Closed greatcoco closed 4 years ago
@greatcoco I added a fix and regression tested it. Please can you pull tag latest-amd64 / latest-rpi4 to see if issue is fixed on your end. Thanks.
Thanks
Just tried on my unpaid server, pulled the latest-amd64, it went further 👍
info] Setting variables [info] Set various ports to docker variables [info] Determine openvpn port from config file [info] Determine openvpn protocol from config file [info] Will connect openvpn on port=443 proto=udp [info] Determine eth0 network for iptables [info] eth0 IP is 172.17.0.2 in network 172.17.0.0/16 [info] All variables set
[info] Fixing configs [info] stubby fixed [info] danted fixed [info] tinyproxy fixed [info] torsocks fixed [info] privoxy fixed [info] All configs fixed
[info] Run stubby in background on port 53 [16:46:09.689285] STUBBY: Read config from file /etc/stubby/stubby.yml [warn] Your ISP public IP is x.x.x.x
[info] Set up nftables rules [info] Flusing ruleset [info] Added route 192.168.1.0/24 via 172.17.0.1 dev eth0 [info] Editing ruleset [info] Apply rules [info] All rules created
[info] Quick block test. Expected result is time out. Actual result is ;; connection timed out; no servers could be reached
[info] Setting up OpenVPN tunnel [info] Create tunnel device [info] Allow DnS-over-TLS for openvpn to lookup VPN server [info] Connecting to VPN on port 443 with proto udp... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s...
So it seems now to take the correct port. is there a logs file that I can retrieve inside the docker to investigate further ?
@greatcoco Most frequent causes are missing credentials (auth-user-pass) and/or missing certs (crl-verify / ca). If you have them in a file, you have to point to the absolute path of the file. So for example if your credentials is in /etc/openvpn/credentials.conf then your auth-user-pass line should be
auth-user-pass /etc/openvpn/credentials.conf
@testdasi Unfortunately this problem is still there, at least for me :/
I have two sets of *.ovpn files (one for using NordVPN, the other for my own vpn server), they both work well on binhex/arch-delugevpn, but i wanted to follow your lead to supersede this with your solution, moving to a raspberry pi. The raspberry pi has Ubuntu 20.04.2 LTS 64bit installed.
NordVPN uses username and password authentication in a separate file (pointed to from the ovpn file). My own vpn does not use username/password credentials and contains all required info in the .ovpn file.
For binhex/arch-delugevpn docker-compose.yml file i configured VPN_PROV=custom for both cases.
Any help would be much appreciated.
auth.txt:
[user_name]
[password]
openvpn.ovpn:
client
dev tun
proto udp
remote x.x.x.x 1194
resolv-retry infinite
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping 15
ping-restart 0
ping-timer-rem
reneg-sec 0
comp-lzo no
remote-cert-tls server
auth-user-pass auth.txt
verb 3
pull
fast-io
cipher AES-256-CBC
auth SHA512
<ca>
-----BEGIN CERTIFICATE-----
[data]
-----END CERTIFICATE-----
</ca>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
[data]
-----END OpenVPN Static key V1-----
</tls-auth>
openvpn.ovpn:
client
dev tun
proto udp
remote x.x.x.x 443
resolv-retry infinite
nobind
persist-key
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
verb 3
<ca>
-----BEGIN CERTIFICATE-----
[data]
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
[data]
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
[data]
-----END PRIVATE KEY-----
</key>
<tls-crypt>
-----BEGIN OpenVPN Static key V1-----
[data]
-----END OpenVPN Static key V1-----
</tls-crypt>
I got the same error and I removed all stuff with route
, maybe this helps you.
Hi, I'm trying to use the container on Unraid and I'm using the provider airvpn , just listing a piece of the configuration "client dev tun remote 134.19.179.242 443"
When I look at the logs of docker, it's trying to connect on a port 2443 regardless of the port set in the openvpn.ovpn file.
[info] Setting up OpenVPN tunnel [info] Create tunnel device [info] Allow DnS-over-TLS for openvpn to lookup VPN server [info] Connecting to VPN on port 2443 with proto udp... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s... [info] Connection in progress, wait 10s...
Thanks for your promising container