Open qdm12 opened 3 years ago
Magic-Deceiver
commented
3 years ago I will be waiting for this update patiently. Would love to see this become a reality! Had OVPN and am extremely satisfied. The only thing is I cannot get the OVPN wireguard to work with custom provider instruction no matter how I tweaked it. Either DNS could not resolve, or some other issues (may have something to do with multihop from OVPN).
Anyway! I really enjoy using gluetun! Thanks a lot!
qdm12
commented
3 years ago @Magic-Deceiver I'll try to get to it soon (can't promise though I'm flooded 😄). Feel free to create a Github discussion on this repo I can help you setup Wireguard if you want.
Magic-Deceiver
commented
3 years ago No problem! I truly appreciate your help! I Will create a discussion once I get my logs captured so its faster to see whats the problem :)
P.S.: That's gotta be the fastest response I have ever received on GitHub lol.
qdm12
commented
3 years ago For Wireguard, see discussion #677 where someone using ovpn managed to set it up 😉
Magic-Deceiver
commented
3 years ago Echo #677
Do each server config have the same interface address? As far as I know, the interface config remains the same
Do each server config have the same endpoint port? All peer endpoint ports are the same
Do they have IP addresses for their endpoint or only hostnames? They use the hostname in the form of [VPN server#].[prd].[servers city location].[ovpn.com]:[port] e.g. vpn71.prd.newyork.ovpn.com:9929 e.g. vpn06.prd.malmo.ovpn.com:9929 e.g. vpn72.prd.zurich.ovpn.com:9929 prd remains the same for all
Is your interface private key the same for all server configs? If I download multiple configs using the same public key generated by OVPN, then all the interface private key remains the same
Do they have maybe an API to get all of their server information (such as IP address, Wireguard public key)? That I have no idea. The only option I have seen is to manual download
Hopefully, someone smarter than me will be able to figure out how to access their server info other than downloading it manually from the website.
I hope this helps!
qdm12
commented
3 years ago @Magic-Deceiver nice thanks!! It does definitely helps. Wireguard support will be nice given what you said. Another two questions:
PublicKey field value the same for all servers? It should be different but who knows 😄PrivateKey value for all of them. You could do that e.g. with VSCode by opening the directory where all your files are, then press CTRL+SHIFT+H (replace in all files), then ALT+R (use regular expression), then type ^PrivateKey.+$ in the Search field and write PrivateKey = in the Replace field. Finally press CTRL+ALT+Enter to replace all.qdm12
commented
3 years ago @Magic-Deceiver perfect I received your email. I now have both OpenVPN and Wireguard configuration files, perfect. I sent a message to ovpn.com's support to ask them where their API is and how to use it, if I can obtain some server information programmatically that would be better to automatically update server information. I'll get to it soon.
qdm12
commented
3 years ago From their support email (notes to my future self):
4431194 and 1195OPENVPN_CUSTOM_PORT with these values
1196, 11971201 and 1202 With all this, it should be a top tier integration 💯 (at the top with Mullvad and Ivpn).
I'm re-working the entire configuration setup right now, it might take me a few days, and then this is next on my list. I'll comment here once I have something ready to test, thanks for your patience!
Magic-Deceiver
commented
3 years ago Can't wait! I'm glad I was able to facilitate the process.
So far, no complaints with OVPN - on par with Mullvad, if not better.
Magic-Deceiver
commented
3 years ago Also, are you planning on integrating their public DNS server when connecting to OVPN? I believe they have four in total (perhaps you will find them helpful):
IPv4 addresses: 46.227.67.134 192.165.9.158
IPv6 addresses: 2a07:a880:4601:10f0:cd45::1 2001:67c:750:1:cafe:cd45::1
qdm12
commented
2 years ago Since I have a rather long backlog of providers to add support for, I spent a good amount of time refactoring the code and writing guides on adding a VPN provider. You need a bit of programming experience but you could also learn as you go. The relevant pages are:
I'll comment here again if I start implementing the provider to avoid any potential duplicate work, but it should not be anytime soon I think. Please also comment here if you decide to start working on it
stonedemoman
commented
1 year ago Forgive me if I'm being presumptuous by asking, but did plans to implement this particular provider support get cancelled?
ichbinder
commented
1 year ago Yes would be cool if the VPN provider would be included.
derekcentrico
commented
11 months ago I'm happy to assist with this if given some background. I ported ovpn options into a openvpn project previously.
Only issue will be if this project can resolve domain names prior to VPN up because the use of addresses in the configs prevents end-users from having to edit their environments when IPs change.
nFec
commented
3 months ago @qdm12 could you point me to an example for steps 2 and 3? I could be giving it a go at least.
qdm12
commented
2 weeks ago Hello everyone, first of all my apologies for the 3 years of delay (❗❗❗), but I finally got to implement something.
See https://github.com/qdm12/gluetun/pull/2537 which contains instructions on how to run it for both wireguard and openvpn.
Wireguard should work fine, but OpenVPN is likely missing configuration options.... To which I am asking you: can you share an openvpn configuration file here (without your username+password). And also share one for Singapore which apparently has (at least had 3 years ago) a different openvpn configuration than other servers.
Thank you for the help and for the extreme patience 💪
derekcentrico
commented
2 weeks ago You can see a lot of the OVPN options here: https://github.com/haugene/vpn-configs-contrib/tree/main/openvpn/ovpn where I contributed to another project.
qdm12
commented
1 week ago Please pull that image :pr-2537 again to see if it works for openvpn and wireguard, I've added a few options for openvpn. Thanks!
derekcentrico
commented
1 week ago :pr-2537
Setup a VM to test with, but I don't see notes in re environmental vars for wireguard or openvpn for OVPN.COM. Will test, but want to be sure I know the specifics to add to ensure I test properly?
c1em3ntchua
commented
1 week ago @derekcentrico there are some examples in this page.
I have tried SERVER_CITIES=amsterdam and SERVER_CITIES=singapore, and both seem to work as intended.
As for WIREGUARD_ADDRESSES, reference the .conf file that is downloadable from OVPN.com. In my case it was 172.18.90.172/32.
derekcentrico
commented
1 week ago @derekcentrico there are some examples in this page.
I have tried
SERVER_CITIES=amsterdamandSERVER_CITIES=singapore, and both seem to work as intended. As forWIREGUARD_ADDRESSES, reference the.conffile that is downloadable from OVPN.com. In my case it was172.18.90.172/32.
Doh! Didn't see that above earlier.
qdm12
commented
2 days ago As for
WIREGUARD_ADDRESSES, reference the.conffile that is downloadable from OVPN.com.
Note you can also plug in the Wireguard config file directly (search the Wiki I forgot the exact file path 😄)
Anyone had time to try out OpenVPN, so I can merge all this? Thanks 🙏 !
stonedemoman
commented
2 days ago @qdm12 Wireguard has been working perfectly. I tried switching over to OpenVPN to verify for you and it failed. These two errors kept repeating:
ERROR [openvpn] --tls-auth and --tls-crypt are mutually exclusive
dial tcp4: lookup cloudflare.com on 1.1.1.1:53: write udp [redacted]->1.1.1.1:53: write: operation not permitted)
Hope this helps!
qdm12
commented
1 day ago Please re-pull 😉 I changed it to use tls-crypt only for the singapore servers, and tls-auth only for all other servers. Not too sure why that's the case 🤷
stonedemoman
commented
1 day ago Please re-pull 😉 I changed it to use
tls-cryptonly for the singapore servers, andtls-authonly for all other servers. Not too sure why that's the case 🤷
Okay I renewed image and now this error is repeating:
[openvpn] read UDPv4 [ECONNREFUSED]: Connection refused (fd=3,code=111)
qdm12
commented
1 day ago This usually happens when trying to reach the wrong ip address or port. What VPN server are you trying to connect to: hostname/ip, port and tcp-or-udp? Perhaps try changing OPENVPN_ENDPOINT_PORT for example to 1195? 🤔
stonedemoman
commented
1 day ago @qdm12 I was using configs downloaded from the website and pointed to with OPENVPN_CUSTOM_CONFIG. I've tried for a couple hours to get it working now, no success. Attempted to connect to the Miami and Atlanta servers with the IP and port from the ovpn website used with respective OPENVPN_ENDPOINT_IP and OPENVPN_ENDPOINT_PORT variables and with both TCP and UDP plugged into OPENVPN_PROTOCOL variable.
The connection refused errors got replaced with some new errors when I plugged in ip, port, and one protocol variable (two separate times):
[openvpn] UDPv4 link local: (not bound)
[openvpn] TCPv4_CLIENT link local: (not bound)
If there's a specific config set you want me to test out I'd be happy to, in case I'm doing anything wrong.
stonedemoman
commented
2 hours ago @qdm12 I sent you an email with more information
dk.copenhagen.ovpn.com(countrycode.city.ovpn.com)