Bug: PIA: custom endpoint port is not allowed: 254 must be one of 53, 1194, 1197, 1198, 8080 or 9201

[JollyG88]

Is this urgent?

None

Host OS

Ubuntu

CPU arch

x86_64

VPN service provider

Private Internet Access

What are you using to run the container

docker-compose

What is the version of Gluetun

Running version latest built on 2024-04-30T08:08:30.634Z (commit 7e0738d)

What's the problem 🤔

When attempting to start my container using the PIA Provided OVPN files, it begins the attempt, however fails due to issues with the port.

The issue also occurs if I attempt to change my config to a custom VPN provider utilising a Conf file.

I can see that this was a bug in previous builds, wondering if this has resurfaced?

Share your logs (at least 10 lines)

2024-05-02T00:45:25Z INFO Shutdown successful
Running version latest built on 2024-04-30T08:08:30.634Z (commit 7e0738d)
2024-05-02T00:45:24Z INFO [routing] default route found: interface eth0, gateway 172.19.1.1, assigned IP 172.19.1.10 and family v4
2024-05-02T00:45:24Z INFO [routing] local ethernet link found: eth0
2024-05-02T00:45:24Z INFO [routing] local ipnet found: 172.19.1.0/24
2024-05-02T00:45:25Z INFO [firewall] enabling...
2024-05-02T00:45:25Z INFO [firewall] enabled successfully
2024-05-02T00:45:25Z INFO [storage] merging by most recent 19425 hardcoded servers and 19425 servers read from /gluetun/servers.json
2024-05-02T00:45:25Z ERROR VPN settings: provider settings: server selection: OpenVPN server selection settings: custom endpoint port is not allowed: for VPN service provider private internet access: value is not one of the possible choices: 254 must be one of 53, 1194, 1197, 1198, 8080 or 9201

Share your configuration

gluetun:
    image: qmcgaw/gluetun:latest
    container_name: gluetun
    networks:
      VPN:
        ipv4_address: #custom static docker internal IP
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    volumes:
      - /docker/gluetun:/gluetun
    environment:
      - UPDATER_PERIOD=24h
      - VPN_SERVICE_PROVIDER=private internet access
      - TZ=Australia/Brisbane
      - OPENVPN_USER=
      - OPENVPN_PASSWORD=
      - SERVER_REGIONS=Netherlands
      - VPN_ENDPOINT_PORT=1198

[github-actions[bot]]

@qdm12 is more or less the only maintainer of this project and works on it in his free time. Please:

• do not ask for updates, be patient
• :+1: the issue to show your support instead of commenting @qdm12 usually checks issues at least once a week, if this is a new urgent bug, revert to an older tagged container image

[JollyG88]

Quick Edit, rolling back to v3.37 restored the connection

[qdm12]

254 is not one of the possible endpoint port for PIA, where did you see it was?

[JollyG88]

Thats the really odd thing. I can't see it in my config at all [both my docker compose file or viewing the container via Portainer GUI] or in any of the OVPN files that I've put in the OVPN directory. I previously had one of the OVPN files renamed to custom.conf and had mapped that in and it was working in v3.37 however that broke when I upgraded recently to v3.38. I have actually raised a case with PIA as their OVPN files seem to have an issue with malformed information and bad expiry dates in the CRL Verify portion which breaks in OpenSSL 3.3.0 and above. There a number of threads about that and PIA are also aware too apparently from the response I got, but no new OVPN files are available from them.

[qdm12]

I have actually raised a case with PIA as their OVPN files seem to have an issue with malformed information and bad expiry dates in the CRL Verify portion which breaks in OpenSSL 3.3.0 and above.

Why don't you use the private internet access provider directly instead of the custom one? It has certificates that work openvpn 2.5/2.6 and openssl 3.x.x. See the gluetun wiki's pia setup page

[JollyG88]

Yeah, that’s what I’m currently doing but I was trying the custom.conf file as a test.

Even using pia as the provider in my config, it still comes up with that error unless I roll back to v3.37

[qdm12]

Just try to remove VPN_ENDPOINT_PORT? There must be a 254 port defined somewhere in your config.

[JollyG88]

So, I removed that, still was still an issue. Created a test container using the exact same config as I listed above when raising this minus the Endpoint port environment variable and copying across my OVPN config folder with the certs from the old container to the new, and it worked fine using the latest build version.

So, took a look at my original container and removed the Wireguard conf folder that had the wg0.conf file from before I changed to PIA. There was also a .key file in the root directory of the container so I deleted that and retested the original container, and it's started working. For some reason, the container was still referencing something in those files which was telling it to use port 254.

Apologies for this. I will close this off

[github-actions[bot]]

Closed issues are NOT monitored, so commenting here is likely to be not seen. If you think this is still unresolved and have more information to bring, please create another issue.

This is an automated comment setup because @qdm12 is the sole maintainer of this project which became too popular to monitor issues closed.