VPN Manager for OpenVPN

  • duckdns address. Local traffic shouldn’t be going through the VPN. It should come into the router (which isn’t using the VPN) and be forwarded over your local network to your Pi. It’s exactly how I run mine, albeit with a different dynamic DNS service

    That's what I understand. And I have no problem connecting to Libreelec from my local network when the VPN is activated. The problem occurs only when trying to connect to Librelec from outside. I can only reach my router, but not my Raspberry hosting Librelec. Port forwarding should'nt be an issue as everything work fine when VPN is deactivated, am I right? I'm running out of ideas, it seems pretty simple but doesn't work, should I try a different VPN service provider?


    Thanks

  • That's what I understand. And I have no problem connecting to Libreelec from my local network when the VPN is activated. The problem occurs only when trying to connect to Librelec from outside. I can only reach my router, but not my Raspberry hosting Librelec. Port forwarding should'nt be an issue as everything work fine when VPN is deactivated, am I right? I'm running out of ideas, it seems pretty simple but doesn't work, should I try a different VPN service provider?


    Thanks

    How do you try to connect from outside? I even don't have a clue to do that, tanks! I just want to be able to connect from my phone to see photos and documents from an HDD connected to the Rpi, when i'm outside home.

  • Hi,


    Still trying to connect frmo oustide when CG VPN is activated. Reading the logs, I can see this:


    Quote

    [...]

    2020-06-29 14:28:35.080 T:2580542320 NOTICE: proto udp

    2020-06-29 14:28:35.081 T:2580542320 NOTICE: remote 87-1-gb.cg-dialup.net 443

    [...]


    Is it normal to use port 443 here. I would've expected port 1194 when I chose UDP, where am I wrong? I didn't change anything in VPN Manager settings. Logs copied on pastebin, after UDP and TCP connection tests.


    Note that I have Nextcloud running on port 443, that could matter if this port has to be used as well for the VPN.

    I'm also wondering about the ipv6 warning you can see in the logs:


    Quote


    2020-06-29 14:35:18.224 T:2672530288 NOTICE: Mon Jun 29 14:34:43 2020 WARNING: OpenVPN was configured to add an IPv6 route over tun0. However, no IPv6 has been configured for this interface, therefore the route installation may fail or may not work as expected.


    Thanks.

  • Is it normal to use port 443 here. I would've expected port 1194 when I chose UDP, where am I wrong? I didn't change anything in VPN Manager settings. Logs copied on pastebin, after UDP and TCP connection tests.

    Different providers use different ports. Some providers allow connections on multiple ports. If you switch off 'Use VPN provider default UDP port' on the VPN Config tab in settings, then you can choose the port you use. It won't work unless your VPN provider allows it though.

  • OK. Does someone know which port is used by default by CG with OpenVPN? I'm having hard time finding it and I'm still waiting for an answer from CG support...

  • Different providers use different ports. Some providers allow connections on multiple ports. If you switch off 'Use VPN provider default UDP port' on the VPN Config tab in settings, then you can choose the port you use. It won't work unless your VPN provider allows it though.

    And what about the ipv6 warning? Should I worry about it?

  • It's an openvpn warning. I don't see it on my installs. You should go and research it in the openvpn documentation/forums or (less so) your VPN provider support team.

  • No, use the user defined wizard

    I've used that and there's a problem with dns. Ive checked on doileak.com and it fails on dns. Is there any guide on how to use the alternative up ans down scripts? What do I need to put and where in the scripts?

  • I've used that and there's a problem with dns. Ive checked on doileak.com and it fails on dns. Is there any guide on how to use the alternative up ans down scripts? What do I need to put and where in the scripts?

    Surfshark works very well with Zomboided's VPN Manager using the user defined wizard.

    However there are issues with Libreelec's implementation of Network Manager that I have found make it impossible to prevent DNS leaks with Surfshark (and previously with NordVPN) whether using VPN Manager or directly with openvpn.

    This means that connections to some streaming services are very inconsistent.

    After many hours I eventually gave up and moved to running Kodi on Raspbian on a Pi4 and OSMC on a Pi3 which both work perfectly with VPN Manager without any further messing around with settings.

  • Surfshark works very well with Zomboided's VPN Manager using the user defined wizard.

    However there are issues with Libreelec's implementation of Network Manager that I have found make it impossible to prevent DNS leaks with Surfshark (and previously with NordVPN) whether using VPN Manager or directly with openvpn.

    This means that connections to some streaming services are very inconsistent.

    After many hours I eventually gave up and moved to running Kodi on Raspbian on a Pi4 and OSMC on a Pi3 which both work perfectly with VPN Manager without any further messing around with settings.

    Sorted it Ive now got Surfshark working with no DNS leaks. I used the alternative up/down scripts with the following DNS servers, 1.1.1.1, 1.0.0.1, 8.8.8.8. I used the scripts from up.sh and down.sh scripts for LibreElec - DNS Leakage · Issue #282 · Zomboided/service.vpn.manager · GitHub

    foreign_option_1='dhcp-option DNS 1.1.1.1' foreign_option_2='dhcp-option DNS 1.0.0.1' foreign_option_3='dhcp-option DNS 8.8.8.8'


    Remember to remove the # at the start of each foreign_option, and change DOMAIN to DNS on option 3.

  • Sorry for a silly question


    I have this installed in a custom build kodi on Liberelec


    I used slickvpn and was able to successfully setup and make a connection using their ovpn file. I have it configured to auto connect when I boot Kodi. I see successful connection message when I start Kodi


    My problem is - the add ons are not going through VPN i guess. I have indigo installed which shows external ip address. That is still showing my public IP address provided by ISP. Shouldnt it show slickvpn's IP address? Same when I run speed test arnubox. It is detecting my local city location and showing my public IP instead of slickvpn assigned IP


    Btw, I have a odd kodi build and it does not show me a 'Display VPN Status' option to check the status and see the IP address


    Edit - I saw that under Utilities, there is an option to add key mappings to display MAP VPN connection cycle, table, map information display. I configured those to function keys on my remote. Tried pressing each of those


    Map VPN connection cycle button shows the connection status and says I am connected to slickvpn

    Map VPN connection table button shows I am connected as well

    Map information display button shows I am connected. But it shows my external IP as my ISP (comcast) assigned public address. It is not showing the slickvpn address


    What am I missing here? It says I am connected but not really?


    Edit 2 - So, I looked at the OpenVPN log and I see some errors. So it failed even though it shows that I am connected successfully?


    Tue Aug 11 00:46:20 2020 /sbin/ip route add 104.238.198.14/32 via 192.168.0.1

    Tue Aug 11 00:46:20 2020 /sbin/ip route del 0.0.0.0/0

    Tue Aug 11 00:46:20 2020 /sbin/ip route add 0.0.0.0/0 via 10.10.8.1

    ip: RTNETLINK answers: File exists


    Then found the below post that they had a similar problem as well


    Setup SlickVPN on Raspberry Pi 2 running LibreElec and Kodi 17.5 | Wilders Security Forums


    I tried doing the SSH route and I got the same error

    Edited 4 times, last by klashh88 ().

  • When you validate the connections, the add-on will make a call to an external service (like whatismyip or whatever) to see what your IP address is. If you see the same address as your IP provider gave you, then the connection to your VPN provider has worked (in that openvpn returns that the connection is successful), but probably some aspect of the routing or DNS has gone wrong. This is probably caused by a bad ovpn file.


    Follow the trouble shooting guide on the wiki using the command line to eliminate Kodi and VPN Mgr and go get help from your VPN provider support team.


    And do it on a regular build and not some bullshit wizard build with Indigo installed.