airvpn.org providers about openvpn-client-aio HOT 5 CLOSED

@greatcoco I added a fix and regression tested it. Please can you pull tag latest-amd64 / latest-rpi4 to see if issue is fixed on your end. Thanks.

from openvpn-client-aio.

Thanks

Just tried on my unpaid server, pulled the latest-amd64, it went further 👍

info] Setting variables
[info] Set various ports to docker variables
[info] Determine openvpn port from config file
[info] Determine openvpn protocol from config file
[info] Will connect openvpn on port=443 proto=udp
[info] Determine eth0 network for iptables
[info] eth0 IP is 172.17.0.2 in network 172.17.0.0/16
[info] All variables set

[info] Fixing configs
[info] stubby fixed
[info] danted fixed
[info] tinyproxy fixed
[info] torsocks fixed
[info] privoxy fixed
[info] All configs fixed

[info] Run stubby in background on port 53
[16:46:09.689285] STUBBY: Read config from file /etc/stubby/stubby.yml
[warn] Your ISP public IP is x.x.x.x

[info] Set up nftables rules
[info] Flusing ruleset
[info] Added route 192.168.1.0/24 via 172.17.0.1 dev eth0
[info] Editing ruleset
[info] Apply rules
[info] All rules created

[info] Quick block test. Expected result is time out. Actual result is ;; connection timed out; no servers could be reached

[info] Setting up OpenVPN tunnel
[info] Create tunnel device
[info] Allow DnS-over-TLS for openvpn to lookup VPN server
[info] Connecting to VPN on port 443 with proto udp...
[info] Connection in progress, wait 10s...
[info] Connection in progress, wait 10s...
[info] Connection in progress, wait 10s...
[info] Connection in progress, wait 10s...
[info] Connection in progress, wait 10s...
[info] Connection in progress, wait 10s...
[info] Connection in progress, wait 10s...
[info] Connection in progress, wait 10s...
[info] Connection in progress, wait 10s...
[info] Connection in progress, wait 10s...

So it seems now to take the correct port. is there a logs file that I can retrieve inside the docker to investigate further ?

from openvpn-client-aio.

@greatcoco Most frequent causes are missing credentials (auth-user-pass) and/or missing certs (crl-verify / ca). If you have them in a file, you have to point to the absolute path of the file. So for example if your credentials is in /etc/openvpn/credentials.conf then your auth-user-pass line should be
auth-user-pass /etc/openvpn/credentials.conf

from openvpn-client-aio.

@testdasi Unfortunately this problem is still there, at least for me :/

I have two sets of *.ovpn files (one for using NordVPN, the other for my own vpn server), they both work well
on binhex/arch-delugevpn, but i wanted to follow your lead to supersede this with your solution, moving to a raspberry pi.
The raspberry pi has Ubuntu 20.04.2 LTS 64bit installed.

NordVPN uses username and password authentication in a separate file (pointed to from the *ovpn file).
My own vpn does not use username/password credentials and contains all required info in the *.ovpn file.

For binhex/arch-delugevpn docker-compose.yml file i configured VPN_PROV=custom for both cases.

Any help would be much appreciated.

NordVPN files (this works well):

auth.txt:

[user_name]
[password]

openvpn.ovpn:

client
dev tun
proto udp
remote x.x.x.x 1194
resolv-retry infinite
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping 15
ping-restart 0
ping-timer-rem
reneg-sec 0
comp-lzo no

remote-cert-tls server

auth-user-pass auth.txt
verb 3
pull
fast-io
cipher AES-256-CBC
auth SHA512
<ca>
-----BEGIN CERTIFICATE-----
[data]
-----END CERTIFICATE-----
</ca>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
[data]
-----END OpenVPN Static key V1-----
</tls-auth>

my VPN file (this is giving the problem mentioned above) :

openvpn.ovpn:

client
dev tun
proto udp
remote x.x.x.x 443
resolv-retry infinite
nobind
persist-key
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
verb 3
<ca>
-----BEGIN CERTIFICATE-----
[data]
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
[data]
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
[data]
-----END PRIVATE KEY-----
</key>
<tls-crypt>
-----BEGIN OpenVPN Static key V1-----
[data]
-----END OpenVPN Static key V1-----
</tls-crypt>

from openvpn-client-aio.

I got the same error and I removed all stuff with route , maybe this helps you.

from openvpn-client-aio.