VPN Manager for OpenVPN

  • Hi Everyone, I’ve just signed up here specifically for this request for some help. I have a NordVPN account and have been successfully using 2 Rpi’s through my VPN using Zomboided great addon, but all of a sudden this has packed up this week. I wondered if there was any reason for both RPI’s to stop working VPN through the addon via ethernet or wifi connection. The addon will no longer connect to NordVPN and says error check sign in details. These details haven’t changed as they still work on other devices (phone, PC).
    Any help would be really appreciated. Many Thanks.

  • Authentication is still working for me, but I can't do the final connection because my account is expired. so I think authentication still works. If you reset the VPN provider (settings/utilities) it'll delete the current settings and you can force a full authentication again.


    The user ID and password to connect is not the same as you type into the GUI - it's retrieved from Nord using the API. Just because the user ID and password you use to access their services hasn't changed, it doesn't mean the one you're using to log on hasn't changed or expired. I thought the code dealt with this and retrieved a new user id and password. If it happens again I'd like to see a trace with debug and http tracing set on (settings/advanced)

  • Authentication is still working for me, but I can't do the final connection because my account is expired. so I think authentication still works. If you reset the VPN provider (settings/utilities) it'll delete the current settings and you can force a full authentication again.


    The user ID and password to connect is not the same as you type into the GUI - it's retrieved from Nord using the API. Just because the user ID and password you use to access their services hasn't changed, it doesn't mean the one you're using to log on hasn't changed or expired. I thought the code dealt with this and retrieved a new user id and password. If it happens again I'd like to see a trace with debug and http tracing set on (settings/advanced)

    Hi zomboided,


    Thankyou for coming back to me. If I’m honest with you, I don’t understand what you have written. But that says more about me than you. All i can explain is that the credentials that i have been putting into the addon to sign in, are and have always been the same and was working up until some point last week. I’d already tried resetting vpn settings several times but that failed with error messages.
    I have changed my isp router in the past week, and wondered if that could be affecting it, but logically that doesn’t follow as I’ve previously plugged the device into several other routers and the VPN has worked without issue, so therefore ruled that out.

  • Hi Zomboided,

    I have managed to resolve the issue, but with difficulty. After resetting the vpn provider settings the issue still remained. This was occurring on both RPI’s using the same reset methods. It wasn’t until I disconnected from my new talktalk isp router (wired & wireless) and used the hotspot connection from my iphone that i was able to stop the authentication error message and connection occuring. Strangely though, now that the Vpn has been set up, the reconnection to the talktalk router works without issue.

  • Well you didn't provide a log, so I have no idea what your problem was. I'm not good at guessing.


    Other people were raising issues on github regarding similar issues and did provide a log. This has resulted in a bigger timeout period for the authentication and an updated version of code. Maybe you also picked that up via the repo.

  • Hello there


    Is VPNSecure still working for this? I got a VPNSecure account, generated fresh key, cert from member area. Then reset all settings in VPNManager for OpenVPN in kodi and configured by following the below steps


    - Choose VPNSecure as VPN provider

    - Entered username and password

    - Then clicked configure first connection

    - Chose United States 5 (UDP) server

    - Selected my username.key file emailed by VPNSecure

    - Selected my username.crt file emailed by VPNSecure

    - Now its asking me to enter the password for the key file. I have no idea what this is. Contacted VPNSecure and they had no clue. They said there is no password for key file. Not entering it is throwing an error. So entered my VPNSecure password. This seems to be fine because I get password error when I enter something random. No password related error when I enter my VPNSecure password.

    - After this step, I get error connecting. Checked log and it says certificate has expired? Not sure why it would say that? I generated them just a few mins ago and they are valid (attached screenshot)


    Would really appreciate the help. Thanks in advance!

    Edited 2 times, last by klashh88 ().

  • It worked 3.5 year ago, when they had passwords on their keys. Totally conceivable that they've changed it since then, I don't use them.

    I'd want to see a log but likely if you want this to work you'll have to go fetch their latest .ovpn files so I can update everything.

  • Hi zomboided,

    I would like to ask you for a favor. I have this VPN server at home, and it works fine. PIVPN: Simplest way to setup a VPN.

    But if I use your super addon, I can't join my house. Because this server PIVPN: Simplest way to setup a VPN generates a .ovpn file in which the username is not entered when logging in. Password only. But your name and password must be filled in your add-on. I tried two variants and it just won't connect to my PIVPN: Simplest way to setup a VPN server.

    I've tried pre-filled providers and they work well, but I need to get home from me from Raspberry to the server :-)


    It will write me an authentication error.


    Could you help me please?

    Thank you

  • I've not used what you're pointing at, and am not going to go find a Pi to install it to understand it.


    You should be able to take the ovpn it generates and use the wizard to ingest it for use as a User Defined. The wizard will do the best job it can based on what it finds, but it's not full proof (and doesn't support passwords for key files - you should avoid using this approach). If the wizard doesn't work you can go and edit the ovpn file directly to make it work.

  • It worked 3.5 year ago, when they had passwords on their keys. Totally conceivable that they've changed it since then, I don't use them.

    I'd want to see a log but likely if you want this to work you'll have to go fetch their latest .ovpn files so I can update everything.

    So, I contacted VPNSecure support and they sent me a OVPN file for me to use. It does not work either. I am getting the same "certificate expired" error. See attached screenshot of the log.


    One issue I am seeing is that their OVPN file has port 1282 but VPNManager is connecting to 1192 per the log. I even tried to disable "Use VPN provider default UDP port" option and manually enter 1282. But from the logs, I am seeing that its still trying to connect to 1192. I contacted their support again with the same error and they are blaming the port as well.


    Let me know if you want me to private message you the OVPN file


    FYI - I tried to use their OVPN file on OpenVPN in Mac to test it. It seems to work fine and connect without issues to port 1282. Just doesnt want to work in Kodi VPNManager alone : /


    Here is the OVPN file (removed the actual certificate and keys obviously). I wonder if the port number is not positioned the way your code expects?


    client

    proto udp

    dev tun

    remote us5.vpnsecure.me 1282

    cipher AES-256-CBC

    verb 3

    mute 20

    keepalive 10 120

    comp-lzo

    float


    <ca>

    -----BEGIN CERTIFICATE-----

    -----END CERTIFICATE-----

    </ca>


    <key>

    -----BEGIN RSA PRIVATE KEY-----

    -----END RSA PRIVATE KEY-----

    </key>


    <cert>

    -----BEGIN CERTIFICATE-----

    -----END CERTIFICATE-----

    </cert>

  • Yes I tried it through a guide and it doesn't work.

    PiVPN generates only a file without a name and when importing it into a mobile phone, or into a classic PC, when requesting a connection, only the PASSWORD without a name is entered. It takes the name from a .ovpn file, so it is not entered.


    PIA WORKS!


    client

    dev tun

    proto udp

    remote italy.privateinternetaccess.com 1198

    resolv-retry infinite

    nobind

    persist-key

    persist-tun

    cipher aes-128-cbc

    auth sha1

    tls-client

    remote-cert-tls server


    auth-user-pass

    compress

    verb 1

    reneg-sec 0

    <crl-verify>



    And PiVPN in VPN manager no :-(: config here:


    client

    dev tun

    proto udp

    remote my home server 1198

    resolv-retry infinite

    nobind

    persist-key

    persist-tun

    key-direction 1

    remote-cert-tls server

    tls-version-min 1.2

    verify-x509-name server_GC3KEft2rz9EmkJ0 name

    cipher AES-256-CBC

    auth SHA256

    auth-nocache

    verb 3

    <ca>


    Is it possible to modify it so that it requires a username when connecting like a PIA?

    Edited once, last by Ondrej2005: add info ().

  • Ondrej2005 you can change the ovpn to do anything you want, go see the documentation on the wiki on User Defined.

    A password on a key file, which is what I think you have is not going to work. This is a known issue which I'm not planning on fixing anytime soon. You might be able to work around this by editting the ovpn directly. Or changing PiVPN to not require a password on a keyfile.

  • The addon is great, but I just can't connect with open VPN :-( (PiVPN), while PiVPN is used by a lot of people connected to Raspberry Pi. The creator said he won't do support.


    I would try it with WireGuard, but there is no support for it yet :-(