Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

I've installed the widget, but it "hangs up" - help!

Looking for assistance with a cryptostorm connection issue? Post here & we'll help out. Also: if you're not sure where to post, do so here & we'll move things around as needed. Also: for quickest support, email our oddly calm & easygoing support reps at support@cryptostorm.is :)
User avatar

Topic Author
Graze
Posts: 247
Joined: Mon Dec 17, 2012 2:37 am
Contact:

I've installed the widget, but it "hangs up" - help!

Postby Graze » Tue Jan 28, 2014 11:55 pm

Ok, this happens often enough that I've made a little tutorial to help out.

I expect the ops guys will want to talk about what's going on and what's being done to make this easier in future widgets, but for now let's just cut to the chase: the most common problem we see, by far, with widget installs is a kink in the TAP-WIN32 virtual network driver. Usually this happens when older TAP drivers are lurking on a Windows machine and won't go away, but sometimes it just... happens.

Fortunately, it's really easy to fix :-P

Here's the tutorial, as it stands. If anyone wants me to bring it over to this thread, instead of just a link, that's ok too. Hopefully it won't be needed as the team works out the mechanisms in 1.0, but for now it's pretty much the biggest reason we get customer support emails. By far.

Here goes:

https://cryptostorm.is/tap_driver_cleanup.html
------------------------
My avatar is pretty much what I look like. ;) <-- ...actually true, says pj
WebMonkey, Foilhat, cstorm evangelnomitron.
Twitter: @grazestorm.
For any time sensitive help requests, best to email the fine bots in support@cryptostorm.is or via Bitmessage at BM-NBjJaLNBwWiwZeQF5BMLYqarawbgycwJ ;)


NewUser001

Re: I've installed the widget, but it "hangs up" - help!

Postby NewUser001 » Fri Feb 14, 2014 10:49 pm

Hello, new CryptoStorm customer here (former CrytpoCloud customer surprised by the sudden cut-out of service earlier this month, but w/e).

I've downloaded the widget and tried to run it several times, but have run into the hang error. I tried following the steps provided, but the hang error persists. I do get this error when I try to run the widget for the first time, however, so this may be important:

Error: Couldn't install TAP driver: Device node created Install is
completed when drivers are installed...
Updating drivers for tap0901 from C:\Program Files\Cryptostorm Client\bin\OemWin2k.inf

Furthermore, here's the log in the widget when I try to login:

BEGIN
------------------------
Sat Feb 15 02:47:27 2014 NOTE: debug verbosity (--verb 7) is enabled but this build lacks debug support.
Sat Feb 15 02:47:27 2014 us=677734 Current Parameter Settings:
Sat Feb 15 02:47:27 2014 us=677734 config = 'vpn.conf'
Sat Feb 15 02:47:27 2014 us=677734 mode = 0
Sat Feb 15 02:47:27 2014 us=677734 NOTE: --mute triggered...
Sat Feb 15 02:47:27 2014 us=677734 282 variation(s) on previous 3 message(s) suppressed by --mute
Sat Feb 15 02:47:27 2014 us=677734 OpenVPN 2.3.2 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Jun 3 2013
Sat Feb 15 02:47:28 2014 us=78125 LZO compression initialized
Sat Feb 15 02:47:28 2014 us=78125 Control Channel MTU parms [ L:1606 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sat Feb 15 02:47:28 2014 us=80078 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Feb 15 02:47:28 2014 us=353515 Data Channel MTU parms [ L:1606 D:1450 EF:106 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Feb 15 02:47:28 2014 us=353515 Fragmentation MTU parms [ L:1606 D:1400 EF:105 EB:135 ET:1 EL:0 AF:3/1 ]
Sat Feb 15 02:47:28 2014 us=353515 Local Options String: 'V4,dev-type tun,link-mtu 1606,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,cipher AES-256-CBC,auth SHA512,keysize 256,key-method 2,tls-client'
Sat Feb 15 02:47:28 2014 us=353515 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1606,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,cipher AES-256-CBC,auth SHA512,keysize 256,key-method 2,tls-server'
Sat Feb 15 02:47:28 2014 us=353515 Local Options hash (VER=V4): 'ff724a72'
Sat Feb 15 02:47:28 2014 us=353515 Expected Remote Options hash (VER=V4): '545e2783'
Sat Feb 15 02:47:28 2014 us=353515 UDPv4 link local: [undef]
Sat Feb 15 02:47:28 2014 us=353515 UDPv4 link remote: [AF_INET]79.134.235.131:443
Sat Feb 15 02:47:28 2014 us=353515 UDPv4 WRITE [14] to [AF_INET]79.134.235.131:443: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Sat Feb 15 02:47:28 2014 us=354492 UDPv4 READ [0] from [undef]: DATA UNDEF len=-1
Sat Feb 15 02:47:28 2014 us=715820 UDPv4 READ [26] from [AF_INET]79.134.235.131:443: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ 0 ] pid=0 DATA len=0
Sat Feb 15 02:47:28 2014 us=715820 TLS: Initial packet from [AF_INET]79.134.235.131:443, sid=49781885 ccb20431
Sat Feb 15 02:47:28 2014 us=715820 UDPv4 WRITE [22] to [AF_INET]79.134.235.131:443: P_ACK_V1 kid=0 [ 0 ]
Sat Feb 15 02:47:28 2014 us=715820 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Feb 15 02:47:28 2014 us=715820 UDPv4 WRITE [77] to [AF_INET]79.134.235.131:443: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=63
Sat Feb 15 02:47:29 2014 us=83007 UDPv4 READ [126] from [AF_INET]79.134.235.131:443: P_CONTROL_V1 kid=0 [ 1 ] pid=1 DATA len=100
Sat Feb 15 02:47:29 2014 us=83007 UDPv4 WRITE [22] to [AF_INET]79.134.235.131:443: P_ACK_V1 kid=0 [ 1 ]
Sat Feb 15 02:47:29 2014 us=83984 NOTE: --mute triggered...
Sat Feb 15 02:47:31 2014 us=224609 53 variation(s) on previous 3 message(s) suppressed by --mute
Sat Feb 15 02:47:31 2014 us=224609 VERIFY OK: depth=1, C=CA, ST=QC, L=Montreal, O=Katana Holdings Limite / cryptostorm_darknet, OU=Tech Ops, CN=cryptostorm_is, emailAddress=certadmin@cryptostorm.is
Sat Feb 15 02:47:31 2014 us=225585 VERIFY OK: nsCertType=SERVER
Sat Feb 15 02:47:31 2014 us=225585 VERIFY OK: depth=0, C=CA, ST=QC, L=Montreal, O=Katana Holdings Limite / cryptostorm_darknet, OU=Tech Ops, CN=server, emailAddress=certadmin@cryptostorm.is
Sat Feb 15 02:47:31 2014 us=225585 UDPv4 WRITE [22] to [AF_INET]79.134.235.131:443: P_ACK_V1 kid=0 [ 28 ]
Sat Feb 15 02:47:31 2014 us=568359 UDPv4 READ [114] from [AF_INET]79.134.235.131:443: P_CONTROL_V1 kid=0 [ ] pid=29 DATA len=100
Sat Feb 15 02:47:31 2014 us=569335 UDPv4 WRITE [22] to [AF_INET]79.134.235.131:443: P_ACK_V1 kid=0 [ 29 ]
Sat Feb 15 02:47:31 2014 us=570312 NOTE: --mute triggered...
Sat Feb 15 02:47:33 2014 us=135742 41 variation(s) on previous 3 message(s) suppressed by --mute
Sat Feb 15 02:47:33 2014 us=135742 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Feb 15 02:47:33 2014 us=135742 Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Sat Feb 15 02:47:33 2014 us=135742 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Feb 15 02:47:33 2014 us=135742 NOTE: --mute triggered...
Sat Feb 15 02:47:33 2014 us=135742 1 variation(s) on previous 3 message(s) suppressed by --mute
Sat Feb 15 02:47:33 2014 us=135742 UDPv4 WRITE [22] to [AF_INET]79.134.235.131:443: P_ACK_V1 kid=0 [ 42 ]
Sat Feb 15 02:47:33 2014 us=135742 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Sat Feb 15 02:47:33 2014 us=135742 [server] Peer Connection Initiated with [AF_INET]79.134.235.131:443
Sat Feb 15 02:47:35 2014 us=325195 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Sat Feb 15 02:47:35 2014 us=325195 UDPv4 WRITE [104] to [AF_INET]79.134.235.131:443: P_CONTROL_V1 kid=0 [ ] pid=12 DATA len=90
Sat Feb 15 02:47:35 2014 us=682617 UDPv4 READ [22] from [AF_INET]79.134.235.131:443: P_ACK_V1 kid=0 [ 12 ]
Sat Feb 15 02:47:35 2014 us=684570 UDPv4 READ [114] from [AF_INET]79.134.235.131:443: P_CONTROL_V1 kid=0 [ ] pid=43 DATA len=100
Sat Feb 15 02:47:35 2014 us=684570 NOTE: --mute triggered...
Sat Feb 15 02:47:35 2014 us=688476 6 variation(s) on previous 3 message(s) suppressed by --mute
Sat Feb 15 02:47:35 2014 us=688476 PUSH: Received control message: 'PUSH_REPLY,persist-key,persist-tun,redirect-gateway def1,redirect-gateway bypass-dhcp,dhcp-option DNS 198.100.146.51,dhcp-option DNS 76.74.205.228,dhcp-option DNS 91.191.136.152,dhcp-option DNS 213.73.91.35,route-gateway 10.71.0.1,topology subnet,ping 20,ping-restart 60,ifconfig 10.71.0.9 255.255.0.0'
Sat Feb 15 02:47:35 2014 us=688476 OPTIONS IMPORT: timers and/or timeouts modified
Sat Feb 15 02:47:35 2014 us=688476 OPTIONS IMPORT: --persist options modified
Sat Feb 15 02:47:35 2014 us=688476 NOTE: --mute triggered...
------------------------
END

I've also tried rebooting after the error message to allow the TAP driver to install, but still no dice. I've tried the steps outlined here about 3 times now and I'm still not able to connect. Help a brother out?

User avatar

cryptostorm_support
ForumHelper
Posts: 296
Joined: Sat Jan 26, 2013 4:31 am
Contact:

Re: I've installed the widget, but it "hangs up" - help!

Postby cryptostorm_support » Sat Feb 15, 2014 12:56 am

NewUser001 wrote:Hello, new CryptoStorm customer here (former CrytpoCloud customer surprised by the sudden cut-out of service earlier this month, but w/e).

I've downloaded the widget and tried to run it several times, but have run into the hang error. I tried following the steps provided, but the hang error persists. I do get this error when I try to run the widget for the first time, however, so this may be important:


Could you let us know what version of Windows you're using? That'll help our widget developers to ensure you get the specific advice necessary to resolve this issue, and get you going right away!

Thanks :-)
cryptostorm_support shared support team forum account
PLEASE DON'T SEND PRIVATE MESSAGES with support questions!
--> feel free to use any of our other contact channels, or post in the support forum
cryptostorm: structurally anonymous, token-based, unlimited ☂ bandwidth, opensource, darknet data security for everyone!
keybase.io validatorsonename.io validatorsPGP key @ MITnetwork statuscryptostorm github
support team bitmessage address: BM-2cTMH8K5JnjbfSALjZtSkRWCLfc3Tr8GBV
support team email: support@cryptostorm.is
live chat support: #cryptostorm


NewUser001

Re: I've installed the widget, but it "hangs up" - help!

Postby NewUser001 » Sat Feb 15, 2014 12:05 pm

cryptostorm_support wrote:
Could you let us know what version of Windows you're using? That'll help our widget developers to ensure you get the specific advice necessary to resolve this issue, and get you going right away!

Thanks :-)


Currently running Win7 Home Premium, Service Pack 1. It's a Japanese version, if that makes any difference.
Thanks for the support, I'm eager to get on board.

User avatar

Topic Author
Graze
Posts: 247
Joined: Mon Dec 17, 2012 2:37 am
Contact:

Re: I've installed the widget, but it "hangs up" - help!

Postby Graze » Sat Feb 15, 2014 8:03 pm

OK, what usually works is a slightly different thing than above, but it's close:

1) Uninstall any other VPN stuff (OpenVPN, Cryptocloud, etc.)
2) Reboot (don't skip this!)
3) Follow these instructions: https://cryptostorm.is/tap_driver_cleanup.html

Basically, as I understand it, we're using the latest OpenVPN versions and we are not allowing it to downgrade if it fails to find the latest version (intel thx to Snowden), so if there are previous versions they basically block correct operations.

Please try this and tell me if it helps.

PS: If you can email support@cryptostorm.is that's a somewhat faster way to contact us. If not, no worries, we'll get to ya. :)
------------------------
My avatar is pretty much what I look like. ;) <-- ...actually true, says pj
WebMonkey, Foilhat, cstorm evangelnomitron.
Twitter: @grazestorm.
For any time sensitive help requests, best to email the fine bots in support@cryptostorm.is or via Bitmessage at BM-NBjJaLNBwWiwZeQF5BMLYqarawbgycwJ ;)


Friedrich

Re: I've installed the widget, but it "hangs up" - help!

Postby Friedrich » Sun Feb 16, 2014 3:42 am

It worked! I love you!

But... now I am connected, and when I do a DNS leak test on 'http://www.dnsleaktest.com/' I can see my ip... With Cryptocloud it was different. Can anybody tell me if i am exposed?

DNS Leak Test RESULT:
217.237.150.213 hh-dns-a08.isp.t-ipnet.de Deutsche Telekom AG Germany


asklepios

Re: client config for cryptostorm: general discussion & bugh

Postby asklepios » Sun Feb 16, 2014 5:34 pm

after I put the token and clicked connect, it freezes al logging into the darknet. It doesn't connect.
The client I use is called cryptostorm_windows_widget-dynamic_0-92

What is wrong?


Darllfear

Re: I've installed the widget, but it "hangs up" - help!

Postby Darllfear » Mon Feb 17, 2014 7:00 am

Just wanted to pop-in and mention that this fix worked for me!

User avatar

Pattern_Juggled
Posts: 1492
Joined: Sun Dec 16, 2012 6:34 am
Contact:

Re: client config for cryptostorm: general discussion & bugh

Postby Pattern_Juggled » Mon Feb 17, 2014 4:19 pm

asklepios wrote:after I put the token and clicked connect, it freezes al logging into the darknet. It doesn't connect.
The client I use is called cryptostorm_windows_widget-dynamic_0-92

What is wrong?


I'm moving this over into the widget support thread, as it basically ended up temporarily orphaned where it had been originally posted - apologies for the delayed response, in the meantime.

For almost all of these widget snags, the straight-shot solution is to do the "Tap driver cleanup" of all old TUN/TAP adapters on your Windows machine (that link is to a page with screenshots of the process, step-by-step)

In a very small percent of cases, that won't do the trick - if that's so with you, let us know and we'll get you connected with our widget developers to get things worked out. In these cases, we generally find issues relating to admin privileges, local firewalls, local "antivirus" apps, or malware that's interfering with the cryptostorm widget install... but those are all resolved on a one-on-one basis, with our support folks.
...just a scatterbrained network topologist & crypto systems architect……… ҉҉҉

    ✨ ✨ ✨
pj@ðëëþ.bekeybase pgpmit pgpðørkßöt-on-consolegit 'er github
bitmessage:
BM-NBBqTcefbdgjCyQpAKFGKw9udBZzDr7f

User avatar

Pattern_Juggled
Posts: 1492
Joined: Sun Dec 16, 2012 6:34 am
Contact:

Windows registry & Tap adapter snafu

Postby Pattern_Juggled » Mon Feb 17, 2014 8:21 pm

Incidentally, there's a longstanding bug relating to the way Windows allocates certain resources in its "registry" that can block installation of current Tap drivers. Our support folks have been digging into this issue, as a small handful of network members are stuck on exactly this problem.

For those curious to dig deeper into the issue and the various approaches to resolving it, here's an excellent thread over in the OpenVPN forum that does exactly that.

From within that thread, here's a nice summary from samuli of the situation at core:

Anyways, I doubt Hotspot VPN does anything special - OpenVPN and almost certainly HotSpot VPN (which uses OpenVPN) use devcon.exe to install the tap-windows driver. The devcon.exe is a tool provided by Microsoft for installing drivers from the command prompt. All of the driver installation logic is embedded into this tool, including the logic that does the registry changes - we only give the tool a few parameters and then it does it's thing. In sambul's case the registry changes are probably failing, because devcon.exe is trying to assign the tap-windows driver a luid that is reserved, or otherwise unavailable. This would be the natural consequence of Windows losing track of network drivers and their luids at some earlier point. This would also explain why installing some drivers does work, whereas installing tap-windows does not.

The meat of the matter is that we (=the OpenVPN project) can't really do anything to fix this problem, because it's not a problem in tap-windows driver or installer, but in the client workstation. If the registry can't be fixed, then reinstalling Windows is probably the only "fix".
...just a scatterbrained network topologist & crypto systems architect……… ҉҉҉

    ✨ ✨ ✨
pj@ðëëþ.bekeybase pgpmit pgpðørkßöt-on-consolegit 'er github
bitmessage:
BM-NBBqTcefbdgjCyQpAKFGKw9udBZzDr7f

User avatar

cryptostorm_support
ForumHelper
Posts: 296
Joined: Sat Jan 26, 2013 4:31 am
Contact:

Re: I've installed the widget, but it "hangs up" - help!

Postby cryptostorm_support » Tue Feb 18, 2014 4:56 pm

I believe these member screenshots are the same thing - "orphan"/ghost network driver entries in the Windows Registry causing problems with driver upgrades. Has anyone see these and been successful with a specific workaround you'd be willing to share? Thanks!

Hang Point.jpg

Tap Driver Error.jpg

Unknown Device.jpg
cryptostorm_support shared support team forum account
PLEASE DON'T SEND PRIVATE MESSAGES with support questions!
--> feel free to use any of our other contact channels, or post in the support forum
cryptostorm: structurally anonymous, token-based, unlimited ☂ bandwidth, opensource, darknet data security for everyone!
keybase.io validatorsonename.io validatorsPGP key @ MITnetwork statuscryptostorm github
support team bitmessage address: BM-2cTMH8K5JnjbfSALjZtSkRWCLfc3Tr8GBV
support team email: support@cryptostorm.is
live chat support: #cryptostorm

User avatar

Topic Author
Graze
Posts: 247
Joined: Mon Dec 17, 2012 2:37 am
Contact:

Re: I've installed the widget, but it "hangs up" - help!

Postby Graze » Tue Feb 25, 2014 6:30 am

I have over the years had this happen with CryptoCloud, and a couple of other OpenVPN clients. I briefly had an issue with cryptostorm when we were still in alpha, but then realized I had other, older OpenVPN stuff installed and got rid of that (with reboot!) and reinstalled and all was good.

Anyway, I wonder if the use of the Windows DevCon tool will be an aid to learning what's going on with "stuck clients"?

Here are the docs: http://support.microsoft.com/kb/311272 (the EXE download is near the top of the page)

Code: Select all

Device Console Help:
devcon.exe [-r] [-m:\\<machine>] <command> [<arg>...]
-r if specified will reboot machine after command is complete, if needed.
<machine> is name of target machine.
<command> is command to perform (see below).
<arg>... is one or more arguments if required by command.
For help on a specific command, type: devcon.exe help <command>
classfilter          Allows modification of class filters.
classes              List all device setup classes.
disable              Disable devices that match the specific hardware or
                       instance ID.
driverfiles          List driver files installed for devices.
drivernodes          Lists all the driver nodes of devices.
enable               Enable devices that match the specific hardware or
                       instance ID.
find                 Find devices that match the specific hardware or
                       instance ID.
findall              Find devices including those that are not present.
help                 Display this information.
hwids                Lists hardware ID's of devices.
install              Manually install a device.
listclass            List all devices for a setup class.
reboot               Reboot local machine.
remove               Remove devices that match the specific hardware or
                       instance ID.
rescan               Scan for new hardware.
resources            Lists hardware resources of devices.
restart              Restart devices that match the specific hardware or
                       instance ID.
stack                Lists expected driver stack of devices.
status               List running status of devices.
update               Manually update a device.
UpdateNI            Manually update a device without user prompt
SetHwID              Adds, deletes, and changes the order of hardware IDs of root-enumerated devices.


It would be a stunningly dangerous tool "hey, Mom, type 'devcon disable keyboard' (or whatever) and press enter!" :P but if we can figure out what's getting those few people stuck, that would be great.

Oddly, while we're doing research a couple people have just done one more uninstall-reboot-install-reboot cycle and somehow got it up and running, which is baffling.

Windows, Y U NO Make Sense!

I'll maybe gently play around on my test box and see if this offers any insight at all.
------------------------
My avatar is pretty much what I look like. ;) <-- ...actually true, says pj
WebMonkey, Foilhat, cstorm evangelnomitron.
Twitter: @grazestorm.
For any time sensitive help requests, best to email the fine bots in support@cryptostorm.is or via Bitmessage at BM-NBjJaLNBwWiwZeQF5BMLYqarawbgycwJ ;)


Return to “member support & tech assistance”

Who is online

Users browsing this forum: No registered users and 48 guests

Login