search

qdm12 / gluetun-wiki

Home to the Markdown Wiki page for Gluetun
MIT License
274 stars 31 forks source link

Torguard unable to connect #22

Closed corttezz1 closed 7 months ago

corttezz1 commented 8 months ago

Hi, I've been setting up gluetun on a Synology Container docker following instructions from https://drfrankenstein.co.uk/2023/04/23/qbittorrent-with-gluetun-vpn-in-container-manager-on-a-synology-nas/

My VPN provider is Torguard, but I need help getting it to connect.

Continually getting the error:

INFO [openvpn] SIGUSR1[soft,connection-reset] received, process restarting INFO [openvpn] Connection reset, restarting [0] INFO [openvpn] TCP_CLIENT link remote: [AF_INET]xxx.xxx.xxx.xxx:443 INFO [openvpn] TCP_CLIENT link local: (not bound) 2INFO [openvpn] TCP connection established with [AF_INET]xxx.xxx.xxx.xxx:443 INFO [openvpn] Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.xxx:443 [nonblock] INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xxx.xxx:443 WARN [openvpn] --ping should normally be used with --ping-restart or --ping-exit INFO [openvpn] library versions: OpenSSL 3.1.3 19 Sep 2023, LZO 2.10 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022 INFO [firewall] allowing VPN connection... INFO [vpn] starting INFO [firewall] removing allowed port xxxx... INFO [vpn] stopping INFO [healthcheck] program has been unhealthy for 31s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)

Configuration: 

services:
  gluetun:
    image: qmcgaw/gluetun:latest
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8090:8090 # port for qbittorrent
    volumes:
      - /volume1/docker/gluetun:/gluetun
    environment:
      - PUID=xxx
      - PGID=xxxxx
      - VPN_SERVICE_PROVIDER=torguard
      - VPN_ENDPOINT_PORT=443
      - VPN_ENDPOINT_IP=xxx.xxx.xxx.xxx
      - SERVER_HOSTNAMES=nl.torguard.com
      - VPN_TYPE=openvpn
      - OPENVPN_PROTOCOL=tcp
      - TZ=Europe/London
      - OPENVPN_AUTH=sha1
      - OPENVPN_CIPHER=aes-128-cbc
      - OPENVPN_USER=[Redacted]
      - OPENVPN_PASSWORD=[Redacted]
      - SERVER_COUNTRIES=Netherlands
      - HTTPPROXY=off #change to on if you wish to enable
      - SHADOWSOCKS=off #change to on if you wish to enable
      - FIREWALL_OUTBOUND_SUBNETS=172.20.0.0/16,192.168.0.0/24 #change this in line with your subnet see note on guide.
      - FIREWALL_VPN_INPUT_PORTS=xxxx #uncomment this line and change the port as per the note on the guide

    network_mode: synobridge
    labels:
      - com.centurylinklabs.watchtower.enable=false
    security_opt:
      - no-new-privileges:true
    restart: unless-stopped

What am I missing? I've redacted IPs and ports to xxx for security. I have a specific Torguard VPN IP with port forwarding setup hence my attempt to add this in.

I've also tried the guide's version of the code:

services:
  gluetun:
    image: qmcgaw/gluetun:latest
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8090:8090 # port for qbittorrent
    volumes:
      - /volume1/docker/gluetun:/gluetun
    environment:
      - PUID=xxxx
      - PGID=xxxx
      - VPN_SERVICE_PROVIDER=Torguard
      - VPN_TYPE=openvpn
      - OPENVPN_USER=[Redacted]
      - OPENVPN_PASSWORD=[Redacted]
      - SERVER_COUNTRIES=Netherlands
      - TZ=Europe/London
      - HTTPPROXY=off #change to on if you wish to enable
      - SHADOWSOCKS=off #change to on if you wish to enable
      - FIREWALL_OUTBOUND_SUBNETS=172.20.0.0/16,192.168.0.0/24 #change this in line with your subnet see note on guide.
    network_mode: synobridge
    labels:
      - com.centurylinklabs.watchtower.enable=false
    security_opt:
      - no-new-privileges:true
    restart: unless-stopped

Even this code produces the same error. I sometimes get a healthy container when I set the Firewall to off but it still shows the same error messages as above, and none of my linked containers see the network or can access the VPN. I've looked over the internet and this forum and cannot find any useful advice to resolve this.

I have yet to figure out what to do. I have tried every perceivable permutation of codes I can find on your wiki, but still need help getting it to work. any help would be greatly appreciated. Thank you.

qdm12 commented 7 months ago

Try clearing FIREWALL_OUTBOUND_SUBNETS? You don't really need it anyway most of the time, since traffic to the local docker network is already allowed by default. Otherwise see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md You can also try with openvpn on another machine (i.e. windows computer), since this is likely a problem on their server. It could also be your host firewall blocking it as mentioned in the healthcheck page. Finally, note this is the WIKI repository, this issue has no place here 😉