Akagami Posted December 16, 2021 Share Posted December 16, 2021 i'm having the same issue, nordvpn support gave me this answer Unfortunately, since 3.12.2 update you need to log in through the browser. so headless server and docker apps will have some trouble i think Quote Link to comment
dgs2001 Posted December 16, 2021 Share Posted December 16, 2021 3 minutes ago, Akagami said: i'm having the same issue, nordvpn support gave me this answer Unfortunately, since 3.12.2 update you need to log in through the browser. so headless server and docker apps will have some trouble i think Yes it does seem there is an upstream issue. My streaming box is also now unable to authenticate with NordVPN. I haven't tried it and its not dockerized within CA yet, but Bubuntux has suggested using the NordLynx version of the app - https://github.com/bubuntux/nordlynx And if anybody else with better docker skills than me can help, here is a link to the Nord Instructions for how to dockerise the app - Official guide to Dockerise NordVPN app Quote Link to comment
Akagami Posted December 16, 2021 Share Posted December 16, 2021 4 minutes ago, dgs2001 said: Yes it does seem there is an upstream issue. My streaming box is also now unable to authenticate with NordVPN. I haven't tried it and its not dockerized within CA yet, but Bubuntux has suggested using the NordLynx version of the app - https://github.com/bubuntux/nordlynx im setting up a desktop ubuntu vm to try to login through the app (hoping it works) and get the private key to use that docker. support wont give out the private key directly (i tired to extract it throught the windows and android app with no luck) Quote Link to comment
Akagami Posted December 16, 2021 Share Posted December 16, 2021 (edited) 1 hour ago, Akagami said: im setting up a desktop ubuntu vm to try to login through the app (hoping it works) and get the private key to use that docker. this worked like a charm i got the privatekey, set up the bubuntux/nordlynx docker and i'm back up and running Edited December 16, 2021 by Akagami Quote Link to comment
max25 Posted December 16, 2021 Share Posted December 16, 2021 1 hour ago, Akagami said: this worked like a charm i got the privatekey, set up the bubuntux/nordlynx docker and i'm back up and running how did you do to extract the key? Quote Link to comment
Akagami Posted December 16, 2021 Share Posted December 16, 2021 (edited) 24 minutes ago, max25 said: how did you do to extract the key? on ubuntu desktop i installed the nordvpn app, wireguard and some extras via terminal sudo apt install wireguard sudo apt install jq sudo apt install curl sudo apt install net-tools sh <(curl -sSf https://downloads.nordcdn.com/apps/linux/install.sh) (i'm not sure if you also need to install the .deb package i had it install while experimenting on other things and dinìdnt bother removing it) rebooted again via terminal logged into nordvpn with sudo nordvpn login you get a link to copypaste in a browser to authenticate (thats why you need desktop version of ubuntu) set nordlynx protocol and connect to a server sudo nordvpn set technology nordlynx sudo nordvpn c at this point you can get the key with sudo wg show nordlynx private-key Edited December 16, 2021 by Akagami Quote Link to comment
galways Posted December 17, 2021 Share Posted December 17, 2021 Thanks Akagami, followed your lead and have everything backup and running. Quote Link to comment
dgs2001 Posted December 17, 2021 Share Posted December 17, 2021 13 hours ago, Akagami said: this worked like a charm i got the privatekey, set up the bubuntux/nordlynx docker and i'm back up and running Nice work, Do you fancy sharing a screenshot of your container settings (minus the private key of course) Thanks Quote Link to comment
Akagami Posted December 17, 2021 Share Posted December 17, 2021 set repository to ghcr.io/bubuntux/nordlynx in extra parameters add (the part after --sysctl is if you dont use ipv6) --device /dev/net/tun --cap-add=NET_ADMIN --sysctl net.ipv6.conf.all.disable_ipv6=1 add your private key variable add networks in CDIR you want to be able to acces the vpn from (ex 192.168.0.0/24) under allowed ip set filters or leave as is for all ip under query add any filters you want if needed (p2p obfuscsted specific country etc. as per NORDVPN API) for example for p2p servers filters\[servers_groups\]\[identifier\]=legacy_p2p add any ports you want to be able to acces from lan 1 Quote Link to comment
dgs2001 Posted December 17, 2021 Share Posted December 17, 2021 Following the information above from Akagami I was unable to get a fresh ubuntu desktop VM logged in to NORD so I had an interesting chat with Nord this morning and they confirmed there is an issue their end which they are working on to do with MFA. Basically even though a browser window shows logged in, if you have MFA active the linux terminal returns "You are not logged in" Nord confirmed they are trying to fix this and told me i had to dissable MFA in the meantime. Not the best from an otherwise seemingly reliable provider. Quote Link to comment
Akagami Posted December 17, 2021 Share Posted December 17, 2021 (edited) 23 minutes ago, dgs2001 said: Following the information above from Akagami I was unable to get a fresh ubuntu desktop VM logged in to NORD so I had an interesting chat with Nord this morning and they confirmed there is an issue their end which they are working on to do with MFA. Basically even though a browser window shows logged in, if you have MFA active the linux terminal returns "You are not logged in" Nord confirmed they are trying to fix this and told me i had to dissable MFA in the meantime. Not the best from an otherwise seemingly reliable provider. when you open the link in the browser, authenticate and then press on the go back to the application button on, you should get a prompt for wich application to run from there i had nordvpn already selected, when pressed it highlighted the terminal window and i was logged in. you can try to install the .deb package with the gui packet manager (after installing the terminal version) mabe i'ts need to link to the terminal app Edited December 17, 2021 by Akagami Quote Link to comment
matty2k Posted December 17, 2021 Share Posted December 17, 2021 1 hour ago, dgs2001 said: Following the information above from Akagami I was unable to get a fresh ubuntu desktop VM logged in to NORD so I had an interesting chat with Nord this morning and they confirmed there is an issue their end which they are working on to do with MFA. Basically even though a browser window shows logged in, if you have MFA active the linux terminal returns "You are not logged in" Nord confirmed they are trying to fix this and told me i had to dissable MFA in the meantime. Not the best from an otherwise seemingly reliable provider. Indeed! Deactivating MFA im NORDVPN Account makes it immediately possible to use the container again. TNXs for the Tipp. Quote Link to comment
Akagami Posted December 18, 2021 Share Posted December 18, 2021 support gave me an alternative: Run nordvpn login command on your Linux device. Open the provided link in any browser. Complete the login procedure. Right-click on the Return to the app button and select "Copy link address". Run nordvpn login --callback <URL> with the previously copied URL. Verify that login was successful with nordvpn account Quote Link to comment
Nexius2 Posted December 19, 2021 Share Posted December 19, 2021 same for me, cut MFA in nordvpn account and worked again.... hope they solve the issue fast Quote Link to comment
cracyfloyd Posted December 19, 2021 Share Posted December 19, 2021 (edited) Another question: is there a way to implement an exporter to use prometheus and grafana to make some thinks visible ?? like this: "https://github.com/veerendra2/nordvpn-exporter".... Edited December 19, 2021 by cracyfloyd Quote Link to comment
TheBotfather Posted December 20, 2021 Share Posted December 20, 2021 Has anyone found a solution for when the vpn connection drops, the kill switche kills the connection (which is great) but then stays disconnected indefinitely. I would like it to reconnect or at least attempt to reconnect at some point so it doesn't sit there and idle forever. I work a lot on the road and can't manually restart my machine often. 1 Quote Link to comment
FGRaid Posted December 23, 2021 Share Posted December 23, 2021 Hi everyone, I have followed Akagami information (thank you). It all went well and I can see that I am connected to the NordVPN country I wanted to. I have issue with the DNS resolution however: I can't ping anything on the Internet (LAN ping works fine). I get "ping: bad address 'www.google.com'. Same with curl ifconfig.io, I keep getting: "curl: (6) Could not resolve host: ifconfig.io. I have checked /etc/resolv.conf and it all looks fine (nameserver 103.86.96.100 and 103.86.99.100). Here is my extra parameters: --device /dev/net/tun --cap-add=NET_ADMIN --sysctl net.ipv6.conf.all.disable_ipv6=1 NET_LOCAL is my LAN subnet so this shouldn't be a problem either. Please let me know if you think of anything I could have missed for the DNS resolution. Thanks Quote Link to comment
tiny-e Posted December 30, 2021 Share Posted December 30, 2021 I've been noticing that this container seems to lose connectivity, which borks connectivity for other containers, more and more lately. Is there a keep alive function, or can there be one (feature request) that would restart the container/vpn connection and possibly call a script / restart other containers? TIA for any help/suggestions. Quote Link to comment
Nexius2 Posted January 2, 2022 Share Posted January 2, 2022 (edited) Hello, same issue again "Invalid Username or password." last time I disactivated MFA and it worked. I have just tried playing with MFA again with no luck. any ideas? edit: using :master constainer seems to work Edited January 2, 2022 by Nexius2 Quote Link to comment
Nexius2 Posted January 5, 2022 Share Posted January 5, 2022 today :master stopped working back to default and it works..... a bit annoying all this Quote Link to comment
Ender331 Posted January 11, 2022 Share Posted January 11, 2022 (edited) I have an issue where I cannot open the web UI of the docker container I have passing through this vpn tunnel. I double checked my ports, and the LAN net settings and they are correct. If one looks at the logs though the IP addresses for the subnet are wrong I had accidentally put in 10.10.42.0 once, then corrected it. My question is where is the location of the config file, and can I manually edit it to correct this issue? IP tables for ipv4: filter: -P INPUT DROP -P FORWARD DROP -P OUTPUT DROP -A INPUT -s 192.XXX.XXX.XXX/32 -i eth0 -j ACCEPT -A INPUT -s 10.10.42.0/24 -i eth0 -j ACCEPT -A INPUT -s 172.17.0.0/16 -i eth0 -j ACCEPT -A INPUT -i eth0 -j DROP -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -s 172.17.0.0/16 -i eth0 -j ACCEPT -A INPUT -s 10.10.42.0/24 -i eth0 -j ACCEPT -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i lo -j ACCEPT -A FORWARD -d 172.17.0.0/16 -i eth0 -j ACCEPT -A FORWARD -s 172.17.0.0/16 -i eth0 -j ACCEPT -A FORWARD -d 10.10.42.0/24 -i eth0 -j ACCEPT -A FORWARD -s 10.10.42.0/24 -i eth0 -j ACCEPT -A OUTPUT -d 192.XXX.XXX.XXX/32 -o eth0 -j ACCEPT -A OUTPUT -d 10.10.42.0/24 -o eth0 -j ACCEPT -A OUTPUT -d 172.17.0.0/16 -o eth0 -j ACCEPT -A OUTPUT -o eth0 -j DROP -A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A OUTPUT -o lo -j ACCEPT -A OUTPUT -o tap+ -j ACCEPT -A OUTPUT -o tun+ -j ACCEPT -A OUTPUT -o nordlynx+ -j ACCEPT -A OUTPUT -d 172.17.0.0/16 -o eth0 -j ACCEPT -A OUTPUT -o eth0 -p udp -m udp --dport 53 -j ACCEPT -A OUTPUT -o eth0 -p udp -m udp --dport 51820 -j ACCEPT -A OUTPUT -o eth0 -p tcp -m tcp --dport 1194 -j ACCEPT -A OUTPUT -o eth0 -p udp -m udp --dport 1194 -j ACCEPT -A OUTPUT -o eth0 -p tcp -m tcp --dport 443 -j ACCEPT -A OUTPUT -d 10.10.42.0/24 -o eth0 -j ACCEPT nat: Edited January 11, 2022 by Ender331 Quote Link to comment
Ender331 Posted January 11, 2022 Share Posted January 11, 2022 11 hours ago, Ender331 said: I have an issue where I cannot open the web UI of the docker container I have passing through this vpn tunnel. I double checked my ports, and the LAN net settings and they are correct. If one looks at the logs though the IP addresses for the subnet are wrong I had accidentally put in 10.10.42.0 once, then corrected it. My question is where is the location of the config file, and can I manually edit it to correct this issue? IP tables for ipv4: filter: -P INPUT DROP -P FORWARD DROP -P OUTPUT DROP -A INPUT -s 192.XXX.XXX.XXX/32 -i eth0 -j ACCEPT -A INPUT -s 10.10.42.0/24 -i eth0 -j ACCEPT -A INPUT -s 172.17.0.0/16 -i eth0 -j ACCEPT -A INPUT -i eth0 -j DROP -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -s 172.17.0.0/16 -i eth0 -j ACCEPT -A INPUT -s 10.10.42.0/24 -i eth0 -j ACCEPT -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i lo -j ACCEPT -A FORWARD -d 172.17.0.0/16 -i eth0 -j ACCEPT -A FORWARD -s 172.17.0.0/16 -i eth0 -j ACCEPT -A FORWARD -d 10.10.42.0/24 -i eth0 -j ACCEPT -A FORWARD -s 10.10.42.0/24 -i eth0 -j ACCEPT -A OUTPUT -d 192.XXX.XXX.XXX/32 -o eth0 -j ACCEPT -A OUTPUT -d 10.10.42.0/24 -o eth0 -j ACCEPT -A OUTPUT -d 172.17.0.0/16 -o eth0 -j ACCEPT -A OUTPUT -o eth0 -j DROP -A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A OUTPUT -o lo -j ACCEPT -A OUTPUT -o tap+ -j ACCEPT -A OUTPUT -o tun+ -j ACCEPT -A OUTPUT -o nordlynx+ -j ACCEPT -A OUTPUT -d 172.17.0.0/16 -o eth0 -j ACCEPT -A OUTPUT -o eth0 -p udp -m udp --dport 53 -j ACCEPT -A OUTPUT -o eth0 -p udp -m udp --dport 51820 -j ACCEPT -A OUTPUT -o eth0 -p tcp -m tcp --dport 1194 -j ACCEPT -A OUTPUT -o eth0 -p udp -m udp --dport 1194 -j ACCEPT -A OUTPUT -o eth0 -p tcp -m tcp --dport 443 -j ACCEPT -A OUTPUT -d 10.10.42.0/24 -o eth0 -j ACCEPT nat: Ok, for a clarification. I know my Transmission docker is going through nordvpn, it gets the same ip address. the issue is I cannot connect to the web UI. My router is 10.10.42.1, it shows 10.10.42.1/24 as its ip range. I set the LAN net to 10.10.42.1/24 added thew 9091 port for transmission on TCP, still cannot connect. the logs clearly show that NordVPN forwards to 10.10.42.0/24. Does anyone know what I am doing wrong, and how can I fix it? Where is the container folder for this, can I manually delete the config? Have removed, replaced, the container. Have stopped docker, etc. Quote Link to comment
TheBotfather Posted January 25, 2022 Share Posted January 25, 2022 #!/bin/bash docker stop -t 90 nordvpn docker stop -t 90 qbittorrent docker stop -t 90 overseerr docker stop -t 90 jackett docker stop -t 90 lidarr docker stop -t 90 radarr docker stop -t 90 sonarr sleep 90 docker start nordvpn sleep 90 docker start qbittorrent docker start overseerr docker start jackett docker start lidarr docker start radarr docker start sonarr Losing connectivity at least once or twice a day, I can't often check my server to see if it's still working so I've been using the above script on a once a day schedule to at least help keep it going. Does anyone have a more elegant solution to this? Quote Link to comment
tiny-e Posted January 25, 2022 Share Posted January 25, 2022 Not sure how to pull this off... but I'd think a script could (possibly?)-..... Get the public ip of the server via something like ifconfig.io bash into the nordvpn docker container and run some commands (nordvpn status, curl ifconfig.io, etc., ) See if nordvpn status reports "connected" Get the external IP and compare to the public ip restart nordvpn or the container, or a list of containers, etc., if needed. I'm doing something like this: (I'm a total noob, so please excuse if it's clunky) #!/bin/bash echo Restarting NordVPN docker restart nordvpn sleep 10 for value in prowlarr headphones lidarr Overseerr radarr readarr sonarr sabnzbd transmission do echo Restarting: $value docker restart $value sleep 1 done Quote Link to comment
SimpleDino Posted February 1, 2022 Share Posted February 1, 2022 (edited) For anyone that wants to test the speed of the container they can run speedtest-cli: Open NordVPN console and run these commands: sudo apt update sudo apt install speedtest-cli speedtest-cli If you reboot or restart the container then you must run the commands again. Edited February 1, 2022 by SimpleDino forgot install word Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.