[Support] dyonr - passthroughvpn


Dyon

Recommended Posts

 

Very annoying, Unraid Forums does not send me emails, even though I do follow all my threads... Sorry for the late reply.

 

On 3/12/2021 at 6:45 AM, sonic6 said:

@Dyon is this somthing that can also help, if your container restarts and the passthrought container lost connection?

https://github.com/elmerfdz/rebuild-dndc

https://unraid.net/community/apps?q=Rebuild-DNDC#r

Will look into this, but I honestly think the script I made basically does the same as what rebuild-dndc seems to do, but has more (in my opinion) useless options. Nevertheless, it does seem interesting and will see if I will make a tutorial for how to use it with my container.

 

On 3/13/2021 at 9:12 PM, Trevo525 said:

Request for advice. I want to host multiple containers that use the same port. Can I somehow change the port from one container to another?

Could you perhaps give a more extensive explanation with examples?

Should be possible if you thinker around with ports numbers.

 

On 3/18/2021 at 3:05 PM, JNCK said:

I’m having issues with Docker containers becoming unreachable after 20 minutes or so [mention]Dyonr [/mention].

I have a post about this here:
https://r.tapatalk.com/shareLink/topic?share_fid=18593&share_tid=104249&url=https%3A%2F%2Fforums%2Eunraid%2Enet%2Findex%2Ephp%3F%2Ftopic%2F104249-Docker-containers-become-unreachable-after-20-minutes&share_type=t&link_source=app

I can’t solve it :/

 

Do all Docker containers become unreachable, only passthroughvpn or only the Docker that you route through it?

 

 

  • Thanks 1
Link to comment
 
Very annoying, Unraid Forums does not send me emails, even though I do follow all my threads... Sorry for the late reply.
 
 
Do all Docker containers become unreachable, only passthroughvpn or only the Docker that you route through it?
 
 

All the container I route through passthroughvpn become unreachable. I can restart only one Docker container that uses passthourghvpn and then only that Docker container works for around 20 minutes.

All other container that just use my normal network just work fine. Only the containers that use passthroughvpn are affected.

Thanks!


Verzonden vanaf mijn iPhone met Tapatalk
Link to comment
Just now, JNCK said:


All the container I route through passthroughvpn become unreachable. I can restart only one Docker container that uses passthourghvpn and then only that Docker container works for around 20 minutes.

All other container that just use my normal network just work fine. Only the containers that use passthroughvpn are affected.

Thanks!


Verzonden vanaf mijn iPhone met Tapatalk

 

Dutch:

Het kan misschien zijn dat de passthrough container verbinding verliest met je VPN provider, hierdoor herstart de passthroughvpn container om de verbinding opnieuw op te bouwen. Kan je in de logs kijken of je kan zien wanneer de passthroughvpn container voor het laatst herstart is? Anders kan je ook de console openen van de passthrough container en bijvoorbeeld 'ping google.com' of ping '1.1.1.1' doen. Ik heb ook een script gemaakt die automatisch alle containers herstart die door de passthroughvpn container gelust worden. Ik heb hier ook een uitleg geschreven over hoe je een script kan toevoegen die automatisch alle containers herstart wanneer de passthroughvpn container offline is geweest: 

 

English:

It might be that the passthrough container loses connection with your VPN provider, which causes the passthroughvpn container to restart in order to rebuild the connection. Can you look in the logs to see when the passthroughvpn container was last restarted? Otherwise you can also open the console of the passthrough container and do for example 'ping google.com' or ping '1.1.1.1'. I also created a script that automatically restarts all containers routed through the passthroughvpn container. I also wrote a tutorial here on how to add a script that automatically restarts all containers when the passthroughvpn container has been offline: 

 

Link to comment
  • 3 weeks later...

Hi, i'm wondering if anyone has gotten this to work with Private Internet Access PIA?  I am getting slow speeds on OVPN, but my desktop wireguard client screams. PIA is kind of weird about their WG config files it seems. I found a script that can guess at creating the wg0 file, but I'm looking for something a bit more official, or at least tested. I couldn't get the script to work, but I don't know if it's me or them...

 

Thanks!

Link to comment
  • 1 month later...

@Dyon

 

I have installed the passthroughvpn app, and have it connecting to PIA. Through the app I am running Emby, however, I am unable to access Emby from outside the network.

 

The reason for using your passthroughvpn app is that I use a 4G Router for my internet connection, and of course, they use CGNAT so anything that I want to access outside my network doesn't work through the internet connection, in this example, I want to connect to Emby from outside my LAN.

 

As I say, I have a OPENVPN connection using your app, and it appears to be runnning, and Emby is now pointing at the passthroughvpn app. I can access and use Emby within my LAN, but I believe I need to do a PIA portforward to open Emby up to the internet. Your instructions mention using a Windscribe Static IP, but I assume I can do the same with port forwarding through the PIA OPENVPN Connection?

 

I have read through the PIA Portforwarding posts on the PIA forum, and they suggest using the following script:

 

PIA Portforward

 

How would I insert/use this script to enable the Portforward using your app???

 

Anyone else tried doing this?? Any suggestions??

 

Cheers

Link to comment
19 minutes ago, apefray said:

@Dyon

 

I have installed the passthroughvpn app, and have it connecting to PIA. Through the app I am running Emby, however, I am unable to access Emby from outside the network.

 

The reason for using your passthroughvpn app is that I use a 4G Router for my internet connection, and of course, they use CGNAT so anything that I want to access outside my network doesn't work through the internet connection, in this example, I want to connect to Emby from outside my LAN.

 

As I say, I have a OPENVPN connection using your app, and it appears to be runnning, and Emby is now pointing at the passthroughvpn app. I can access and use Emby within my LAN, but I believe I need to do a PIA portforward to open Emby up to the internet. Your instructions mention using a Windscribe Static IP, but I assume I can do the same with port forwarding through the PIA OPENVPN Connection?

 

I have read through the PIA Portforwarding posts on the PIA forum, and they suggest using the following script:

 

PIA Portforward

 

How would I insert/use this script to enable the Portforward using your app???

 

Anyone else tried doing this?? Any suggestions??

 

Cheers

 

I fully understand what you wish to achieve, but sadly I do not think I can help with this. I do not use PIA myself and have no experience with it. The process of the PIA Portforwarding also seems quite complex. You can still try to give it a shot yourself.

 

The GitHub Page (https://github.com/pia-foss/manual-connections) says that you need to run the following;

git clone https://github.com/pia-foss/manual-connections.git
cd manual-connections
sudo ./run_setup.sh

 

I do not think my container has git installed and sudo is also unnecessary, so I think you would need to run to following inside my container:

apt update && apt upgrade -y && apt install -y git
cd /tmp
git clone https://github.com/pia-foss/manual-connections.git
cd manual-connections
./run_setup.sh
(Or any other script than run_setup.sh)

 

Try to read the GitHub page and see how far you can get. Hopefully someone else has more experience with it and can help you. If I need to include something minor to the container to make stuff like this work for PIA users, I'm willing to do that.

Link to comment
5 minutes ago, apefray said:

Or  I suppose I could just sign up to Windscribe and follow your tutorial, lol!

 

That maybe the easy option, assuming doing this will work as I intend?

 

Well Windscribe obviously comes with additional costs, but if that is no problem for you, that would work of course.

I use Windscribe static IP myself, so that must work. Just make sure to follow my explanation on my GitHub page precisely 😁

Link to comment

Well, I haven't been too impressed with PIA lately, so maybe its time to change anyway.

 

I have just read a few documents on Windscribe, and it appears I can do exactly what I want to do quite easily, with most of the settings in my account :)

 

Happy Days........

Link to comment

@Dyon

 

Yahhhhh, we have success. So easy through windscibe compared to PIA....... Im now running Emby through the passthroughvpn app and can access it through the LAN and WAN :)

 

The only small issue I seem to have (although it maybe nothing), In the logs it shows the following warnings:

 

Sun Jun 6 11:04:22 2021 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1602', remote='link-mtu 1550'
Sun Jun 6 11:04:22 2021 WARNING: 'cipher' is used inconsistently, local='cipher AES-256-CBC', remote='cipher AES-256-GCM'
Sun Jun 6 11:04:22 2021 WARNING: 'auth' is used inconsistently, local='auth SHA512', remote='auth [null-digest]'

 

Are these anything to worry about? I checked the Windscribe-StaticIP.ovpn file and it shows the following settings:

 

auth SHA512
cipher AES-256-CBC

 

So why does the server differ???

 

Next, to get delugeVPN to work with windscribe :/

Edited by apefray
Link to comment

@Dyon

 

Ok, everything appears to be working as it should be:

 

DelugeVPN is now using Windscribe and is working

 

passthroughvpn is working with Emby being passed through it

 

Can access Emby both on the Lan and Wan as intended, except, the Wan side only works when using mobile broadband on a phone. For some strange reason, trying to access Emby from outside the Lan using standard home broadband doesn't work as it should. When connecting to Emby over the Internet, it's very slow, and doesn't load fully. If it does manage to load and present the login screen, after entering the login credentials, nothing happens, it just sits at the login screen, checking the Emby dashboard shows a connection though. However, accessing Emby over 4G from a phone or a laptop/computer using the personal hotspot on the phone, everything works as it should.

 

So why can I access Emby using Mobile Broadband, but not using standard home broadband (tried using BT, Virgin, Sky..... All produce the same issue)

Link to comment

@apefray 

 

Great to hear that it works with Windscribe! 😁

 

The MTU and other warnings is something you can ignore. I've been running systems for months without problems.

You can switch to AES-256-GCM instead of AES-256-CBC to get rid of one error, I think.

 

Do you also have to problem with connecting to Emby if you use an in-private/incognito window?

Is your internet connection of where you host it (your 4G router) fast enough?

Link to comment
  • 3 weeks later...

How can I disable IPv6  in the container.

 

Quote

[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.100.0.15/32 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] resolvconf -a wg0 -m 0 -x
[#] wg set wg0 fwmark 51820
[#] ip -6 route add ::/0 dev wg0 table 51820
Error: IPv6 is disabled on nexthop device.
[#] resolvconf -d wg0 -f
[#] ip link delete dev wg0

 

Link to comment

@Dyon

 

Just wanted to revisit this..... Unfortunately, after several weeks of working with Windscribe to get this working, I had the thought of using a different VPN docker. Im now using the OPENVPN-Client Docker and hey presto it all now works as it should. I am now able to connect to emby through both 4G and Broadband.

 

Not sure why your app isn't working with Broadband connections though (for me at least) but Emby is now fully functional through a 4G router and CGNAT.

Link to comment
1 hour ago, apefray said:

@Dyon

 

Just wanted to revisit this..... Unfortunately, after several weeks of working with Windscribe to get this working, I had the thought of using a different VPN docker. Im now using the OPENVPN-Client Docker and hey presto it all now works as it should. I am now able to connect to emby through both 4G and Broadband.

 

Not sure why your app isn't working with Broadband connections though (for me at least) but Emby is now fully functional through a 4G router and CGNAT.

Great to hear you fixed it, sorry I couldn't help you with your problem.

Link to comment

Hi, I have some trouble getting local access to specific ports and would be really happy about some help:
I'm piping a nginx docker through this docker through wireguard to a vps as connection point to the internet. This part works fine, but I can't manage to get access to the web interface of my local nginx docker any more, although I've mapped the port of nginx in the passthroughvpn docker and added it to the 'ADDITIONAL_PORTS'.

The 'LAN_NETWORK' is set to the IP of my Unraid server (192.168.178.44/32), I suppose that's correct?

 

When I try to access the ui from within the tunnel via curl, it works, also, maybe the strangest part, from the unraid server curl also has access to the mapped port. From all other device in the network the connection times out.

I tried passing through other dockers, no luck, also tried using the nzbgetvpn docker as vpn instead.

I'm on Unraid 6.9.2. In the logs I didn't see anything suspicious, but here they are in any case.

 

Any help would be much appreciated, thanks

 

Link to comment
8 minutes ago, Xohoo said:

The 'LAN_NETWORK' is set to the IP of my Unraid server (192.168.178.44/32), I suppose that's correct?

No, you should use your full subnet, for example 192.168.178.0/24. I think that would fix your issues. Let me know what does and doesn't work after changing that.

  • Like 1
Link to comment

The auto restart user script has never worked for me. I have several containers routed through the network, it only ever restarts one of them. I get this error. Everything works properly the way it should except for the auto restarting.

 

Return low-level information on Docker objects
date: option requires an argument -- 'd'
Try 'date --help' for more information.
2021-07-03 20:41:53 | Failed to get status of passthroughvpn container id .
2021-07-03 20:41:53 | Obtaining the new Docker id, the container most likely updated or did rebuild.
2021-07-03 20:42:03 | Restarting Jackett (Container ID 2bd5d4e6b5927707b846cbf0e0e007c5315f0c74139df5a4643ce97695cd397f)
2bd5d4e6b5927707b846cbf0e0e007c5315f0c74139df5a4643ce97695cd397f
Error: No such object: 791a198e943ca7428dc7d23a5a5fefb1a02661414e6b2374effacba71fa5b20f
date: option requires an argument -- 'd'
Try 'date --help' for more information.
2021-07-03 20:53:39 | Failed to get status of passthroughvpn container id 791a198e943ca7428dc7d23a5a5fefb1a02661414e6b2374effacba71fa5b20f.
2021-07-03 20:53:39 | Obtaining the new Docker id, the container most likely updated or did rebuild.
Error: No such object: PassThroughVPN
"docker inspect" requires at least 1 argument.
See 'docker inspect --help'.

Usage: docker inspect [OPTIONS] NAME|ID [NAME|ID...]

Link to comment
6 hours ago, wdaniel52601 said:

The auto restart user script has never worked for me. I have several containers routed through the network, it only ever restarts one of them. I get this error. Everything works properly the way it should except for the auto restarting.

 

Return low-level information on Docker objects
date: option requires an argument -- 'd'
Try 'date --help' for more information.
2021-07-03 20:41:53 | Failed to get status of passthroughvpn container id .
2021-07-03 20:41:53 | Obtaining the new Docker id, the container most likely updated or did rebuild.
2021-07-03 20:42:03 | Restarting Jackett (Container ID 2bd5d4e6b5927707b846cbf0e0e007c5315f0c74139df5a4643ce97695cd397f)
2bd5d4e6b5927707b846cbf0e0e007c5315f0c74139df5a4643ce97695cd397f
Error: No such object: 791a198e943ca7428dc7d23a5a5fefb1a02661414e6b2374effacba71fa5b20f
date: option requires an argument -- 'd'
Try 'date --help' for more information.
2021-07-03 20:53:39 | Failed to get status of passthroughvpn container id 791a198e943ca7428dc7d23a5a5fefb1a02661414e6b2374effacba71fa5b20f.
2021-07-03 20:53:39 | Obtaining the new Docker id, the container most likely updated or did rebuild.
Error: No such object: PassThroughVPN
"docker inspect" requires at least 1 argument.
See 'docker inspect --help'.

Usage: docker inspect [OPTIONS] NAME|ID [NAME|ID...]

 

Did you alter the script in any way? Did you change the name of the passthroughvpn container?

Could you go to your 'Docker' tab in unraid and check that the name of the passthroughvpn container is literally 'passthroughvpn' (no difference in capitalization)

And then check if the script matches this on the 4th line where it says 'PASSTHROUGHVPNNAME=passthroughvpn'

 

This error seems to be caused by a wrong container name, or wrong name in the script.

 

Edited by Dyon
Link to comment
21 minutes ago, Dyon said:

 

Did you alter the script in any way? Did you change the name of the passthroughvpn container?

Could you go to your 'Docker' tab in unraid and check that the name of the passthroughvpn container is literally 'passthroughvpn' (no difference in capitalization)

And then check if the script matches this on the 4th line where it says 'PASSTHROUGHVPNNAME=passthroughvpn'

 

This error seems to be caused by a wrong container name, or wrong name in the script.

 

I had it capitalized. I removed them in the container name and in the script for it then it started working.

Link to comment
  • 1 month later...

Good evening :)

I have the container installed and so far the logs say everything is working as expected. However I’m attempting to access other containers, and I believe I have followed your guide properly, but it’s not working.

Edit: I forgot to mention…
I added a network using the following:

 

docker network create container:passthroughvpn


Which then made it a selectable option in the drop down menu.


I added a port using the “Add another path,port,variable,device” and here is where my possible confusion is coming in. Your guide says the container port is the exposed port but that I need to access it using the host port you specified in the directions on GitHub. Want to confirm I have that correct in setting the port the service is expecting to be reached at as the Container port, and whatever port I want to use as the Host port.

That said, I like using the default ports of each service, so is that a possibility for me to do so?

Also, I know the container itself is working as it was working with the other VPN container I was using until I decided to switch.

 

Edit: I resolved the issue. I am accessing the web interfaces from my Wireguard VPN to the network, which reports me as being 172.x.x.x and in setting the LAN_NETWORK to match that resolved my issue. However, I did try setting it to 0.0.0.0/0 and that did not work, also doing “172.x.x.x/24, 192.x.x.x./24” did not work as well. I was still able to access via 172.x.x.x, but not 192.x.x.x. If that could be fixed somehow to allow access from multiple IP ranges that would be fantastic.

That said, great work! Glad to have found a “generic” VPN container, and if there is anything I can do to help out, let me know.

Edited by hackersarchangel
Added info
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.