impossible to do container VPN

titou4307 commented 2 years ago

Hello

I'm trying this config file under docker compose in Portainer (Host = Pi4 8Gb)

version: "3" services: vpn: image: azinchen/nordvpn:latest container_name: nordvpn-user-pass # Nom donné au container cap_add:

net_admin devices:
/dev/net/tun environment:
[USER=XXXXXXXXXXXXXXX # Adresse mail du compte
PASS=XXXXXXXXXXXXX # Mot de passe du compte
COUNTRY=France
GROUP=Standard VPN servers
RANDOM_TOP=10
RECREATE_VPN_CRON=5 /3
CHECK_CONNECTION_CRON="/5 *" -e CHECK_CONNECTION_URL="https://www.google.com/" # Vérifier connexion Internet
NETWORK=192.168.1.0/24
OPENVPN_OPTS=--mute-replay-warnings ports:
5800:5800 # Port des autres containers susceptibles d’utiliser cet accès VPN restart: unless-stopped

Is anyone can "read" this config and say me where is the BUG

neildeadman commented 2 years ago

[USER should be just - USER
CHECK_CONNECTION_CRON="/5 " -e CHECK_CONNECTION_URL="https://www.google.com/" # Vérifier connexion

should be

CHECK_CONNECTION_CRON="/5 "
CHECK_CONNECTION_URL="https://www.google.com/" # Vérifier connexion

plus missing a * in CRON.

Try this:

version: "3"

services:
  vpn:
  image: azinchen/nordvpn:latest
  container_name: nordvpn-user-pass # Nom donné au container
  cap_add:
    - net_admin
  devices:
    - /dev/net/tun
  environment:
    - USER=XXXXXXXXXXXXXXX # Adresse mail du compte
    - PASS=XXXXXXXXXXXXX # Mot de passe du compte
    - COUNTRY=France
    - GROUP=Standard VPN servers
    - RANDOM_TOP=10
    - RECREATE_VPN_CRON=5 */3 * * *
    - CHECK_CONNECTION_CRON="/5 * * * *"
    - CHECK_CONNECTION_URL="https://www.google.com/" # Vérifier connexion Internet
    - NETWORK=192.168.1.0/24
    - OPENVPN_OPTS=--mute-replay-warnings
  ports:
    - 5800:5800 # Port des autres containers susceptibles d’utiliser cet accès VPN
  restart: unless-stopped

titou4307 commented 2 years ago

Hi @neildeadman

Many thanks for your first help, I have mod the stack

version: "3" services: vpn: image: azinchen/nordvpn:latest container_name: nordvpn-v4 # Nom donné au container cap_add:

net_admin devices:
/dev/net/tun environment:
USER=XXXXXXXXXXXX # Adresse mail du compte
PASS=XXXXXXXXXXXX # Mot de passe du compte
COUNTRY=France
GROUP=Standard VPN servers
RANDOM_TOP=10
RECREATE_VPN_CRON=5 /3 *
CHECK_CONNECTION_CRON="/5 "
CHECK_CONNECTION_URL="https://www.google.com/" # Vérifier connexion Internet
NETWORK=192.168.1.0/24
OPENVPN_OPTS=--mute-replay-warnings ports:
8080:80 # Port des autres containers susceptibles d’utiliser cet accès VPN
5800:5800 restart: unless-stopped

Impossible to have access to internet.... I'm using other container (jdownloader under port 5800.....)

In the container VPN here : curl ifconfig.me give no information (like if it impossible, no response....)

neildeadman commented 2 years ago

Can you post the logs of the container?

titou4307 commented 2 years ago

Here the copy of the logs :

2022-03-28 20:57:00 TLS Error: TLS handshake failed 2022-03-28 20:57:00 SIGUSR1[soft,tls-error] received, process restarting 2022-03-28 20:57:00 Restart pause, 5 second(s) 2022-03-28 20:57:05 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2022-03-28 20:57:05 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2022-03-28 20:57:05 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 20:57:05 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 20:57:05 TCP/UDP: Preserving recently used remote address: [AF_INET]178.249.212.15:1194 2022-03-28 20:57:05 Socket Buffers: R=[212992->212992] S=[212992->212992] 2022-03-28 20:57:05 UDP link local: (not bound) 2022-03-28 20:57:05 UDP link remote: [AF_INET]178.249.212.15:1194 2022-03-28 20:58:05 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 2022-03-28 20:58:05 TLS Error: TLS handshake failed 2022-03-28 20:58:05 SIGUSR1[soft,tls-error] received, process restarting 2022-03-28 20:58:05 Restart pause, 10 second(s) 2022-03-28 20:58:15 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2022-03-28 20:58:15 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2022-03-28 20:58:15 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 20:58:15 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 20:58:15 TCP/UDP: Preserving recently used remote address: [AF_INET]178.249.212.15:1194 2022-03-28 20:58:15 Socket Buffers: R=[212992->212992] S=[212992->212992] 2022-03-28 20:58:15 UDP link local: (not bound) 2022-03-28 20:58:15 UDP link remote: [AF_INET]178.249.212.15:1194 2022-03-28 20:59:16 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 2022-03-28 20:59:16 TLS Error: TLS handshake failed 2022-03-28 20:59:16 SIGUSR1[soft,tls-error] received, process restarting 2022-03-28 20:59:16 Restart pause, 20 second(s) 2022-03-28 20:59:36 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2022-03-28 20:59:36 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2022-03-28 20:59:36 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 20:59:36 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 20:59:36 TCP/UDP: Preserving recently used remote address: [AF_INET]178.249.212.15:1194 2022-03-28 20:59:36 Socket Buffers: R=[212992->212992] S=[212992->212992] 2022-03-28 20:59:36 UDP link local: (not bound) 2022-03-28 20:59:36 UDP link remote: [AF_INET]178.249.212.15:1194 2022-03-28 21:00:36 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 2022-03-28 21:00:36 TLS Error: TLS handshake failed 2022-03-28 21:00:36 SIGUSR1[soft,tls-error] received, process restarting 2022-03-28 21:00:36 Restart pause, 40 second(s) 2022-03-28 21:01:16 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2022-03-28 21:01:16 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2022-03-28 21:01:16 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 21:01:16 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 21:01:16 TCP/UDP: Preserving recently used remote address: [AF_INET]178.249.212.15:1194 2022-03-28 21:01:16 Socket Buffers: R=[212992->212992] S=[212992->212992] 2022-03-28 21:01:16 UDP link local: (not bound) 2022-03-28 21:01:16 UDP link remote: [AF_INET]178.249.212.15:1194 2022-03-28 21:02:16 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 2022-03-28 21:02:16 TLS Error: TLS handshake failed 2022-03-28 21:02:16 SIGUSR1[soft,tls-error] received, process restarting 2022-03-28 21:02:16 Restart pause, 80 second(s) 2022-03-28 21:03:36 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2022-03-28 21:03:36 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2022-03-28 21:03:36 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 21:03:36 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 21:03:36 TCP/UDP: Preserving recently used remote address: [AF_INET]178.249.212.15:1194 2022-03-28 21:03:36 Socket Buffers: R=[212992->212992] S=[212992->212992] 2022-03-28 21:03:36 UDP link local: (not bound) 2022-03-28 21:03:36 UDP link remote: [AF_INET]178.249.212.15:1194 2022-03-28 21:04:36 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 2022-03-28 21:04:36 TLS Error: TLS handshake failed 2022-03-28 21:04:36 SIGUSR1[soft,tls-error] received, process restarting 2022-03-28 21:04:36 Restart pause, 160 second(s) /bin/ash: *: not found 2022-03-28 21:07:16 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2022-03-28 21:07:16 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2022-03-28 21:07:16 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 21:07:16 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 21:07:16 TCP/UDP: Preserving recently used remote address: [AF_INET]178.249.212.15:1194 2022-03-28 21:07:16 Socket Buffers: R=[212992->212992] S=[212992->212992] 2022-03-28 21:07:16 UDP link local: (not bound) 2022-03-28 21:07:16 UDP link remote: [AF_INET]178.249.212.15:1194 2022-03-28 21:08:16 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 2022-03-28 21:08:16 TLS Error: TLS handshake failed 2022-03-28 21:08:16 SIGUSR1[soft,tls-error] received, process restarting 2022-03-28 21:08:16 Restart pause, 300 second(s) 2022-03-28 21:13:16 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2022-03-28 21:13:16 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2022-03-28 21:13:16 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 21:13:16 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 21:13:16 TCP/UDP: Preserving recently used remote address: [AF_INET]178.249.212.15:1194 2022-03-28 21:13:16 Socket Buffers: R=[212992->212992] S=[212992->212992] 2022-03-28 21:13:16 UDP link local: (not bound) 2022-03-28 21:13:16 UDP link remote: [AF_INET]178.249.212.15:1194 2022-03-28 21:14:16 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 2022-03-28 21:14:16 TLS Error: TLS handshake failed 2022-03-28 21:14:16 SIGUSR1[soft,tls-error] received, process restarting 2022-03-28 21:14:16 Restart pause, 300 second(s) 2022-03-28 21:19:16 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2022-03-28 21:19:16 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2022-03-28 21:19:16 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 21:19:16 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 21:19:16 TCP/UDP: Preserving recently used remote address: [AF_INET]178.249.212.15:1194 2022-03-28 21:19:16 Socket Buffers: R=[212992->212992] S=[212992->212992] 2022-03-28 21:19:16 UDP link local: (not bound) 2022-03-28 21:19:16 UDP link remote: [AF_INET]178.249.212.15:1194 2022-03-28 21:20:16 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 2022-03-28 21:20:16 TLS Error: TLS handshake failed 2022-03-28 21:20:16 SIGUSR1[soft,tls-error] received, process restarting 2022-03-28 21:20:16 Restart pause, 300 second(s)

neildeadman commented 2 years ago

you could try adding the environment variable - DEBUG=trace to get more info, but this looks like a TLS handshake error and something to do with using UDP, but it is a little beyond my knowledge. Sorry.

titou4307 commented 2 years ago

I have had the line in the stack and restart all...

Here the logs :

2022-03-28 22:05:52 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. 2022-03-28 22:05:52 OpenVPN 2.5.4 aarch64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 15 2021 2022-03-28 22:05:52 library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10 2022-03-28 22:05:52 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2022-03-28 22:05:52 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2022-03-28 22:05:52 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 22:05:52 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 22:05:52 TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.16.37:1194 2022-03-28 22:05:52 Socket Buffers: R=[212992->212992] S=[212992->212992] 2022-03-28 22:05:52 UDP link local: (not bound) 2022-03-28 22:05:52 UDP link remote: [AF_INET]138.199.16.37:1194 2022-03-28 22:05:52 TLS: Initial packet from [AF_INET]138.199.16.37:1194, sid=e1350179 9f8538ff 2022-03-28 22:05:52 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA 2022-03-28 22:05:52 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA7 2022-03-28 22:05:52 VERIFY KU OK 2022-03-28 22:05:52 Validating certificate extended key usage 2022-03-28 22:05:52 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2022-03-28 22:05:52 VERIFY EKU OK 2022-03-28 22:05:52 VERIFY OK: depth=0, CN=fr795.nordvpn.com 2022-03-28 22:05:54 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA512 2022-03-28 22:05:54 [fr795.nordvpn.com] Peer Connection Initiated with [AF_INET]138.199.16.37:1194 2022-03-28 22:05:55 SENT CONTROL [fr795.nordvpn.com]: 'PUSH_REQUEST' (status=1) 2022-03-28 22:05:55 AUTH: Received control message: AUTH_FAILED 2022-03-28 22:05:55 SIGTERM[soft,auth-failure] received, process exiting

authfile=/tmp/auth
ovpnfile=/tmp/nordvpn.ovpn
exec sg nordvpn -c 'openvpn --config /tmp/nordvpn.ovpn --auth-user-pass /tmp/auth --auth-nocache --mute-replay-warnings' 2022-03-28 22:05:55 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. 2022-03-28 22:05:55 OpenVPN 2.5.4 aarch64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 15 2021 2022-03-28 22:05:55 library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10 2022-03-28 22:05:55 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2022-03-28 22:05:55 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2022-03-28 22:05:55 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 22:05:55 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 22:05:55 TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.16.37:1194 2022-03-28 22:05:55 Socket Buffers: R=[212992->212992] S=[212992->212992] 2022-03-28 22:05:55 UDP link local: (not bound) 2022-03-28 22:05:55 UDP link remote: [AF_INET]138.199.16.37:1194 2022-03-28 22:05:55 TLS: Initial packet from [AF_INET]138.199.16.37:1194, sid=87c5c6f1 3179966d 2022-03-28 22:05:55 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA 2022-03-28 22:05:55 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA7 2022-03-28 22:05:55 VERIFY KU OK 2022-03-28 22:05:55 Validating certificate extended key usage 2022-03-28 22:05:55 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2022-03-28 22:05:55 VERIFY EKU OK 2022-03-28 22:05:55 VERIFY OK: depth=0, CN=fr795.nordvpn.com 2022-03-28 22:05:58 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA512 2022-03-28 22:05:58 [fr795.nordvpn.com] Peer Connection Initiated with [AF_INET]138.199.16.37:1194 2022-03-28 22:05:59 SENT CONTROL [fr795.nordvpn.com]: 'PUSH_REQUEST' (status=1) 2022-03-28 22:05:59 AUTH: Received control message: AUTH_FAILED 2022-03-28 22:05:59 SIGTERM[soft,auth-failure] received, process exiting
authfile=/tmp/auth
ovpnfile=/tmp/nordvpn.ovpn
exec sg nordvpn -c 'openvpn --config /tmp/nordvpn.ovpn --auth-user-pass /tmp/auth --auth-nocache --mute-replay-warnings' 2022-03-28 22:05:59 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. 2022-03-28 22:05:59 OpenVPN 2.5.4 aarch64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 15 2021 2022-03-28 22:05:59 library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10 2022-03-28 22:05:59 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2022-03-28 22:05:59 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2022-03-28 22:05:59 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 22:05:59 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 22:05:59 TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.16.37:1194 2022-03-28 22:05:59 Socket Buffers: R=[212992->212992] S=[212992->212992] 2022-03-28 22:05:59 UDP link local: (not bound) 2022-03-28 22:05:59 UDP link remote: [AF_INET]138.199.16.37:1194 2022-03-28 22:05:59 TLS: Initial packet from [AF_INET]138.199.16.37:1194, sid=2c4687e2 8a379e68 2022-03-28 22:05:59 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA 2022-03-28 22:05:59 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA7 2022-03-28 22:05:59 VERIFY KU OK 2022-03-28 22:05:59 Validating certificate extended key usage 2022-03-28 22:05:59 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2022-03-28 22:05:59 VERIFY EKU OK 2022-03-28 22:05:59 VERIFY OK: depth=0, CN=fr795.nordvpn.com 2022-03-28 22:06:01 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA512 2022-03-28 22:06:01 [fr795.nordvpn.com] Peer Connection Initiated with [AF_INET]138.199.16.37:1194 2022-03-28 22:06:02 SENT CONTROL [fr795.nordvpn.com]: 'PUSH_REQUEST' (status=1) 2022-03-28 22:06:02 AUTH: Received control message: AUTH_FAILED 2022-03-28 22:06:02 SIGTERM[soft,auth-failure] received, process exiting
authfile=/tmp/auth
ovpnfile=/tmp/nordvpn.ovpn
exec sg nordvpn -c 'openvpn --config /tmp/nordvpn.ovpn --auth-user-pass /tmp/auth --auth-nocache --mute-replay-warnings' 2022-03-28 22:06:02 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. 2022-03-28 22:06:02 OpenVPN 2.5.4 aarch64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 15 2021 2022-03-28 22:06:02 library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10 2022-03-28 22:06:02 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2022-03-28 22:06:02 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2022-03-28 22:06:02 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 22:06:02 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2022-03-28 22:06:02 TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.16.37:1194 2022-03-28 22:06:02 Socket Buffers: R=[212992->212992] S=[212992->212992] 2022-03-28 22:06:02 UDP link local: (not bound) 2022-03-28 22:06:02 UDP link remote: [AF_INET]138.199.16.37:1194 2022-03-28 22:06:02 TLS: Initial packet from [AF_INET]138.199.16.37:1194, sid=3d0fab59 751a7be5 2022-03-28 22:06:02 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA 2022-03-28 22:06:02 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA7 2022-03-28 22:06:02 VERIFY KU OK 2022-03-28 22:06:02 Validating certificate extended key usage 2022-03-28 22:06:02 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2022-03-28 22:06:02 VERIFY EKU OK 2022-03-28 22:06:02 VERIFY OK: depth=0, CN=fr795.nordvpn.com

titou4307 commented 2 years ago

Hello at all

Does anyone could help me ?

Thanks

svaningelgem commented 1 year ago

2022-03-28 22:05:59 AUTH: Received control message: AUTH_FAILED

So your username & password is wrong. When you go to https://my.nordaccount.com/dashboard/nordvpn/, scroll down you'll see: Service credentials (manual setup).

Additionally, I have this set too: TECHNOLOGY=openvpn_tcp

azinchen / nordvpn

impossible to do container VPN #132