VPN Manager for OpenVPN

  • Hi,


    Still trying to connect frmo oustide when CG VPN is activated. Reading the logs, I can see this:


    Quote

    [...]

    2020-06-29 14:28:35.080 T:2580542320 NOTICE: proto udp

    2020-06-29 14:28:35.081 T:2580542320 NOTICE: remote 87-1-gb.cg-dialup.net 443

    [...]


    Is it normal to use port 443 here. I would've expected port 1194 when I chose UDP, where am I wrong? I didn't change anything in VPN Manager settings. Logs copied on pastebin, after UDP and TCP connection tests.


    Note that I have Nextcloud running on port 443, that could matter if this port has to be used as well for the VPN.

    I'm also wondering about the ipv6 warning you can see in the logs:


    Quote


    2020-06-29 14:35:18.224 T:2672530288 NOTICE: Mon Jun 29 14:34:43 2020 WARNING: OpenVPN was configured to add an IPv6 route over tun0. However, no IPv6 has been configured for this interface, therefore the route installation may fail or may not work as expected.


    Thanks.

  • Is it normal to use port 443 here. I would've expected port 1194 when I chose UDP, where am I wrong? I didn't change anything in VPN Manager settings. Logs copied on pastebin, after UDP and TCP connection tests.

    Different providers use different ports. Some providers allow connections on multiple ports. If you switch off 'Use VPN provider default UDP port' on the VPN Config tab in settings, then you can choose the port you use. It won't work unless your VPN provider allows it though.

  • OK. Does someone know which port is used by default by CG with OpenVPN? I'm having hard time finding it and I'm still waiting for an answer from CG support...

  • Different providers use different ports. Some providers allow connections on multiple ports. If you switch off 'Use VPN provider default UDP port' on the VPN Config tab in settings, then you can choose the port you use. It won't work unless your VPN provider allows it though.

    And what about the ipv6 warning? Should I worry about it?

  • It's an openvpn warning. I don't see it on my installs. You should go and research it in the openvpn documentation/forums or (less so) your VPN provider support team.

  • No, use the user defined wizard

    I've used that and there's a problem with dns. Ive checked on doileak.com and it fails on dns. Is there any guide on how to use the alternative up ans down scripts? What do I need to put and where in the scripts?

  • I've used that and there's a problem with dns. Ive checked on doileak.com and it fails on dns. Is there any guide on how to use the alternative up ans down scripts? What do I need to put and where in the scripts?

    Surfshark works very well with Zomboided's VPN Manager using the user defined wizard.

    However there are issues with Libreelec's implementation of Network Manager that I have found make it impossible to prevent DNS leaks with Surfshark (and previously with NordVPN) whether using VPN Manager or directly with openvpn.

    This means that connections to some streaming services are very inconsistent.

    After many hours I eventually gave up and moved to running Kodi on Raspbian on a Pi4 and OSMC on a Pi3 which both work perfectly with VPN Manager without any further messing around with settings.

  • Surfshark works very well with Zomboided's VPN Manager using the user defined wizard.

    However there are issues with Libreelec's implementation of Network Manager that I have found make it impossible to prevent DNS leaks with Surfshark (and previously with NordVPN) whether using VPN Manager or directly with openvpn.

    This means that connections to some streaming services are very inconsistent.

    After many hours I eventually gave up and moved to running Kodi on Raspbian on a Pi4 and OSMC on a Pi3 which both work perfectly with VPN Manager without any further messing around with settings.

    Sorted it Ive now got Surfshark working with no DNS leaks. I used the alternative up/down scripts with the following DNS servers, 1.1.1.1, 1.0.0.1, 8.8.8.8. I used the scripts from up.sh and down.sh scripts for LibreElec - DNS Leakage · Issue #282 · Zomboided/service.vpn.manager · GitHub

    foreign_option_1='dhcp-option DNS 1.1.1.1' foreign_option_2='dhcp-option DNS 1.0.0.1' foreign_option_3='dhcp-option DNS 8.8.8.8'


    Remember to remove the # at the start of each foreign_option, and change DOMAIN to DNS on option 3.

  • Sorry for a silly question


    I have this installed in a custom build kodi on Liberelec


    I used slickvpn and was able to successfully setup and make a connection using their ovpn file. I have it configured to auto connect when I boot Kodi. I see successful connection message when I start Kodi


    My problem is - the add ons are not going through VPN i guess. I have indigo installed which shows external ip address. That is still showing my public IP address provided by ISP. Shouldnt it show slickvpn's IP address? Same when I run speed test arnubox. It is detecting my local city location and showing my public IP instead of slickvpn assigned IP


    Btw, I have a odd kodi build and it does not show me a 'Display VPN Status' option to check the status and see the IP address


    Edit - I saw that under Utilities, there is an option to add key mappings to display MAP VPN connection cycle, table, map information display. I configured those to function keys on my remote. Tried pressing each of those


    Map VPN connection cycle button shows the connection status and says I am connected to slickvpn

    Map VPN connection table button shows I am connected as well

    Map information display button shows I am connected. But it shows my external IP as my ISP (comcast) assigned public address. It is not showing the slickvpn address


    What am I missing here? It says I am connected but not really?


    Edit 2 - So, I looked at the OpenVPN log and I see some errors. So it failed even though it shows that I am connected successfully?


    Tue Aug 11 00:46:20 2020 /sbin/ip route add 104.238.198.14/32 via 192.168.0.1

    Tue Aug 11 00:46:20 2020 /sbin/ip route del 0.0.0.0/0

    Tue Aug 11 00:46:20 2020 /sbin/ip route add 0.0.0.0/0 via 10.10.8.1

    ip: RTNETLINK answers: File exists


    Then found the below post that they had a similar problem as well


    Setup SlickVPN on Raspberry Pi 2 running LibreElec and Kodi 17.5 | Wilders Security Forums


    I tried doing the SSH route and I got the same error

    Edited 4 times, last by klashh88 ().

  • When you validate the connections, the add-on will make a call to an external service (like whatismyip or whatever) to see what your IP address is. If you see the same address as your IP provider gave you, then the connection to your VPN provider has worked (in that openvpn returns that the connection is successful), but probably some aspect of the routing or DNS has gone wrong. This is probably caused by a bad ovpn file.


    Follow the trouble shooting guide on the wiki using the command line to eliminate Kodi and VPN Mgr and go get help from your VPN provider support team.


    And do it on a regular build and not some bullshit wizard build with Indigo installed.

  • Hi Everyone, I’ve just signed up here specifically for this request for some help. I have a NordVPN account and have been successfully using 2 Rpi’s through my VPN using Zomboided great addon, but all of a sudden this has packed up this week. I wondered if there was any reason for both RPI’s to stop working VPN through the addon via ethernet or wifi connection. The addon will no longer connect to NordVPN and says error check sign in details. These details haven’t changed as they still work on other devices (phone, PC).
    Any help would be really appreciated. Many Thanks.

  • Authentication is still working for me, but I can't do the final connection because my account is expired. so I think authentication still works. If you reset the VPN provider (settings/utilities) it'll delete the current settings and you can force a full authentication again.


    The user ID and password to connect is not the same as you type into the GUI - it's retrieved from Nord using the API. Just because the user ID and password you use to access their services hasn't changed, it doesn't mean the one you're using to log on hasn't changed or expired. I thought the code dealt with this and retrieved a new user id and password. If it happens again I'd like to see a trace with debug and http tracing set on (settings/advanced)