Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

widget v3

Looking for a bit more than customer support, and want to learn more about what cryptostorm is , what we've been announcing lately, and how the cryptostorm network makes the magic? This is a great place to start, so make yourself at home!

DudeOfLondon
Posts: 67
Joined: Sat Jan 10, 2015 5:14 pm

Re: widget v3

Post by DudeOfLondon » Tue Mar 26, 2019 2:48 am

Thanks.

I got a problem though.
When using UDP I can't browse any site, it hangs there on "TLS handshake with www.12324.com ..." in the browser status line.
Doesn't matter which server or ECC cuve. Also tried different ports, doesn't matter, it does not work with UDP.
When switching to TCP I can browse the web.

What can I do? WHy does UDP not work? I'm on Windows 10, no firewall insalled except the win10 integrated one.

EDIT: Same exact problem and behavior on my android device!


DudeOfLondon
Posts: 67
Joined: Sat Jan 10, 2015 5:14 pm

Re: widget v3

Post by DudeOfLondon » Tue Mar 26, 2019 4:41 am

So it seems this must be an MTU problem that is only present when using UDP.
I found out that the MTU of my router is 1440 for the bonding tunnel of the DSL+LTE connection.
Minus 28 for UDP should be a link mtu of 1412 and a tunnnel MTU or tun-mtu of 1362.

If I edit the OVPN config file and enter tun-mtu=1362 internet works on my android. (or enter 1362 in the tunnel mtu field of the GUI of Anre Schwabe's app).

But how can I edit the inbuilt configs of the widget to use a different MTU than default?


AnonAsPossible
Posts: 7
Joined: Fri Feb 10, 2017 3:49 am

Re: widget v3

Post by AnonAsPossible » Tue Mar 26, 2019 10:31 pm

I don't use their widget, only the openvpn gui.

You should contact their support at; support@cryptostorm.is , the response is usually quite fast.

And post their response here, so we can all learn...

User avatar

Topic Author
df
Site Admin
Posts: 415
Joined: Thu Jan 01, 1970 5:00 am

Re: widget v3

Post by df » Mon Apr 08, 2019 5:34 am

DudeOfLondon: secp521r1 is default because it is more secure than Ed448 or Ed25519, but because it's an NIST curve we decided to also provide Ed25519/Ed448 options.
And there's no such thing as security overkill :-P


Moonlight

Re: widget v3

Post by Moonlight » Fri May 24, 2019 6:37 pm

Win 10 Pro x64 OS Build 18362.116

Clean install CS widget 3.42.0.17

All security options checked

When connecting to Switzerland or Frankfurt, option to select IP is no longer available (was yesterday).

Thank you.

User avatar

Topic Author
df
Site Admin
Posts: 415
Joined: Thu Jan 01, 1970 5:00 am

Re: widget v3

Post by df » Sun May 26, 2019 11:15 pm

@Moonlight
My guess would be a DNS issue. Switzerland currently has 26 IPs, and Frankfurt has 28. Only way I could see the widget not displaying the select IP window is if somehow the host was resolving to only one IP.
If you mean that option doesn't show up at all in the widget's options, then that might be possible if your screen's resolution is very low. The option is at the bottom of the connecting window, so if the screen's too small it might cut off that bit. That build does have code in it though that should detect things like that so that the option is still displayed correctly, but it's possible that there might be something missing in the code causing it not to work on your system.
Anyways, you can enable it manually by editing c:\Program Files (x86)\Cryptostorm Client\user\config.ini and changing the dnschoice_opt line to dnschoice_opt=on
(You'll need admin access to write to that file, so use Notepad++ since Notepad++ will automatically switch to admin mode when you try).


Moonlight

Re: widget v3

Post by Moonlight » Tue May 28, 2019 9:27 am

@DF

Did the modification to the config.ini as suggested, and it's now working! :D

Tried on a different PC with the same build and it's working, so the problem is with the PC I'm using, will rebuild it in due course.....

Thank you very much for your time and prompt help! :D


Behoove

Re: widget v3

Post by Behoove » Thu Jul 18, 2019 11:36 am

As of yesterday (IIRC), I'm getting a hang in the app: "Disabling STUN/WebRTC leak protection...".
  • I reinstalled twice over these last two days to try and fix. Also did the advanced windows firewall reset just in case.
  • On startup, the status locks up showing "Enabling STUN/WebRTC leak protection...".
  • Selecting / Deselecting the "Enable STUN/WebRTC leak prevention" under Security tab, then hitting the "Back" button results in the hang every time now.
  • Only way to even exit the program is to manually kill all the CS processes; as the 'Close Window' button hangs it the same as 'Exit' button.
Some part of this process doesn't rely on IPv6, does it?

Windows 7 x64 on AMD
CS Widget client v3.42
Latest TAP driver
CS and TAP directories added to AV exclusion list
Connect on port 5062
IPv6 and Teredo blocked in Win Firewall beforehand, also de-selected in adapter configs.

User avatar

Topic Author
df
Site Admin
Posts: 415
Joined: Thu Jan 01, 1970 5:00 am

Re: widget v3

Post by df » Sat Jul 27, 2019 12:08 am

@Behoove
with the widget closed, open up c:\Program Files (x86)\Cryptostorm Client\user\config.ini in Notepad++ (since it needs admin privs) and change the line:
nostun=on
to
nostun=off
then restart the widget.

Post Reply