Troubleshooting - Internet/Network Access on Kali Linux OS

We have always received many queries asking how to access the Internet/Network on Kali Linux OS. So below, we have discussed how to troubleshoot the issue with  Internet/Network access on Kali Linux OS.

IP address

To check our present IP address, use the command ifconfig. (or 'ip a' / 'ip link')

Note: you may want to use the '-a' flag (ifconfig -a) to show all NICs (including the ones that are down).

root@kali ~$ ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:0b:29:9b:c9:a3  
          inet addr:192.168.1.48  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe81::21c:29aa:fe9c:b9a3/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:293492 errors:0 dropped:0 overruns:0 frame:0
          TX packets:135760 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:431811848 (411.8 MiB)  TX bytes:7409937 (7.0 MiB)
          Interrupt:19 Base address:0x2000 

root@kali ~$

There are two types of IP availability:
1. DHCP
2.Static IP

1. DHCP

There is a DHCP service, and if it is running on the network, you can automatically assign a free available IP address from its IP pool.
Depending on its configuration, you may also be assigned a gateway and/or DNS addresses too.

To obtain an IP address from the DHCP service from eth0 (default wired NIC), we can do the following:

root@kali ~$ dhclient eth0
root@kali ~$

2. Static

If you wish to control your IP address manually, we can use 'ifconfig' to alter our IP address (and subnet).

In this example, we will alter it to '192.168.0.10' and '192.168.1.25' (with a /24 subnet).
Note: This guide only covers IPv4. IPv6 is out of scope.

root@kali ~$ ifconfig eth0 192.168.0.10
root@kali ~$ ifconfig eth0 192.168.1.25/24
root@kali ~$ ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:0c:29:9c:b9:a3  
          inet addr:192.168.1.25  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe9c:b9a3/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:294583 errors:0 dropped:0 overruns:0 frame:0
          TX packets:135793 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:431879127 (411.8 MiB)  TX bytes:7413464 (7.0 MiB)
          Interrupt:19 Base address:0x2000 

root@kali ~$

In both examples above (DHCP & static), these configurations are not persistent and may not be the same upon a restart.
To change this, we can alter the '/etc/network/interfaces' file.

First, lets create a backup.

root@kali ~$ cp -f /etc/network/interfaces{,.bak}
root@kali ~$

Afterwards, you can use your favourite text editor (vim, emacs, nano... gedit, geany, leafpad) to alter the file.

root@kali ~$ vim /etc/network/interfaces

If you want to use get an IP address from the DHCP on 'eth0', then correct the file to look like:

auto eth0
iface eth0 inet DHCP

But if you would like for 'eth0' to use a static IP (and set the subnet to /24 & gateway to 192.168.1.1), then change the file to
match:

iface eth0 inet static
address 192.168.1.25
netmask 255.255.255.0
gateway 192.168.1.1

Gateway

A network gateway is responsible for connecting two different networks.

If you're having issues accessing resources outside of your LAN subnet (e.g. WAN (the Internet), but LAN (local resources) is working), there is a good chance there is an issue with the gateway. Depending on if a DHCP service is used and how it has been configured, it may push out a gateway address.

You can view the current routing path (which is '192.168.1.2' on interface 'eth0') by doing:

root@kali ~$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.2     0.0.0.0         UG    0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
root@kali ~$

If we wish to alter this to use '192.168.1.200' on 'eth0', we can issue the following command:

root@kali ~$ route add default gw 192.168.1.200 eth0
root@kali ~$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.200   0.0.0.0         UG    0      0        0 eth0
0.0.0.0         192.168.1.2     0.0.0.0         UG    0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
root@kali ~$

This will now try 192.168.1.200 first; if that isn't successful, it will move onto 192.168.1.2.
If you wish to remove the option '192.168.1.2', you can remove it by doing:

root@kali ~$ route delete default gw 192.168.1.2 eth0
root@kali ~$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.200   0.0.0.0         UG    0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
root@kali ~$

DNS

Domain Name System (DNS) is what is used to lookup 'human readable' names (e.g. www.kali.org) into IP addresses (allowing for
machines to understand the destination).
In the example below, we can see our DNS is pointed to '192.168.1.151'.

root@kali ~$ cat /etc/resolv.conf
domain localdomain
search localdomain
nameserver 192.168.1.151
root@kali ~$

Depending on if DHCP is used & how it is set up, it may push out DNS values.

If we wish to alter them for any reason, first, let's make a backup:

root@kali ~$ cp -f /etc/resolv.conf{,.bak}
root@kali ~$

Afterwards, you can use your favourite text editor (vim, emacs, nano... gedit, geany, leafpad) to alter the file.

root@kali ~$ vim /etc/resolv.conf

There are various freely available DNS providers, such as:

OpenDNS:
208.67.222.222
208.67.220.220

Google:
8.8.8.8
8.8.4.4

Host file

Before any DNS name service is queried, Kali-Linux checks the value in the 'hosts file' (/etc/hosts) to see if it contains any known value. If it finds a local value here, it will not query the first remote name server in /etc/resolve.conf.

root@kali ~$ cat /etc/hosts
127.0.0.1	localhost
127.0.1.1	kali

# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
root@kali ~$

If we wish to alter it, it is recommended that you first create a backup.

root@kali ~$ cp -f /etc/hosts{,.bak}
root@kali ~$

Afterwards, you can use your favourite text editor (vim, emacs, nano... gedit, geany, leafpad) to alter the file.

root@kali ~$ vim /etc/hosts

Network Connectivity

1. Ping

The next stage is to test the values that have been set during stages #1-3, allowing us to verify the network connection. A method to do this is to 'ping' a remote device. We can do this by sending out an IMCP echo request and then waiting to see if we
hear an IMCP response back.

However, depending on the remote device that was chosen to be pinged - if they have a firewall in place and how its configured, it may
no response back to an IMCP request.

In the example below, we used 'google.com'. The response back was 4 successful replies. The result of all of this means we have
successfully been able to communicate with the device at 'google.com'.

root@kali ~$ ping -c 4 google.com
PING google.com (62.252.173.153) 56(84) bytes of data.
64 bytes from m409-mp1-cvx1c.lan.ntl.com (62.252.173.153): icmp_req=1 ttl=128 time=16.3 ms
64 bytes from m409-mp1-cvx1c.lan.ntl.com (62.252.173.153): icmp_req=2 ttl=128 time=73.6 ms
64 bytes from m409-mp1-cvx1c.lan.ntl.com (62.252.173.153): icmp_req=3 ttl=128 time=60.0 ms
64 bytes from m409-mp1-cvx1c.lan.ntl.com (62.252.173.153): icmp_req=4 ttl=128 time=16.1 ms

--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3006ms
rtt min/avg/max/mdev = 16.166/41.539/73.633/25.757 ms
root@kali ~$

Errors in the following example indicate that there might be an issue with the DNS (either it is set to a bad value or the address
that was requested doesn't exist - such as the case in this example):

root@kali ~$ ping -c 4 google232323232l32hj3k23k23k2jk32.com
ping: unknown host google232323232l32hj3k23k23k2jk32.com
root@kali ~$

This is a demonstration when there is an issue with the route (the gateway address):

root@kali ~$ ping -c 4 google.com
PING google.com (62.252.173.153) 56(84) bytes of data.
From 192.168.91.250 icmp_seq=1 Destination Host Unreachable
From 192.168.91.250 icmp_seq=2 Destination Host Unreachable
From 192.168.91.250 icmp_seq=3 Destination Host Unreachable
From 192.168.91.250 icmp_seq=4 Destination Host Unreachable

--- google.com ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3048ms
pipe 3
root@kali ~$

2. Traceroute

This shows the amount of 'hops' (each router/gateway the packet is passed through) taken to reach the remote machine.
(as well as display the path it took).

Note: Each device is separate and may have a firewall enabled on it, which as a result, will not display their result.

root@kali ~$ traceroute www.kali.org
traceroute to www.kali.org (50.116.53.73), 30 hops max, 60 byte packets
 1  * * *
 2  10.20.252.1 (10.20.252.1)  15.346 ms  15.253 ms  15.143 ms
 3  * * *
 4  brnt-bb-1c-ae4-0.network.virginmedia.net (213.106.244.69)  20.310 ms  20.378 ms  18.794 ms
 5  brhm-bb-1c-et-410-0.network.virginmedia.net (62.253.175.210)  20.126 ms brhm-bb-1c-et-700-0.network.virginmedia.net (62.253.175.206)  21.258 ms  21.514 ms
 6  * * *
 7  linx.peer.nac.net (195.66.224.94)  92.073 ms  92.301 ms  89.861 ms
 8  0.e3-2.tbr2.tl9.nac.net (209.123.11.145)  88.845 ms  90.246 ms 0.e3-2.tbr1.tl9.nac.net (209.123.11.141)  89.182 ms
 9  0.e1-4.tbr2.mmu.nac.net (209.123.10.77)  91.806 ms 0.e1-4.tbr1.mmu.nac.net (209.123.10.101)  91.278 ms 0.e1-4.tbr2.mmu.nac.net (209.123.10.77)  93.700 ms
10  vlan805.esd1.mmu.nac.net (209.123.10.34)  94.203 ms  87.709 ms vlan803.esd2.mmu.nac.net (209.123.10.30)  87.830 ms
11  207.99.53.42 (207.99.53.42)  90.761 ms 207.99.53.46 (207.99.53.46)  91.333 ms  91.299 ms
12  cloudproxy81.sucuri.net (50.116.53.73)  149.309 ms  146.124 ms  146.148 ms
root@kali ~$

Proxy settings

Depending on the network that you're connecting to, you may need to connect to a proxy to gain WAN access.
Please double-check with your network administrator if you're required to do so.

Depending on the program that you wish to use, you may need to alter its settings to match the proxy.

1. Bash

To configure 'bash' to use the proxy values (allowing you to use the network diagnostics mentioned above - ping & traceroute), you can
do so by the following commands.

In this example the:
the domain is 'mycompanyname'.
username is 'g0tmi1k'
password is 'password2'
ip is '192.168.1.123'
port is '8080'

root@kali ~$ export http_proxy=http://mycompanyname\g0tmi1k:password2@192.168.1.123:8080/
root@kali ~$ export ftp_proxy=http://mycompanyname\g0tmi1k:password2@192.168.1.123:8080/
root@kali ~$

2. Persistent

To make these settings persistent, so you do not need to keep doing it after every restart, you can alter '/etc/bash.bashrc' to
include the very same comments that were typed in before.

If we wish to alter it, it is recommended to create a backup first.

root@kali ~$ cp -f /etc/bash.bashrc{,.bak}

Afterwards, you can use your favourite text editor (vim, emacs, nano... gedit, geany, leafpad) to alter the file.

root@kali ~$ vim /etc/bash.bashrc

3. Apt

The recommended way to keep Kali-Linux up-to-date is by updating it using the repository. Kali-Linux uses 'apt' for its package manager.
To configure apt to use the proxy values, we need to alter '/etc/apt/apt.conf'.

We will create a backup copy of the file encase we need to restore it for any reason.

root@kali ~$ cp -f /etc/apt.conf{,.bak}

Afterwards, you can use your favourite text editor (vim, emacs, nano... gedit, geany, leafpad) to alter the file.

root@kali ~$ vim /etc/apt.conf

It needs to be edited to include the following lines:

# Proxy config

Virtual machine network adapter

If you're using Kali-Linux in a virtual machine - you may wish to double-check the settings on the virtual network adapter.

Note: There are various virtual machines solutions. However, this guide will only cover VMware Fusion/Player/Workstation & Virtual Box.

Bridged - This will join the current network that the host is connected to. The VM will have its own IP address. Plus will have access to the host and any other virtual machine.

NAT (or 'Share with my Mac' if fusion) - This will create a private virtual network on the host. To external machines, it will appear
to have the same IP as the host, allowing them to have access to the same resources as the host, as well as the host, and any other
virtual machine.

Host-only - This will create a private virtual network on the host. It will not have external access, but it will have access to the
host any other virtual machines set to the same adapter mode.

LAN segment (VMware Player/Workstation) / Internal Network (VirtualBox) - It is used to create a private virtual network on the host and doesn't have external access, and it will not have access to the host. It will only have access to any other virtual machines set to
the same adapter mode and segment.

If you wish for the guest OS to have Internet access, the network adapter needs to be set to NAT or bridged.

NAT is the safer option; unless the guest OS needs its own IP address on the same network as the host, you will select bridged.