search

testdasi / openvpn-client-aio

"All-in-one" docker for all your private browsing needs. OpenVPN client, HTTP + Socks + TOR proxies, DNS-over-TLS.
GNU General Public License v3.0
24 stars 4 forks source link

airvpn.org providers #1

Closed greatcoco closed 4 years ago

greatcoco commented 4 years ago

Hi, I'm trying to use the container on Unraid and I'm using the provider airvpn , just listing a piece of the configuration "client dev tun remote 134.19.179.242 443"

When I look at the logs of docker, it's trying to connect on a port 2443 regardless of the port set in the openvpn.ovpn file.

[info] Setting up OpenVPN tunnel [info] Create tunnel device [info] Allow DnS-over-TLS for openvpn to lookup VPN server [info] Connecting to VPN on port 2443 with proto udp... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s...

Thanks for your promising container

testdasi commented 4 years ago

@greatcoco I added a fix and regression tested it. Please can you pull tag latest-amd64 / latest-rpi4 to see if issue is fixed on your end. Thanks.

greatcoco commented 4 years ago

Thanks

Just tried on my unpaid server, pulled the latest-amd64, it went further 👍

info] Setting variables [info] Set various ports to docker variables [info] Determine openvpn port from config file [info] Determine openvpn protocol from config file [info] Will connect openvpn on port=443 proto=udp [info] Determine eth0 network for iptables [info] eth0 IP is 172.17.0.2 in network 172.17.0.0/16 [info] All variables set

[info] Fixing configs [info] stubby fixed [info] danted fixed [info] tinyproxy fixed [info] torsocks fixed [info] privoxy fixed [info] All configs fixed

[info] Run stubby in background on port 53 [16:46:09.689285] STUBBY: Read config from file /etc/stubby/stubby.yml [warn] Your ISP public IP is x.x.x.x

[info] Set up nftables rules [info] Flusing ruleset [info] Added route 192.168.1.0/24 via 172.17.0.1 dev eth0 [info] Editing ruleset [info] Apply rules [info] All rules created

[info] Quick block test. Expected result is time out. Actual result is ;; connection timed out; no servers could be reached

[info] Setting up OpenVPN tunnel [info] Create tunnel device [info] Allow DnS-over-TLS for openvpn to lookup VPN server [info] Connecting to VPN on port 443 with proto udp... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s...

So it seems now to take the correct port. is there a logs file that I can retrieve inside the docker to investigate further ?

testdasi commented 4 years ago

@greatcoco Most frequent causes are missing credentials (auth-user-pass) and/or missing certs (crl-verify / ca). If you have them in a file, you have to point to the absolute path of the file. So for example if your credentials is in /etc/openvpn/credentials.conf then your auth-user-pass line should be auth-user-pass /etc/openvpn/credentials.conf

CryptoVaraan commented 3 years ago

@testdasi Unfortunately this problem is still there, at least for me :/

I have two sets of *.ovpn files (one for using NordVPN, the other for my own vpn server), they both work well on binhex/arch-delugevpn, but i wanted to follow your lead to supersede this with your solution, moving to a raspberry pi. The raspberry pi has Ubuntu 20.04.2 LTS 64bit installed.

NordVPN uses username and password authentication in a separate file (pointed to from the ovpn file). My own vpn does not use username/password credentials and contains all required info in the .ovpn file.

For binhex/arch-delugevpn docker-compose.yml file i configured VPN_PROV=custom for both cases.

Any help would be much appreciated.

NordVPN files (this works well):

auth.txt:

[user_name]
[password]

openvpn.ovpn:

client
dev tun
proto udp
remote x.x.x.x 1194
resolv-retry infinite
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping 15
ping-restart 0
ping-timer-rem
reneg-sec 0
comp-lzo no

remote-cert-tls server

auth-user-pass auth.txt
verb 3
pull
fast-io
cipher AES-256-CBC
auth SHA512
<ca>
-----BEGIN CERTIFICATE-----
[data]
-----END CERTIFICATE-----
</ca>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
[data]
-----END OpenVPN Static key V1-----
</tls-auth>

my VPN file (this is giving the problem mentioned above) :

openvpn.ovpn:

client
dev tun
proto udp
remote x.x.x.x 443
resolv-retry infinite
nobind
persist-key
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
verb 3
<ca>
-----BEGIN CERTIFICATE-----
[data]
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
[data]
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
[data]
-----END PRIVATE KEY-----
</key>
<tls-crypt>
-----BEGIN OpenVPN Static key V1-----
[data]
-----END OpenVPN Static key V1-----
</tls-crypt>
Technikte commented 3 years ago

I got the same error and I removed all stuff with route , maybe this helps you.