A common frustration for Kali Linux users when they create a VPN connection to Hack The Box is that often, Internet access disappears like a fart in the wind. It’s often more of a nuisance than anything but some of the challenges have web applications that tried and load internet based resources (such as font files or JS files from CDN networks), that means these applications don’t load properly.
Fortunately, the problem – and the fix – are both relatively simple: for some reason the HackTheBox VPN configuration applies a default route to the routing table that captures all requests and directs them to the HTB network, rather than allowing split tunnelling.
To resolve this:
Establish a VPN connection with HackTheBox
Open a terminal window and enter the routes command:
route
You should be presented with something similar to this:
Note the top default route (marked with a red x), this is what is capturing all traffic yet the route at the bottom (green tick) also routes traffic for the 10.10.14.0 subnet over the VPN, so the top one is not needed:
To delete the top route, enter the following command, updating to match the details of your route (such as IP address and Iface):
sudo route del -net default gw 10.10.14.1 netmask 0.0.0.0 dev tun0
You should now have Internet access on your machine!
Recurrance
Unfortunately at the moment, this route returns every time you restablish a connection, I simple have the command in a bash script I run after connecting.
dosnt work for me
Are you seeing an error? Can you provide any more information?
for me it is saying SIOCDELRT: No such device found. Weird because it worked for me yesterday but giving problems now
actually just worked. didn’t change the command at all
Great post. I almost did this and then thought how can I modify the connection to be persistent and I found a checkbox in Kali’s network preferences. In the VPN settings > IPv4 Settings > Routes, there is a check box for “Use this connection only for resources on its network”. Checking that box gave me back normal Internet access. I’m using the desktop, so I don’t have a suggestion for the cli.
Genius! This worked! I`m using Ubuntu as host and it worked as a charm! Thanks dude!
Glad it helped!
First of all great post, unfortunately that didn’t work for me. However…
This has fixed issues for me in the past and I’m not sure why I didn’t think to it. If you are running a VPN on your host computer while running OpenVPN in a VM, the web pages won’t load for you. Turning off my host VPN allowed the OpenVPN connection to go through and I was able to fully connect. This was boggling me because I was able to ping and even do a full Nmap scan of the target but I was not able to connect to the webpage. Hope this helps others who were still troubleshooting after recommendation.
It works. Thanks
If anybody like me still has problems in 10 years or so…
for me it was the MTU. Had help from support. Told me
sudo ip link set dev tun0 mtu 1200
so I added
tun-mtu 1200
in the .ovpn file to not manually changing it everytime. Value might differ for you.
Thanks for update babajack, always useful to see what has helped others!
I know it’s a small typo but it’s route not routes 🙂
Thanks bud – silly typo but could’ve confused some!
Update Here, it worked for me, thanks !
Hey Alex, thanks for the comment and glad it helped!