP
Are you activating your connection from a desktop UI or from the terminal?
Are you activating your connection from a desktop UI or from the terminal?
- Mon Feb 17, 2020 12:11 am
- Forum: member support & tech assistance
- Topic: Default port forwarding
- Replies: 15
- Views: 3441
Re: Default port forwarding
@Main Sequence
Can you check your router to see if UPnP is enabled on it? If so switch it off and also disable it in your torrent client.
Can you check your router to see if UPnP is enabled on it? If so switch it off and also disable it in your torrent client.
- Sat Feb 15, 2020 5:57 pm
- Forum: cryptofree: no-cost cryptostorm network access
- Topic: Free service registration broken
- Replies: 3
- Views: 2430
Re: Free service registration broken
@mando
From what I understand the Wireguard token generator requires cryptostorm.nu to be up and running (which it isn't) although that may just be for the paid service. Also, it may be that the wireguard instance on the free service exit node may be down and require a restart.
From what I understand the Wireguard token generator requires cryptostorm.nu to be up and running (which it isn't) although that may just be for the paid service. Also, it may be that the wireguard instance on the free service exit node may be down and require a restart.
- Fri Feb 14, 2020 6:26 pm
- Forum: member support & tech assistance
- Topic: Default port forwarding
- Replies: 15
- Views: 3441
Re: Default port forwarding
@Main Sequence
Which torrent client are you using? Could you experiment with another one to see if the issue appears there as well?
Which torrent client are you using? Could you experiment with another one to see if the issue appears there as well?
- Thu Feb 13, 2020 9:19 pm
- Forum: member support & tech assistance
- Topic: Default port forwarding
- Replies: 15
- Views: 3441
Re: Default port forwarding
@Main Sequence
Does your real IP show if port-forwarding is disabled? How are you enabling port forwarding?
Does your real IP show if port-forwarding is disabled? How are you enabling port forwarding?
- Thu Feb 13, 2020 9:17 pm
- Forum: member support & tech assistance
- Topic: Periodic connection drops
- Replies: 3
- Views: 1416
Re: Periodic connection drops
@OP
Can you post some logs here so that I can take a look? Thanks.
@Lsd
If you are familiar with Linux you can use iptables to effect a killswitch. I did this for years before moving to pfSense.
Can you post some logs here so that I can take a look? Thanks.

@Lsd
If you are familiar with Linux you can use iptables to effect a killswitch. I did this for years before moving to pfSense.

- Thu Feb 13, 2020 9:14 pm
- Forum: member support & tech assistance
- Topic: Can't connect anymore?
- Replies: 1
- Views: 933
Re: Can't connect anymore?
@OP
Can you capture some log output and post it here? Thanks.
Can you capture some log output and post it here? Thanks.

- Sun Feb 09, 2020 6:00 pm
- Forum: member support & tech assistance
- Topic: Lost my Cryptostorm Token
- Replies: 2
- Views: 1204
- Sun Feb 09, 2020 5:55 pm
- Forum: member support & tech assistance
- Topic: I cant connect to the vpn
- Replies: 1
- Views: 807
Re: I cant connect to the vpn
@OP
Which exit node are you trying to connect to? What OS are you using?
Which exit node are you trying to connect to? What OS are you using?
- Tue Feb 04, 2020 12:13 am
- Forum: member support & tech assistance
- Topic: Cryptostorm network - news
- Replies: 23
- Views: 29293
Re: Cryptostorm network - news
@OP
Many thanks for the update.
Many thanks for the update.

- Mon Feb 03, 2020 1:24 am
- Forum: member support & tech assistance
- Topic: Can't get work new config files
- Replies: 5
- Views: 1662
Re: Can't get work new config files
@OP
I've not heard anything re: df. Hopefully he/she will be back soon.
I've not heard anything re: df. Hopefully he/she will be back soon.

- Mon Feb 03, 2020 1:18 am
- Forum: member support & tech assistance
- Topic: Token authentication not working
- Replies: 1
- Views: 875
Re: Token authentication not working
@OP
The authentication server is currently down. The system seems to have been designed so that in the event that certain services have failed (for whatever reason) the network will still remain accessible (and secure).
The authentication server is currently down. The system seems to have been designed so that in the event that certain services have failed (for whatever reason) the network will still remain accessible (and secure).
- Wed Jan 29, 2020 1:54 am
- Forum: member support & tech assistance
- Topic: Can't get work new config files
- Replies: 5
- Views: 1662
Re: Can't get work new config files
@OP
Glad you got it working!
FYI, if you check the uptime link in my sig, you'll likely find that those four configs that don't work look rather familiar...
Glad you got it working!

- Mon Jan 27, 2020 8:52 pm
- Forum: member support & tech assistance
- Topic: Can't get work new config files
- Replies: 5
- Views: 1662
Re: Can't get work new config files
@OP
With the connection active can you ping a DNS server such as 8.8.8.8 or 1.1.1.1?
With the connection active can you ping a DNS server such as 8.8.8.8 or 1.1.1.1?
- Tue Dec 31, 2019 3:42 am
- Forum: cryptostorm in-depth: announcements, how it works, what it is
- Topic: The CryptoStorm Speed Test Thread
- Replies: 78
- Views: 187411
Re: The CryptoStorm Speed Test Thread
@thread
I recently upgraded to a 70Mb/s FTTC connection so I thought I'd share some results here.
Connected to the Sweden node and pulling a copy of Linux Mint from the Swedish mirror, I get this:
Works out to 59.84Mbit/s; not bad considering I'm not using a node closer to me. 
I recently upgraded to a 70Mb/s FTTC connection so I thought I'd share some results here.

Code: Select all
Resolving saimei.ftp.acc.umu.se (saimei.ftp.acc.umu.se)... 194.71.11.138, 2001:6b0:19::138
Connecting to saimei.ftp.acc.umu.se (saimei.ftp.acc.umu.se)|194.71.11.138|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2036826112 (1.9G) [application/x-iso9660-image]
Saving to: ‘linuxmint-19.3-cinnamon-64bit.iso’
linuxmint-19.3-cinnamon-64bit.iso 100%[=========================================================================>] 1.90G 7.28MB/s in 4m 20s
2019-12-30 22:50:03 (7.48 MB/s) - ‘linuxmint-19.3-cinnamon-64bit.iso’ saved [2036826112/2036826112]

- Thu Dec 26, 2019 12:42 am
- Forum: member support & tech assistance
- Topic: Some services down?
- Replies: 15
- Views: 3586
Re: Some services down?
@Bob
Which node are you trying to connect to?
Which node are you trying to connect to?
- Tue Dec 17, 2019 5:21 am
- Forum: cryptofree: no-cost cryptostorm network access
- Topic: Free service registration broken
- Replies: 3
- Views: 2430
Re: Free service registration broken
@OP
I think registering for a Wireguard token is broken at the moment.
I think registering for a Wireguard token is broken at the moment.
- Fri Dec 06, 2019 12:10 am
- Forum: member support & tech assistance
- Topic: Token doesn't work - support not responding.
- Replies: 18
- Views: 4188
Re: Token doesn't work - support not responding.
I could be wrong but apart from a misconfiguration, the Frankfurt node might have a flaky network card in it.DudeOfLondon wrote: ↑Thu Dec 05, 2019 5:16 amAlso some European servers don't load all webpages. eg. the Frankfurt node does oly load half of my websites. Not ebven this forum loads with the Frankfurt node.
- Wed Dec 04, 2019 9:17 pm
- Forum: member support & tech assistance
- Topic: cryptostorm.nu down?
- Replies: 4
- Views: 1917
Re: cryptostorm.nu down?
Absolutely no idea. He could have been hit by a car, struck down with illness, had to relocate @ short notice (although the last one is less likely, considering the lack of comms but you never know).
- Wed Dec 04, 2019 5:17 am
- Forum: member support & tech assistance
- Topic: Black Friday Sale
- Replies: 10
- Views: 2566
Re: Black Friday Sale
HavenLabs is not a Twitter account I follow, so I can't comment on that. However, there is certainly something strange (and presumably not good) happening.AnonAsPossible wrote: ↑Tue Dec 03, 2019 10:35 pmThis is worrying, lots of down servers, df not seen anywhere, strange message on twitter yesterday!!
parityboy, any insights?????
edit; also HavenLabs hasn't tweeted anything since july 7, they're part of CS, right? There's something strange going on...
- Wed Dec 04, 2019 5:14 am
- Forum: member support & tech assistance
- Topic: Token doesn't work - support not responding.
- Replies: 18
- Views: 4188
Re: Token doesn't work - support not responding.
@DudeOfLondon
When I connect (using Konversation) I get
likely due to the SSL certificate being self-signed. Odd that they never replaced it with a Let's Encrypt cert, but the IRC server has always used that self-signed certificate.
When I connect (using Konversation) I get
Code: Select all
[SSL Connection Warning] The SSL certificate for the server irc.cryptostorm.is (port 6697) failed the authenticity check.
- Mon Dec 02, 2019 5:27 pm
- Forum: member support & tech assistance
- Topic: Spammers
- Replies: 4
- Views: 1743
- Mon Dec 02, 2019 5:26 pm
- Forum: DeepDNS - cryptostorm's no-compromise DNS resolver framework
- Topic: DNS over TLS with unbound
- Replies: 1
- Views: 2573
Re: DNS over TLS with unbound
@OP
As far as I know, CS only support DNSCrypt.
As far as I know, CS only support DNSCrypt.
- Mon Dec 02, 2019 1:54 am
- Forum: member support & tech assistance
- Topic: Token doesn't work - support not responding.
- Replies: 18
- Views: 4188
Re: Token doesn't work - support not responding.
@Hyam
Thanks for not going off at the deep end.
And yes, it is disappointing but more worrying than disappointing.
@DudeOfLondon
It looks like the Wireguard instance at the Frankfurt server has fallen over. The OpenVPN instance is up and running (I'm connected to it right now).
Thanks for not going off at the deep end.

@DudeOfLondon
It looks like the Wireguard instance at the Frankfurt server has fallen over. The OpenVPN instance is up and running (I'm connected to it right now).
- Sat Nov 30, 2019 9:13 am
- Forum: member support & tech assistance
- Topic: Token doesn't work - support not responding.
- Replies: 18
- Views: 4188
Re: Token doesn't work - support not responding.
@OP
I owe you an apology: I saw your latest posts and managed to hit the "Disapprove" button, which was damned careless of me; once again, I apologise.
On a more technical note, if you wish to know which nodes are available, check my sig for an uptime page. For some odd reason, Moldova spent a day offline but has somehow come back up.
I owe you an apology: I saw your latest posts and managed to hit the "Disapprove" button, which was damned careless of me; once again, I apologise.
On a more technical note, if you wish to know which nodes are available, check my sig for an uptime page. For some odd reason, Moldova spent a day offline but has somehow come back up.
- Sat Nov 30, 2019 9:07 am
- Forum: member support & tech assistance
- Topic: Black Friday Sale
- Replies: 10
- Views: 2566
Re: Black Friday Sale
@OP
There's a Black Friday announcement on the site, which could have been automated. As far as I am aware, it wasn't placed there by df.
There's a Black Friday announcement on the site, which could have been automated. As far as I am aware, it wasn't placed there by df.
- Fri Nov 29, 2019 6:26 pm
- Forum: member support & tech assistance
- Topic: Black Friday Sale
- Replies: 10
- Views: 2566
Re: Black Friday Sale
@OP
As you may or may not know, df has been missing in action for the past few days. Unless he pops up shortly, there won't be any Black Friday sales. I would hold off buying any tokens at all until he returns.
As you may or may not know, df has been missing in action for the past few days. Unless he pops up shortly, there won't be any Black Friday sales. I would hold off buying any tokens at all until he returns.

- Thu Nov 28, 2019 10:34 pm
- Forum: member support & tech assistance
- Topic: Token doesn't work - support not responding.
- Replies: 18
- Views: 4188
Re: Token doesn't work - support not responding.
If you have a native IRC client, you can hop onto IRC at irc.cryptostorm.is, port 6697 (SSL) or 6667 (non-SSL).
With OpenVPN, which configs are you using (RSA, ed448, ed25519)? Also which server are you trying to connect to? Could you post any logs?
- Thu Nov 28, 2019 5:51 am
- Forum: member support & tech assistance
- Topic: Token doesn't work - support not responding.
- Replies: 18
- Views: 4188
Re: Token doesn't work - support not responding.
@OP
Cryptostorm is definitely not a scam, I've been using it since 2014, basically since launch day.
Can you post any logs from your OpenVPN connection attempts (I don't use Wireguard so I'm not familiar with it)? Also which server are you trying to connect to?
Cryptostorm is definitely not a scam, I've been using it since 2014, basically since launch day.

Can you post any logs from your OpenVPN connection attempts (I don't use Wireguard so I'm not familiar with it)? Also which server are you trying to connect to?
- Thu Nov 28, 2019 5:46 am
- Forum: member support & tech assistance
- Topic: Some services down?
- Replies: 15
- Views: 3586
Re: Some services down?
@moris
If you have a native IRC client you can join the IRC channel at irc.cryptstorm.is, port 6697 (SSL) or 6667 (non-SSL). The channel name is #cryptostorm.
If you have a native IRC client you can join the IRC channel at irc.cryptstorm.is, port 6697 (SSL) or 6667 (non-SSL). The channel name is #cryptostorm.
- Wed Nov 27, 2019 9:36 am
- Forum: member support & tech assistance
- Topic: Some services down?
- Replies: 15
- Views: 3586
Re: Some services down?
@OP
Glad you got it working.
By the way, if you wish to know if a node truly is down or not, check here. 
Glad you got it working.


- Tue Nov 26, 2019 5:59 pm
- Forum: member support & tech assistance
- Topic: Some services down?
- Replies: 15
- Views: 3586
Re: Some services down?
@OP
I would wager it's something local. What node are you connected to when you perform the DNS query?
EDIT
I got the wrong end of the stick. The host resolution is fine, I suspect (from your log) that the OpenVPN server on port 5601 is down. Could you try connecting to the same node using one of the RSA configs instead?
Code: Select all
nslookup la.cryptostorm.pw
Code: Select all
Server: 127.0.1.1
Address: 127.0.1.1#53
Non-authoritative answer:
Name: la.cryptostorm.pw
Address: 173.208.77.71
Name: la.cryptostorm.pw
Address: 173.208.77.70
Name: la.cryptostorm.pw
Address: 173.208.77.89
Name: la.cryptostorm.pw
Address: 23.19.67.117
Name: la.cryptostorm.pw
Address: 173.208.77.78
Name: la.cryptostorm.pw
Address: 173.208.77.82
Name: la.cryptostorm.pw
Address: 173.208.77.79
Name: la.cryptostorm.pw
Address: 173.208.77.67
Name: la.cryptostorm.pw
Address: 173.208.77.80
Name: la.cryptostorm.pw
Address: 173.208.77.84
Name: la.cryptostorm.pw
Address: 173.208.77.83
Name: la.cryptostorm.pw
Address: 173.208.77.81
Name: la.cryptostorm.pw
Address: 173.208.77.76
Name: la.cryptostorm.pw
Address: 173.208.77.86
Name: la.cryptostorm.pw
Address: 173.208.77.75
Name: la.cryptostorm.pw
Address: 173.208.77.77
Name: la.cryptostorm.pw
Address: 173.208.77.72
Name: la.cryptostorm.pw
Address: 173.208.77.85
Name: la.cryptostorm.pw
Address: 173.208.77.90
Name: la.cryptostorm.pw
Address: 173.208.77.88
Name: la.cryptostorm.pw
Address: 173.208.77.66
Name: la.cryptostorm.pw
Address: 23.19.67.119
Name: la.cryptostorm.pw
Address: 173.208.77.73
Name: la.cryptostorm.pw
Address: 173.208.77.69
Name: la.cryptostorm.pw
Address: 173.208.77.68
Name: la.cryptostorm.pw
Address: 173.208.77.87
Name: la.cryptostorm.pw
Address: 23.19.67.118
Name: la.cryptostorm.pw
Address: 173.208.77.91
Name: la.cryptostorm.pw
Address: 173.208.77.74
EDIT
I got the wrong end of the stick. The host resolution is fine, I suspect (from your log) that the OpenVPN server on port 5601 is down. Could you try connecting to the same node using one of the RSA configs instead?
- Sun Nov 24, 2019 5:00 am
- Forum: member support & tech assistance
- Topic: Spammers
- Replies: 4
- Views: 1743
Re: Spammers
@OP
df is going to have to implement a CAPTCHA or something to block automated registration bots...and then maybe 2FA afterwards to knock out password guessers.
df is going to have to implement a CAPTCHA or something to block automated registration bots...and then maybe 2FA afterwards to knock out password guessers.
- Sun Nov 24, 2019 4:56 am
- Forum: member support & tech assistance
- Topic: Default port forwarding
- Replies: 15
- Views: 3441
Re: Default port forwarding
@OP
Are you talking about port forwarding in general or specifically doing it on a Cryptostorm exit node?
Are you talking about port forwarding in general or specifically doing it on a Cryptostorm exit node?
- Sun Nov 24, 2019 4:54 am
- Forum: member support & tech assistance
- Topic: cryptostorm.nu down?
- Replies: 4
- Views: 1917
Re: cryptostorm.nu down?
@OP
No idea, but it's definitely still down for whatever reason...
No idea, but it's definitely still down for whatever reason...
- Mon Aug 05, 2019 9:05 pm
- Forum: independent cryptostorm token resellers, & tokens 101
- Topic: New token reseller -> okaruto.space
- Replies: 10
- Views: 21737
Re: New token reseller -> okaruto.space
@OP
Glad you're back and still operating!
Glad you're back and still operating!

- Sun Jul 07, 2019 1:11 am
- Forum: crypto, VPN & security news
- Topic: [VPNPro] Hidden VPN owners unveiled: 97 VPN products run by just 23 companies
- Replies: 0
- Views: 5117
[VPNPro] Hidden VPN owners unveiled: 97 VPN products run by just 23 companies
SourceOn the surface, it may seem that the VPN market is teeming with various companies competing for a piece of the growing consumer VPN pie.
However, when we began to look further into the VPNs and the companies that own them, we noticed something interesting: a lot of these products are owned by the same company. With our interests piqued, we decided to dig deeper to see just how many VPN products are owned or operated by which companies.
The number may surprise you:
Our research shows that at least 97 VPN products are owned or operated by only 23 companies.
This includes both cross-platform and mobile-only VPN products. It also includes direct subsidiaries or products/brands, as well as white label services. This represents a much bigger number than was previously reported in other research.
For our analysis, we only included parent companies that own or operate more than one VPN product.
You can find our infographic that summarizes our research here.
- Sun Jul 07, 2019 1:07 am
- Forum: general chat, suggestions, industry news
- Topic: OpenWRT + VPN (openvpn) + doh (dnscrypt-proxy)
- Replies: 1
- Views: 1597
Re: OpenWRT + VPN (openvpn) + doh (dnscrypt-proxy)
@OP
It's always useful to run a VPN on a router, since it saves having to run a VPN client on every Internet-accessing device. DNSCrypt is the cherry on top if you can get it working.
It's always useful to run a VPN on a router, since it saves having to run a VPN client on every Internet-accessing device. DNSCrypt is the cherry on top if you can get it working.

- Sun Jul 07, 2019 1:04 am
- Forum: member support & tech assistance
- Topic: internal DHCP ip clash only on Dusseldorf UDP
- Replies: 3
- Views: 2620
Re: internal DHCP ip clash only on Dusseldorf UDP
@OP
Interesting...do you not use the usual 192.168.x.x. addressing scheme on your LAN, or is this on a mobile Windows device?
Interesting...do you not use the usual 192.168.x.x. addressing scheme on your LAN, or is this on a mobile Windows device?
- Sun Jul 07, 2019 1:01 am
- Forum: member support & tech assistance
- Topic: VirtualBox Kubuntu VM not allowing LAN access with CS
- Replies: 4
- Views: 2549
- Mon Jun 24, 2019 5:20 pm
- Forum: member support & tech assistance
- Topic: IPLeak.net broken?
- Replies: 18
- Views: 8465
Re: IPLeak.net broken?
@df
Yeah, thanks for that. I think that for now 'll just set the 10.x.x.x DNS server address on the hosts I need it for. It works and is a simple fix.
Yeah, thanks for that. I think that for now 'll just set the 10.x.x.x DNS server address on the hosts I need it for. It works and is a simple fix.

- Mon Jun 24, 2019 5:15 pm
- Forum: member support & tech assistance
- Topic: VirtualBox Kubuntu VM not allowing LAN access with CS
- Replies: 4
- Views: 2549
Re: VirtualBox Kubuntu VM not allowing LAN access with CS
@OP
In the VM config, is the LAN interface NAT or bridged?
In the VM config, is the LAN interface NAT or bridged?
- Thu May 23, 2019 6:23 am
- Forum: member support & tech assistance
- Topic: IPLeak.net broken?
- Replies: 18
- Views: 8465
Re: IPLeak.net broken?
That's the one thing that pfSense cannot do. It'll do it on it's WAN interface, but not on any of the tunnel interfaces. If it could, it would make life far, far simpler...df wrote: ↑Sat May 04, 2019 7:45 pm@parityboy
...
As for the DNS leak test failing, I can only see that happening on a host behind the router, and only if the host is set to use DHCP and a DNS server running on the router (which would be connected to CS, and maybe set to use the DNS pushed by the VPN).
- Thu May 23, 2019 6:17 am
- Forum: member support & tech assistance
- Topic: Which ovpn files to run on IOS (iphone5 gen) and OpenVPN 3.0.2?
- Replies: 1
- Views: 1461
- Mon Apr 29, 2019 2:30 pm
- Forum: crypto, VPN & security news
- Topic: [The Register] There's NordVPN odd about this, right? Infosec types concerned over strange app traffic
- Replies: 0
- Views: 2977
[The Register] There's NordVPN odd about this, right? Infosec types concerned over strange app traffic
SourceWeird things are afoot with NordVPN's app and the traffic it generates - Reg readers have spotted it contacting strange domains in the same way compromised machines talk to botnets' command-and-control servers.
Although NordVPN has told us this is expected behaviour by the app and is intended as a counter-blocking mechanism, the company's explanation has shifted a number of times.
...
Further scratching of heads led to infosec bod Ryan Niemes' personal blog, where he had written about exactly the same odd traffic. Except Niemes had noticed something else too: these domains weren't owned by anybody. So he bought them and spun up an EC2 instance to log what was coming in.
- Sun Apr 28, 2019 4:42 pm
- Forum: member support & tech assistance
- Topic: IPLeak.net broken?
- Replies: 18
- Views: 8465
Re: IPLeak.net broken?
@df
Apart from the usual SNAT/MASQ stuff which is needed anyway, the only thing outstanding I have in pfSense is a port forward rule to support a private tracker and that only applies to a single VM guest on a host-only network of its own.
Another thing I noticed is that I can't get pfSense to resolve .onion or .i2p domains using its configured (public) Cryptostorm DNS servers. However, if I tell one of my desktops (sitting behind pfSense) to use 10.31.33.8 in Network Manager, they resolve. It used to work in pfSense perfectly well.
I wonder if pfSense is doing something strange (which might explain both DNS test failures)...
Apart from the usual SNAT/MASQ stuff which is needed anyway, the only thing outstanding I have in pfSense is a port forward rule to support a private tracker and that only applies to a single VM guest on a host-only network of its own.
Another thing I noticed is that I can't get pfSense to resolve .onion or .i2p domains using its configured (public) Cryptostorm DNS servers. However, if I tell one of my desktops (sitting behind pfSense) to use 10.31.33.8 in Network Manager, they resolve. It used to work in pfSense perfectly well.
I wonder if pfSense is doing something strange (which might explain both DNS test failures)...
- Sun Apr 28, 2019 1:45 am
- Forum: member support & tech assistance
- Topic: IPLeak.net broken?
- Replies: 18
- Views: 8465
Re: IPLeak.net broken?
@df
I get 88.202.180.213, which is one of the England exit node IPs.
I get 88.202.180.213, which is one of the England exit node IPs.
- Sun Apr 28, 2019 12:24 am
- Forum: member support & tech assistance
- Topic: IPLeak.net broken?
- Replies: 18
- Views: 8465
Re: IPLeak.net broken?
@df
Those are exit node IPs. : ) They are what shows up on https://cryptostorm.is/test, depending on the exit node being used.
Code: Select all
whoami.cryptostorm.is has address 88.202.180.213
- Fri Apr 26, 2019 9:51 pm
- Forum: member support & tech assistance
- Topic: IPLeak.net broken?
- Replies: 18
- Views: 8465
Re: IPLeak.net broken?
@df
I just tried the CS DNS Leak Test page. The IPs it listed are actually the IPs of the exit nodes I'm connected to, rather than the DNS servers I'm using, hence it lists them in red as "not cryptostorm DNS". I've configured pfSense to use 82.163.72.123 and 128.127.104.108 as DNS servers.
I just tried the CS DNS Leak Test page. The IPs it listed are actually the IPs of the exit nodes I'm connected to, rather than the DNS servers I'm using, hence it lists them in red as "not cryptostorm DNS". I've configured pfSense to use 82.163.72.123 and 128.127.104.108 as DNS servers.
- Sun Apr 21, 2019 2:05 am
- Forum: member support & tech assistance
- Topic: Visiting onion sites in firefox on MacOS?
- Replies: 1
- Views: 2270
- Mon Mar 11, 2019 7:36 pm
- Forum: member support & tech assistance
- Topic: Connecting through Cryptostorm in China
- Replies: 2
- Views: 3290
Re: Connecting through Cryptostorm in China
@OP
As far as I am aware, the Great Firewall will (at least try to) block OpenVPN at the protocol level. The newer CS configs employ TLS to encrypt the OpenVPN handshake which should defeat and kind of Deep Packet Inspection. However Cryptostorm IPs are public, so blocking them is not exactly difficult.
As far as I am aware, the Great Firewall will (at least try to) block OpenVPN at the protocol level. The newer CS configs employ TLS to encrypt the OpenVPN handshake which should defeat and kind of Deep Packet Inspection. However Cryptostorm IPs are public, so blocking them is not exactly difficult.
- Mon Mar 11, 2019 7:33 pm
- Forum: member support & tech assistance
- Topic: NBN (National Broadband Network) in Australia
- Replies: 2
- Views: 3187
Re: NBN (National Broadband Network) in Australia
@marza
Unless NBN goes out of its way to block port 443 or the OpenVPN protocol, it should no different to how it is now in terms of setup and operation.
Unless NBN goes out of its way to block port 443 or the OpenVPN protocol, it should no different to how it is now in terms of setup and operation.
- Mon Jan 14, 2019 3:24 pm
- Forum: crypto, VPN & security news
- Topic: [BleepingComputer] VORACLE Attack Can Recover HTTP Data From VPN Connections
- Replies: 5
- Views: 17051
Re: [BleepingComputer] VORACLE Attack Can Recover HTTP Data From VPN Connections
@df
Really? All of the security-related posts here on the form have all pointed to compression being disabled (at least according to PJ and the earlier configs).
Really? All of the security-related posts here on the form have all pointed to compression being disabled (at least according to PJ and the earlier configs).
- Fri Dec 07, 2018 5:15 pm
- Forum: general chat, suggestions, industry news
- Topic: wrong repository link in tutorial
- Replies: 3
- Views: 7205
Re: wrong repository link in tutorial
@OP
Try this:
Linux Mint is based on Ubuntu and the latest Ubuntu is Bionic Beaver. Packages like OpenVPN are packaged for the base system rather than the extras added on by respins such as Mint or Kubuntu. 
Try this:
Code: Select all
sudo -s
wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg|apt-key add -
echo "deb http://build.openvpn.net/debian/openvpn/stable bionic main" > /etc/apt/sources.list.d/openvpn-aptrepo.list
apt-get update && apt-get install openvpn
exit

- Sun Nov 04, 2018 5:14 am
- Forum: member support & tech assistance
- Topic: The network with few opened outside ports. How2 connect to OVPN servers?
- Replies: 5
- Views: 8751
Re: The network with few opened outside ports. How2 connect to OVPN servers?
@OP
Can you post some logs generated by OpenVPN?
Can you post some logs generated by OpenVPN?
- Thu Nov 01, 2018 11:43 pm
- Forum: member support & tech assistance
- Topic: Probs with new configs in Ubuntu
- Replies: 28
- Views: 24049
Re: Probs with new configs in Ubuntu
MOQ888 wrote:kubuntu up and running, CS working well - HOORAY!



- Thu Nov 01, 2018 11:42 pm
- Forum: member support & tech assistance
- Topic: [VyOS] VyOS Complains That ca.crt Is Invalid
- Replies: 9
- Views: 14420
Re: [VyOS] VyOS Complains That ca.crt Is Invalid
@df
As a router, VyOS is actually OK. As a security device, clearly not so much so I would never use it as an edge device (although some people put their firewalls behind their edge-located routers).
As a router, VyOS is actually OK. As a security device, clearly not so much so I would never use it as an edge device (although some people put their firewalls behind their edge-located routers).
- Tue Oct 30, 2018 12:47 pm
- Forum: member support & tech assistance
- Topic: [VyOS] VyOS Complains That ca.crt Is Invalid
- Replies: 9
- Views: 14420
Re: [VyOS] VyOS Complains That ca.crt Is Invalid
@df
I blew the VyOS instance away (I'll likely get a mini PC from AliExpress or Banggood and stick pfSense on it) but here's the ca.crt I was using.
I blew the VyOS instance away (I'll likely get a mini PC from AliExpress or Banggood and stick pfSense on it) but here's the ca.crt I was using.
Code: Select all
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIJAKekpGXxXvhbMA0GCSqGSIb3DQEBCwUAMIG6MQswCQYD
VQQGEwJDQTELMAkGA1UECBMCUUMxETAPBgNVBAcTCE1vbnRyZWFsMTYwNAYDVQQK
FC1LYXRhbmEgSG9sZGluZ3MgTGltaXRlIC8gIGNyeXB0b3N0b3JtX2RhcmtuZXQx
ETAPBgNVBAsTCFRlY2ggT3BzMRcwFQYDVQQDFA5jcnlwdG9zdG9ybV9pczEnMCUG
CSqGSIb3DQEJARYYY2VydGFkbWluQGNyeXB0b3N0b3JtLmlzMCAXDTE3MTIxNjA3
NTk0MloYDzIwNjcxMjE2MDc1OTQyWjCBujELMAkGA1UEBhMCQ0ExCzAJBgNVBAgT
AlFDMREwDwYDVQQHEwhNb250cmVhbDE2MDQGA1UEChQtS2F0YW5hIEhvbGRpbmdz
IExpbWl0ZSAvICBjcnlwdG9zdG9ybV9kYXJrbmV0MREwDwYDVQQLEwhUZWNoIE9w
czEXMBUGA1UEAxQOY3J5cHRvc3Rvcm1faXMxJzAlBgkqhkiG9w0BCQEWGGNlcnRh
ZG1pbkBjcnlwdG9zdG9ybS5pczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlo5Jghf+yb7j86QKDIA9gH9U+MOj1gFz7POcobF3UXx8CR6py4+kY0LEwE
s66YuwF3Et1Haymkrxy72RjHqD58FRC1KGg6PzhDr6foXgOpuOweUvBTLS6WR5Ba
TW+8oqSkFWIZUWxnk4N1npxonZRjYLjU4AJNB1uUKpp5uwtC+n9UYpNZ2H1SwZDc
tpJNzG3Q+ySqkaJYRR44YbeYoTQpbK/G3o7H2Kz1BsNck5h2SVBo9f3JS4gjTcaP
fGb6+Lqra/MPlXKY55MzKTLsZ5q1t3ZTjn0vDO7+D7xXoRCXyq9atcRJf9ldm80b
xABw5dTiS00E6hm3CzpPOSelAXcCAwEAAaOCASMwggEfMAwGA1UdEwQFMAMBAf8w
HQYDVR0OBBYEFDhY4fdfMy+L0fMdat75Kep6cFElMIHvBgNVHSMEgecwgeSAFDhY
4fdfMy+L0fMdat75Kep6cFEloYHApIG9MIG6MQswCQYDVQQGEwJDQTELMAkGA1UE
CBMCUUMxETAPBgNVBAcTCE1vbnRyZWFsMTYwNAYDVQQKFC1LYXRhbmEgSG9sZGlu
Z3MgTGltaXRlIC8gIGNyeXB0b3N0b3JtX2RhcmtuZXQxETAPBgNVBAsTCFRlY2gg
T3BzMRcwFQYDVQQDFA5jcnlwdG9zdG9ybV9pczEnMCUGCSqGSIb3DQEJARYYY2Vy
dGFkbWluQGNyeXB0b3N0b3JtLmlzggkAp6SkZfFe+FswDQYJKoZIhvcNAQELBQAD
ggEBABrPLmFpugICgUKyJ+6q5h8ZKfoV3S0RtTfrwtobNSFf7H4ZQvCXF2bOuhyc
g00ffreEGZN2uwtiLh38ncB/BFhHfgkITfTe88m08pJ45PkrpeBfrFbZ+ckXVhV/
aCnUKkIZgmCNKnn1RIbUt4mzTzggwtN3GamoTzSWqSwCEO9Ig1AJKi5Ms/5Awtdz
nr95qaqI0ih0NGnfC/yIGYvt1Yay0hCil3jIUT9Ogdw6DW6RqUdJaPrwm58fTwIR
U33KzBqGs8r3UEIMWXuIGc6eXOm2Br08iFgOsUPGqp1ulvD52pFH1o1vT21v3aXl
D9Ier/83JLMnBGctT1Kzs9OP/U0=
-----END CERTIFICATE-----
- Tue Oct 30, 2018 12:41 pm
- Forum: member support & tech assistance
- Topic: Probs with new configs in Ubuntu
- Replies: 28
- Views: 24049
Re: Probs with new configs in Ubuntu
@MOQ888
Hmmm...I have KDE Neon badgering me to update it to its new 18.04 LTS base, but I'm now wondering whether it's worth it. Having said that, my VPN is handled by a router so I wouldn't need Network Manager for VPN duty.
Hmmm...I have KDE Neon badgering me to update it to its new 18.04 LTS base, but I'm now wondering whether it's worth it. Having said that, my VPN is handled by a router so I wouldn't need Network Manager for VPN duty.

- Sun Oct 28, 2018 7:21 pm
- Forum: member support & tech assistance
- Topic: Probs with new configs in Ubuntu
- Replies: 28
- Views: 24049
Re: Probs with new configs in Ubuntu
@MOQ888
Glad you got working.
Now we just need Network Manager to support the ECC instances. 
Glad you got working.


- Sat Oct 27, 2018 3:31 pm
- Forum: member support & tech assistance
- Topic: [Exits] England Node Not Passing Any Traffic
- Replies: 16
- Views: 19034
Re: [Exits] England Node Not Passing Any Traffic
@df
I agree.
On that note, what happened to the Spain node? I see the legacy one has been consolidated onto the Portugal node and the newer configs (including RSA) have no Spain node at all.
I agree.

- Sat Oct 27, 2018 3:07 pm
- Forum: member support & tech assistance
- Topic: [SOLVED] Port Forwarding On Legacy Nodes: Broken?
- Replies: 6
- Views: 8468
- Sat Oct 27, 2018 8:15 am
- Forum: member support & tech assistance
- Topic: [Exits] England Node Not Passing Any Traffic
- Replies: 16
- Views: 19034
Re: [Exits] England Node Not Passing Any Traffic
@df
Sounds like something might be broken in the kernel running on that machine, or maybe sysctl needs a tweak? No reason why UDP should have issues when TCP works fine and the Windows-optimised instances also work fine.
Sounds like something might be broken in the kernel running on that machine, or maybe sysctl needs a tweak? No reason why UDP should have issues when TCP works fine and the Windows-optimised instances also work fine.
- Sat Oct 27, 2018 7:58 am
- Forum: member support & tech assistance
- Topic: [SOLVED] Port Forwarding On Legacy Nodes: Broken?
- Replies: 6
- Views: 8468
[SOLVED] Re: Port Forwarding On Legacy Nodes: Broken?
@df
Found it.
In pfSense on the Port Forwarding page, simply creating the rule isn't enough. There's a field near the bottom of the page which says "Filter rule association". The default selection for this is "None" (no doubt for security reasons). To make the rule active, one needs to select "Pass".
Found it.

- Sat Oct 27, 2018 6:05 am
- Forum: member support & tech assistance
- Topic: [SOLVED] Port Forwarding On Legacy Nodes: Broken?
- Replies: 6
- Views: 8468
[SOLVED] Re: Port Forwarding On Legacy Nodes: Broken?
@df
Yep, I have a NAT hole punched in my pfSense firewall for the VPN client address (10.66.216.32) which is in turn forwarded to the VM running my BitTorrent client (which is listening on 45886). Weird - it definitely worked before the upgrade (I checked it with telnet from an outside network).
I'll dig into it more and try to see where the issue is.
Yep, I have a NAT hole punched in my pfSense firewall for the VPN client address (10.66.216.32) which is in turn forwarded to the VM running my BitTorrent client (which is listening on 45886). Weird - it definitely worked before the upgrade (I checked it with telnet from an outside network).
I'll dig into it more and try to see where the issue is.