search

binhex / arch-qbittorrentvpn

Docker build script for Arch Linux base with qBittorrent, Privoxy and OpenVPN
GNU General Public License v3.0
431 stars 47 forks source link

ProtonVPN: Port forward stops working after temporary NAT-PMP failure #265

Open TheColorman opened 1 month ago

TheColorman commented 1 month ago

I'm using ProtonVPN with a Wireguard config. When starting the container, the correct port gets assigned to qBittorrent and I can use a command like nc -z <IP> <PORT> or https://portchecker.co/check-it to see that the port is open. After around 16 minutes, the error readnatpmpresponseorretry() failed : the gateway does not support nat-pmp occurs (2024-08-07T11:42:20 in the logs) and the port becomes closed. The script then tries to reassign the incoming port. It reconnects to Proton and gets the exact same port as before, but it is still closed. It even checks canyouseeme (2024-08-07T11:59:31) and realizes the port is closed, only to reassign the same port again that still does not open.

Relevant config:

VPN_PROV=protonvpn
VPN_CLIENT=wireguard
NAME_SERVERS=84.200.69.80,37.235.1.174,1.1.1.1,37.235.1.177,84.200.70.40,1.0.0.1
DEBUG=true
UMASK=000
VPN_USER=<username>+pmp

Logs: https://pastebin.com/raw/kVM2m1Rk

WeetbixNMilk commented 1 month ago

+1 Also experiencing this issue. No solution as of yet.

markcagatandavis commented 1 month ago

You need to use this, which will actively update the port information. https://github.com/soxfor/qbittorrent-natmap

When you use this, you also need to separate your qbittorrent and vpn docker, so it will look like this:

|-OpenVPN\Wireguard |--QBittorent |---QBittorrent-NATmap

Set it so that QBittorrent doesn't start until the VPN Docker is active successful, and set QBittorrent-NATmap doesn't start until both VPN docker + QBittorrent doesn't start. This is because QBittorrent-NATmap requires QBittorrent to be open successfully, and by setting QBittorrent to wait for VPN it will act like a killswitch.

The QBittorrent-NATmap docker will monitor the VPN docker and update it's record for the most recent port change, it will then compare that port to the QBittorrent port and if they don't match it will auto update. It will perform this check once every five minutes. When you first start the docker containers, allow 15 minutes for everything to sync correctly (Sometimes my ports don't auto-update on fresh start right away and it will just auto sync after a bit).

So far, I have had no issues. I am not 100% sure if it will work on this docker container

Investigamer commented 1 month ago

If anyone comes here wondering why qbittorrent is suddenly failing to connect and find an IP over ProtonVPN, just switch servers (generate new wireguard conf).