Connection problem with OpenVPN on Raspberry

Question

I try to use nordvpn on raspberry jessie. Nordvpn say to use openvpn with their .opvn. It works in normal linux but on raspberry, the IP do not change.

I have strange errors "ERROR: Linux route add command failed: external program exited with error status: 2", but I do not know what I can do.

I am simply connected by ethernet.

Here the .ovpn config

client
dev tun
proto tcp
remote 185.220.70.206 443
resolv-retry infinite
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping 15
ping-restart 0
ping-timer-rem
reneg-sec 0

remote-cert-tls server

#mute 10000
auth-user-pass /etc/openvpn/auth.txt

comp-lzo
verb 3
pull
fast-io
cipher AES-256-CBC
auth SHA512

<ca>
-----BEGIN CERTIFICATE-----
MIIFCjCCAvKgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA5MQswCQYDVQQGEwJQQTEQ
MA4GA1UEChMHTm9yZFZQTjEYMBYGA1UEAxMPTm9yZFZQTiBSb290IENBMB4XDTE2
MDEwMTAwMDAwMFoXDTM1MTIzMTIzNTk1OVowOTELMAkGA1UEBhMCUEExEDAOBgNV
BAoTB05vcmRWUE4xGDAWBgNVBAMTD05vcmRWUE4gUm9vdCBDQTCCAiIwDQYJKoZI
hvcNAQEBBQADggIPADCCAgoCggIBAMkr/BYhyo0F2upsIMXwC6QvkZps3NN2/eQF
kfQIS1gql0aejsKsEnmY0Kaon8uZCTXPsRH1gQNgg5D2gixdd1mJUvV3dE3y9FJr
XMoDkXdCGBodvKJyU6lcfEVF6/UxHcbBguZK9UtRHS9eJYm3rpL/5huQMCppX7kU
eQ8dpCwd3iKITqwd1ZudDqsWaU0vqzC2H55IyaZ/5/TnCk31Q1UP6BksbbuRcwOV
skEDsm6YoWDnn/IIzGOYnFJRzQH5jTz3j1QBvRIuQuBuvUkfhx1FEwhwZigrcxXu
MP+QgM54kezgziJUaZcOM2zF3lvrwMvXDMfNeIoJABv9ljw969xQ8czQCU5lMVmA
37ltv5Ec9U5hZuwk/9QO1Z+d/r6Jx0mlurS8gnCAKJgwa3kyZw6e4FZ8mYL4vpRR
hPdvRTWCMJkeB4yBHyhxUmTRgJHm6YR3D6hcFAc9cQcTEl/I60tMdz33G6m0O42s
Qt/+AR3YCY/RusWVBJB/qNS94EtNtj8iaebCQW1jHAhvGmFILVR9lzD0EzWKHkvy
WEjmUVRgCDd6Ne3eFRNS73gdv/C3l5boYySeu4exkEYVxVRn8DhCxs0MnkMHWFK6
MyzXCCn+JnWFDYPfDKHvpff/kLDobtPBf+Lbch5wQy9quY27xaj0XwLyjOltpiST
LWae/Q4vAgMBAAGjHTAbMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqG
SIb3DQEBDQUAA4ICAQC9fUL2sZPxIN2mD32VeNySTgZlCEdVmlq471o/bDMP4B8g
nQesFRtXY2ZCjs50Jm73B2LViL9qlREmI6vE5IC8IsRBJSV4ce1WYxyXro5rmVg/
k6a10rlsbK/eg//GHoJxDdXDOokLUSnxt7gk3QKpX6eCdh67p0PuWm/7WUJQxH2S
DxsT9vB/iZriTIEe/ILoOQF0Aqp7AgNCcLcLAmbxXQkXYCCSB35Vp06u+eTWjG0/
pyS5V14stGtw+fA0DJp5ZJV4eqJ5LqxMlYvEZ/qKTEdoCeaXv2QEmN6dVqjDoTAo
k0t5u4YRXzEVCfXAC3ocplNdtCA72wjFJcSbfif4BSC8bDACTXtnPC7nD0VndZLp
+RiNLeiENhk0oTC+UVdSc+n2nJOzkCK0vYu0Ads4JGIB7g8IB3z2t9ICmsWrgnhd
NdcOe15BincrGA8avQ1cWXsfIKEjbrnEuEk9b5jel6NfHtPKoHc9mDpRdNPISeVa
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
VPhBHVQ9LHBAdM8qFI2kRK0IynOmAZhexlP/aT/kpEsEPyaZQlnBn3An1CRz8h0S
PApL8PytggYKeQmRhl499+6jLxcZ2IegLfqq41dzIjwHwTMplg+1pKIOVojpWA==
-----END CERTIFICATE-----
</ca>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
e685bdaf659a25a200e2b9e39e51ff03
0fc72cf1ce07232bd8b2be5e6c670143
f51e937e670eee09d4f2ea5a6e4e6996
5db852c275351b86fc4ca892d78ae002
d6f70d029bd79c4d1c26cf14e9588033
cf639f8a74809f29f72b9d58f9b8f5fe
fc7938eade40e9fed6cb92184abb2cc1
0eb1a296df243b251df0643d53724cdb
5a92a1d6cb817804c4a9319b57d53be5
80815bcfcb2df55018cc83fc43bc7ff8
2d51f9b88364776ee9d12fc85cc7ea5b
xxxxxxxxxxxxxxxxxx
212e1518a9bd4828219e24b20d88f598
a196c9de96012090e333519ae18d3509
9427e7b372d348d352dc4c85e18cd4b9
3f8a56ddb2e64eb67adfc9b337157ff4
-----END OpenVPN Static key V1-----
</tls-auth>

Here the result with openvpn :

pi@raspberrypi:~ $ sudo openvpn /etc/openvpn/de380.nordvpn.com.tcp.ovpn
Sun Dec 16 20:08:44 2018 OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 27 2017
Sun Dec 16 20:08:44 2018 library versions: OpenSSL 1.0.1t  3 May 2016, LZO 2.08
Sun Dec 16 20:08:44 2018 WARNING: file '/etc/openvpn/auth.txt' is group or others accessible
Sun Dec 16 20:08:44 2018 WARNING: --ping should normally be used with --ping-restart or --ping-exit
Sun Dec 16 20:08:44 2018 NOTE: --fast-io is disabled since we are not using UDP
Sun Dec 16 20:08:44 2018 Control Channel Authentication: tls-auth using INLINE static key file
Sun Dec 16 20:08:44 2018 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sun Dec 16 20:08:44 2018 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sun Dec 16 20:08:44 2018 Socket Buffers: R=[87380->131072] S=[16384->131072]
Sun Dec 16 20:08:44 2018 Attempting to establish TCP connection with [AF_INET]185.220.70.206:443 [nonblock]
Sun Dec 16 20:08:45 2018 TCP connection established with [AF_INET]185.220.70.206:443
Sun Dec 16 20:08:45 2018 TCPv4_CLIENT link local: [undef]
Sun Dec 16 20:08:45 2018 TCPv4_CLIENT link remote: [AF_INET]185.220.70.206:443
Sun Dec 16 20:08:45 2018 TLS: Initial packet from [AF_INET]185.220.70.206:443, sid=c5f1a5e5 e7886d7b
Sun Dec 16 20:08:45 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Dec 16 20:08:45 2018 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
Sun Dec 16 20:08:45 2018 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA2
Sun Dec 16 20:08:45 2018 Validating certificate key usage
Sun Dec 16 20:08:45 2018 ++ Certificate has key usage  00a0, expects 00a0
Sun Dec 16 20:08:45 2018 VERIFY KU OK
Sun Dec 16 20:08:45 2018 Validating certificate extended key usage
Sun Dec 16 20:08:45 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sun Dec 16 20:08:45 2018 VERIFY EKU OK
Sun Dec 16 20:08:45 2018 VERIFY OK: depth=0, CN=de380.nordvpn.com
Sun Dec 16 20:08:45 2018 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sun Dec 16 20:08:45 2018 Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Sun Dec 16 20:08:45 2018 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sun Dec 16 20:08:45 2018 Data Channel Decrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Sun Dec 16 20:08:45 2018 Control Channel: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
Sun Dec 16 20:08:45 2018 [de380.nordvpn.com] Peer Connection Initiated with [AF_INET]185.220.70.206:443
Sun Dec 16 20:08:48 2018 SENT CONTROL [de380.nordvpn.com]: 'PUSH_REQUEST' (status=1)
Sun Dec 16 20:08:48 2018 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,sndbuf 524288,rcvbuf 524288,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,comp-lzo no,route-gateway 10.7.7.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.7.7.185 255.255.255.0'
Sun Dec 16 20:08:48 2018 OPTIONS IMPORT: timers and/or timeouts modified
Sun Dec 16 20:08:48 2018 OPTIONS IMPORT: LZO parms modified
Sun Dec 16 20:08:48 2018 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Sun Dec 16 20:08:48 2018 Socket Buffers: R=[131072->327680] S=[131072->327680]
Sun Dec 16 20:08:48 2018 OPTIONS IMPORT: --ifconfig/up options modified
Sun Dec 16 20:08:48 2018 OPTIONS IMPORT: route options modified
Sun Dec 16 20:08:48 2018 OPTIONS IMPORT: route-related options modified
Sun Dec 16 20:08:48 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sun Dec 16 20:08:48 2018 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=eth0 HWADDR=b8:27:eb:e5:d9:97
Sun Dec 16 20:08:48 2018 TUN/TAP device tun2 opened
Sun Dec 16 20:08:48 2018 TUN/TAP TX queue length set to 100
Sun Dec 16 20:08:48 2018 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sun Dec 16 20:08:48 2018 /sbin/ip link set dev tun2 up mtu 1500
Sun Dec 16 20:08:48 2018 /sbin/ip addr add dev tun2 10.7.7.185/24 broadcast 10.7.7.255
Sun Dec 16 20:08:48 2018 /sbin/ip route add 185.220.70.206/32 via 192.168.1.1
RTNETLINK answers: File exists
Sun Dec 16 20:08:48 2018 ERROR: Linux route add command failed: external program exited with error status: 2
Sun Dec 16 20:08:48 2018 /sbin/ip route add 0.0.0.0/1 via 10.7.7.1
RTNETLINK answers: File exists
Sun Dec 16 20:08:48 2018 ERROR: Linux route add command failed: external program exited with error status: 2
Sun Dec 16 20:08:48 2018 /sbin/ip route add 128.0.0.0/1 via 10.7.7.1
RTNETLINK answers: File exists
Sun Dec 16 20:08:48 2018 ERROR: Linux route add command failed: external program exited with error status: 2
Sun Dec 16 20:08:48 2018 Initialization Sequence Completed
Sun Dec 16 20:08:48 2018 Connection reset, restarting [0]
Sun Dec 16 20:08:48 2018 SIGUSR1[soft,connection-reset] received, process restarting
Sun Dec 16 20:08:48 2018 Restart pause, 5 second(s)
Sun Dec 16 20:08:53 2018 NOTE: --fast-io is disabled since we are not using UDP
Sun Dec 16 20:08:53 2018 Socket Buffers: R=[87380->327680] S=[16384->327680]
Sun Dec 16 20:08:53 2018 Attempting to establish TCP connection with [AF_INET]185.220.70.206:443 [nonblock]
Sun Dec 16 20:08:54 2018 TCP connection established with [AF_INET]185.220.70.206:443
Sun Dec 16 20:08:54 2018 TCPv4_CLIENT link local: [undef]
Sun Dec 16 20:08:54 2018 TCPv4_CLIENT link remote: [AF_INET]185.220.70.206:443
Sun Dec 16 20:08:54 2018 TLS: Initial packet from [AF_INET]185.220.70.206:443, sid=2e1beb79 3fd4b4c2
Sun Dec 16 20:08:54 2018 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
Sun Dec 16 20:08:54 2018 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA2
Sun Dec 16 20:08:54 2018 Validating certificate key usage
Sun Dec 16 20:08:54 2018 ++ Certificate has key usage  00a0, expects 00a0
Sun Dec 16 20:08:54 2018 VERIFY KU OK
Sun Dec 16 20:08:54 2018 Validating certificate extended key usage
Sun Dec 16 20:08:54 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sun Dec 16 20:08:54 2018 VERIFY EKU OK
Sun Dec 16 20:08:54 2018 VERIFY OK: depth=0, CN=de380.nordvpn.com
Sun Dec 16 20:08:54 2018 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sun Dec 16 20:08:54 2018 Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Sun Dec 16 20:08:54 2018 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sun Dec 16 20:08:54 2018 Data Channel Decrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Sun Dec 16 20:08:54 2018 Control Channel: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
Sun Dec 16 20:08:54 2018 [de380.nordvpn.com] Peer Connection Initiated with [AF_INET]185.220.70.206:443
Sun Dec 16 20:08:57 2018 SENT CONTROL [de380.nordvpn.com]: 'PUSH_REQUEST' (status=1)
Sun Dec 16 20:08:57 2018 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,sndbuf 524288,rcvbuf 524288,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,comp-lzo no,route-gateway 10.7.7.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.7.7.185 255.255.255.0'
Sun Dec 16 20:08:57 2018 OPTIONS IMPORT: timers and/or timeouts modified
Sun Dec 16 20:08:57 2018 OPTIONS IMPORT: LZO parms modified
Sun Dec 16 20:08:57 2018 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Sun Dec 16 20:08:57 2018 Socket Buffers: R=[327680->327680] S=[327680->327680]
Sun Dec 16 20:08:57 2018 OPTIONS IMPORT: --ifconfig/up options modified
Sun Dec 16 20:08:57 2018 OPTIONS IMPORT: route options modified
Sun Dec 16 20:08:57 2018 OPTIONS IMPORT: route-related options modified
Sun Dec 16 20:08:57 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sun Dec 16 20:08:57 2018 Preserving previous TUN/TAP instance: tun2
Sun Dec 16 20:08:57 2018 Initialization Sequence Completed
Sun Dec 16 20:08:59 2018 Connection reset, restarting [0]
Sun Dec 16 20:08:59 2018 SIGUSR1[soft,connection-reset] received, process restarting
Sun Dec 16 20:08:59 2018 Restart pause, 5 second(s)
.........