[Support] binhex - DelugeVPN


Recommended Posts

On 10/6/2020 at 6:22 AM, binhex said:

yeah thats something for me to look at as it looks like something has changed on the remote site, however it will fall back to the next website to check for incoming port so that is not the issue, most probably you havent switch to next-gen and thus you are seeing the crumbling legacy-gen network issues.

Would you be willing to provide a link/instructions on how to switch to next-gen?  

Link to comment

Hi,

   Need some help.  A few days ago my delugevpn container stopped working.  When I try to go to the web UI it's saying unable to connect. 

In the logs I can see the following

 


2020-10-08 22:38:14,229 DEBG 'start-script' stdout output:
Thu Oct 8 22:38:14 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Oct 8 22:38:14 2020 TLS Error: TLS handshake failed

2020-10-08 22:38:14,229 DEBG 'start-script' stdout output:
Thu Oct 8 22:38:14 2020 SIGHUP[soft,tls-error] received, process restarting

2020-10-08 22:38:14,230 DEBG 'start-script' stdout output:
Thu Oct 8 22:38:14 2020 WARNING: file 'credentials.conf' is group or others accessible

 

 

I can connect to the vpn server via a Windows client.   So the VPN server is diffo there.   Is the above error essentially telling me that I've somehow got the wrog username/password?   I'm sure I havn't changed it but I'm happy to work from step 1 in diagnosing what's happened.   Any help on where to look first?

my credentials.conf file looks ok.

 

 

Link to comment
3 hours ago, unraid-user said:

Hi,

   Need some help.  A few days ago my delugevpn container stopped working.  When I try to go to the web UI it's saying unable to connect. 

In the logs I can see the following

 


2020-10-08 22:38:14,229 DEBG 'start-script' stdout output:
Thu Oct 8 22:38:14 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Oct 8 22:38:14 2020 TLS Error: TLS handshake failed

2020-10-08 22:38:14,229 DEBG 'start-script' stdout output:
Thu Oct 8 22:38:14 2020 SIGHUP[soft,tls-error] received, process restarting

2020-10-08 22:38:14,230 DEBG 'start-script' stdout output:
Thu Oct 8 22:38:14 2020 WARNING: file 'credentials.conf' is group or others accessible

 

 

I can connect to the vpn server via a Windows client.   So the VPN server is diffo there.   Is the above error essentially telling me that I've somehow got the wrog username/password?   I'm sure I havn't changed it but I'm happy to work from step 1 in diagnosing what's happened.   Any help on where to look first?

my credentials.conf file looks ok.

 

 

I'd say check the permissions on your credentials.conf file or if you haven't switched to next-gen yet, see the post above yours.

Link to comment

I'm not able to see any of the VPN clients in my CA tab for some reason (delugevpn,  sabnzbdvpn, etc.). I just reinstalled unraid the other day with v6.8.3 and I installed those dockers when I installed unraid but needed to remove them completely and reinstall. But when I went to go install them from CA they just were not there. Any ideas?

Edited by ToneDawgOG
Link to comment
19 minutes ago, ToneDawgOG said:

I'm not able to see any of the VPN clients in my CA tab for some reason (delugevpn,  sabnzbdvpn, etc.). I just reinstalled unraid the other day with v6.8.3 and I installed those dockers when I installed unraid but needed to remove them completely and reinstall. But when I went to go install them from CA they just were not there. Any ideas?

thanks for reporting this, it was due to brackets and backticks in the reworked description, this has now been fixed so next time CA parses the xml it should then re-add these back in and should be visible to add.

Link to comment
7 minutes ago, binhex said:

thanks for reporting this, it was due to brackets and backticks in the reworked description, this has now been fixed so next time CA parses the xml it should then re-add these back in and should be visible to add.

Awesome! I'm glad that I haven't entirely lost my mind

  • Haha 1
Link to comment
2 minutes ago, Albeyon said:

Whoops... Sorry for not including this in my initial post, my bad! supervisord.log

supervisord.log 702.89 kB · 1 download

here is a snippet from your log:-

020-10-09 14:41:09,753 DEBG 'start-script' stdout output:
[info] Port forwarding is enabled
[info] Checking endpoint 'swiss.privateinternetaccess.com' is port forward enabled...

2020-10-09 14:41:10,251 DEBG 'start-script' stdout output:
[warn] PIA endpoint 'swiss.privateinternetaccess.com' is not in the list of endpoints that support port forwarding, DL/UL speeds maybe slow
[info] Please consider switching to one of the endpoints shown below

2020-10-09 14:41:10,251 DEBG 'start-script' stdout output:
[info] List of PIA endpoints that support port forwarding:-
[info] ca-toronto.privateinternetaccess.com
[info] ca-montreal.privateinternetaccess.com
[info] ca-vancouver.privateinternetaccess.com
[info] de-berlin.privateinternetaccess.com
[info] de-frankfurt.privateinternetaccess.com
[info] france.privateinternetaccess.com
[info] czech.privateinternetaccess.com
[info] spain.privateinternetaccess.com
[info] ro.privateinternetaccess.com
[info] israel.privateinternetaccess.com

2020-10-09 14:41:10,251 DEBG 'start-script' stdout output:
[info] Attempting to get dynamically assigned port...

2020-10-09 14:41:10,288 DEBG 'start-script' stdout output:
[warn] PIA VPN port assignment API currently down, terminating OpenVPN process to force retry for incoming port...

so you have two issues, firstly you are trying to force strict port forwarding whilst connecting to a endpoint that doesnt support port forwarding, see above, and secondly you are using PIA legacy network, you most probably want to switch over to next-gen as legacy network will be shutdown at the end of this month (according to pia), instructions for switching are here Q19:- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md

 

  • Thanks 1
Link to comment
30 minutes ago, binhex said:

here is a snippet from your log:-


020-10-09 14:41:09,753 DEBG 'start-script' stdout output:
[info] Port forwarding is enabled
[info] Checking endpoint 'swiss.privateinternetaccess.com' is port forward enabled...

2020-10-09 14:41:10,251 DEBG 'start-script' stdout output:
[warn] PIA endpoint 'swiss.privateinternetaccess.com' is not in the list of endpoints that support port forwarding, DL/UL speeds maybe slow
[info] Please consider switching to one of the endpoints shown below

2020-10-09 14:41:10,251 DEBG 'start-script' stdout output:
[info] List of PIA endpoints that support port forwarding:-
[info] ca-toronto.privateinternetaccess.com
[info] ca-montreal.privateinternetaccess.com
[info] ca-vancouver.privateinternetaccess.com
[info] de-berlin.privateinternetaccess.com
[info] de-frankfurt.privateinternetaccess.com
[info] france.privateinternetaccess.com
[info] czech.privateinternetaccess.com
[info] spain.privateinternetaccess.com
[info] ro.privateinternetaccess.com
[info] israel.privateinternetaccess.com

2020-10-09 14:41:10,251 DEBG 'start-script' stdout output:
[info] Attempting to get dynamically assigned port...

2020-10-09 14:41:10,288 DEBG 'start-script' stdout output:
[warn] PIA VPN port assignment API currently down, terminating OpenVPN process to force retry for incoming port...

so you have two issues, firstly you are trying to force strict port forwarding whilst connecting to a endpoint that doesnt support port forwarding, see above, and secondly you are using PIA legacy network, you most probably want to switch over to next-gen as legacy network will be shutdown at the end of this month (according to pia), instructions for switching are here Q19:- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md

 

Aaaaaand fixed - thanks for your help @binhex - and thanks for all the work you do with your dockers, they're awesome! 

  • Like 1
Link to comment
17 hours ago, unraid-user said:

Hi,

   Need some help.  A few days ago my delugevpn container stopped working.  When I try to go to the web UI it's saying unable to connect. 

In the logs I can see the following

 


2020-10-08 22:38:14,229 DEBG 'start-script' stdout output:
Thu Oct 8 22:38:14 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Oct 8 22:38:14 2020 TLS Error: TLS handshake failed

2020-10-08 22:38:14,229 DEBG 'start-script' stdout output:
Thu Oct 8 22:38:14 2020 SIGHUP[soft,tls-error] received, process restarting

2020-10-08 22:38:14,230 DEBG 'start-script' stdout output:
Thu Oct 8 22:38:14 2020 WARNING: file 'credentials.conf' is group or others accessible

 

 

I can connect to the vpn server via a Windows client.   So the VPN server is diffo there.   Is the above error essentially telling me that I've somehow got the wrog username/password?   I'm sure I havn't changed it but I'm happy to work from step 1 in diagnosing what's happened.   Any help on where to look first?

my credentials.conf file looks ok.

 

 

 

I'm having similar issues, I don't use PIA but I've not been able to connect for a few days.  I can connect using my Windows PC to the same VPN server so I know their server is working.

 

Attached debug log file, hopefully that helps.

 

I also have the credential file warning but believe that is just a message to advise the attributes aren't set to restricted user access

 

*Edit, this log doesn't show the TLS error message shown above but I did see it this morning before making the setting change to debug and uploading here.

 

Edited by gr021857
remote log
Link to comment
10 minutes ago, gr021857 said:

 

I'm having similar issues, I don't use PIA but I've not been able to connect for a few days.  I can connect using my Windows PC to the same VPN server so I know their server is working.

 

Attached debug log file, hopefully that helps.

 

I also have the credential file warning but believe that is just a message to advise the attributes aren't set to restricted user access

 

*Edit, this log doesn't show the TLS error message shown above but I did see it this morning before making the setting change to debug and uploading here.

delugevpn_log_09102020.txt 37.76 kB · 1 download

its not the same issue, from your log:-

2020-10-09 15:47:53,033 DEBG 'start-script' stdout output:
Fri Oct 9 15:47:53 2020 [VPN] Inactivity timeout (--ping-restart), restarting

see here Q17 :- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md

Link to comment

Hello,

I am having issues with the network slowing down while torrenting. I am using the Nord OpenVPN profiles and have tried two with the same issues. The torrents become really slow then stop. When looking on my router, the packet loss increases to around 70% and latency also increases and the speeds for everyone on the network drop.

In our old setup, we had the same issue until we changed it to the NordLynx protocol and all the issues went away, although I cannot do this on the docker. I have a feeling that the ISP might be throttling. I would like to know if there is any other way to get this to work.

Many Thanks, Tom.

Link to comment
6 minutes ago, binhex said:

its not the same issue, from your log:-


2020-10-09 15:47:53,033 DEBG 'start-script' stdout output:
Fri Oct 9 15:47:53 2020 [VPN] Inactivity timeout (--ping-restart), restarting

see here Q17 :- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md

Thanks for getting back to me so quickly, I've attached a screenshot of my setup, config path on the docker, openvpn folder within it on the network drive view and then the 3 files required within it.  These files have been there since February when I last changed my vpn provider, the container has been working great until this week.  (I was concerned about the dates being today on the ovpn and credentials files but the docker updates those modified dates when I restart it).

 

To be completely sure before posting this reply I've just wiped out the folder, re-downloaded the .crt, downloaded a different location server ovpn file and I'm now getting the TLS error in the newly attached log.  Previously I was only seeing it occasionally but now it is repeating frequently.  The TLS error refers to checking your network connection but it must have connectivity as it obtains the IP address of the VPN server in the logs?

delugevpn_setup_09102020.png

delugevpn_log_09102020_v2.txt

Link to comment
13 minutes ago, gr021857 said:

To be completely sure before posting this reply I've just wiped out the folder, re-downloaded the .crt, downloaded a different location server ovpn file and I'm now getting the TLS error in the newly attached log.  Previously I was only seeing it occasionally but now it is repeating frequently.  The TLS error refers to checking your network connection but it must have connectivity as it obtains the IP address of the VPN server in the logs?

from your log:-

 

2020-10-09 17:06:50,023 DEBG 'start-script' stdout output:
Fri Oct 9 17:06:50 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

Fri Oct 9 17:06:50 2020 TLS Error: TLS handshake failed

so there are connectivity issues between you and slickvpn, try another endpoint/location, or last ditch is to contact slickvpn, its no doubt an issue on their end, or an internet connectivity issue on your end.

Edited by binhex
Link to comment
On 10/8/2020 at 7:50 AM, binhex said:

guinea pig time again - wireguard support now in, if you are interested then see here:-

https://forums.unraid.net/topic/44109-support-binhex-delugevpn/?do=findComment&comment=433617

 

Guinea pig reporting in.

Switching to WireGuard was simple and worked flawlessly. I'm on the east coast and now getting 800Mbps into Montreal.

Thanks for adding WireGuard to your containers.

 

Had to buy you that beer for all the hard work you do on all your Unraid containers.

  • Like 1
Link to comment
57 minutes ago, TrueImpulse said:

Guinea pig reporting in.

Switching to WireGuard was simple and worked flawlessly. I'm on the east coast and now getting 800Mbps into Montreal.

Thanks for adding WireGuard to your containers.

 

Had to buy you that beer for all the hard work you do on all your Unraid containers.

I agree.  Slapped the speedtest cli into the container and ran it just to see how quick it is:

 

   Speedtest by Ookla

     Server: Fibrenoire Internet - Montreal, QC (id = 911)
        ISP: Performive
    Latency:    11.25 ms   (0.81 ms jitter)
   Download:   558.25 Mbps (data used: 723.1 MB)                               
     Upload:   283.67 Mbps (data used: 322.1 MB)                               
Packet Loss:     0.0%
 Result URL: https://www.speedtest.net/result/c/7215d13b-346b-4fb4-9eb1-d2f150bffb25

   Speedtest by Ookla

     Server: Connect it Networks - Montreal, QC (id = 22079)
        ISP: Performive
    Latency:    11.57 ms   (0.84 ms jitter)
   Download:   566.00 Mbps (data used: 545.8 MB)                               
     Upload:   291.65 Mbps (data used: 343.3 MB)                               
Packet Loss:     0.0%
 Result URL: https://www.speedtest.net/result/c/ca7f430e-dbc9-49a6-94ca-69e7fe83d793

Ran it twice to make sure it wasn't a fluke.  Super speedy!

  • Like 1
Link to comment
47 minutes ago, binhex said:

from your log:-

 


2020-10-09 17:06:50,023 DEBG 'start-script' stdout output:
Fri Oct 9 17:06:50 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

Fri Oct 9 17:06:50 2020 TLS Error: TLS handshake failed

so there are connectivity issues between you and slickvpn, try another endpoint/location, or last ditch is to contact slickvpn, its no doubt an issue on their end, or an internet connectivity issue on your end.

Damn sorry, should have checked that new server I picked from the website locations list was actually working on Windows *rookie mistake!* 😢.  I've switched to a working one and confirmed it works on Windows where it connects fine.  The docker isn't connecting (TLS message has gone now) it sits at the section below for half an hour then tries again and hangs in the same place, I've attached the new log file for this working server).

 

2020-10-09 17:36:07,569 DEBG 'start-script' stdout output:
[debug] Waiting for valid local and gateway IP addresses from tunnel...

2020-10-09 17:36:07,571 DEBG 'start-script' stdout output:
Fri Oct 9 17:36:07 2020 Initialization Sequence Completed

2020-10-09 18:06:46,069 DEBG 'start-script' stdout output:
Fri Oct 9 18:06:46 2020 [VPN] Inactivity timeout (--ping-restart), restarting

 

I don't know if it will help but I used the console of the delugevpn docker container whilst it is in this state and I can successfully ping google.com, the ip address of the vpn server it is trying to connect to and a local ip address all with returned pings (cut out repeat responses and left statistics):

Slick server

sh-5.0# ping 146.185.17.165
PING 146.185.17.165 (146.185.17.165) 56(84) bytes of data.
64 bytes from 146.185.17.165: icmp_seq=1 ttl=54 time=13.5 ms
--- 146.185.17.165 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 13.466/13.472/13.479/0.006 ms

 

Google.com

sh-5.0# ping google.com
PING google.com (142.250.64.78) 56(84) bytes of data.
64 bytes from lga34s30-in-f14.1e100.net (142.250.64.78): icmp_seq=1 ttl=116 time=83.0 ms
--- google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 8154ms
rtt min/avg/max/mdev = 82.213/84.800/92.661/3.961 ms

 

Local IP

sh-5.0# ping 192.168.0.15

PING 192.168.0.15 (192.168.0.15) 56(84) bytes of data.
64 bytes from 192.168.0.15: icmp_seq=1 ttl=63 time=188 ms
--- 192.168.0.15 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4002ms
rtt min/avg/max/mdev = 8.746/350.446/991.771/353.807 ms

 

Thanks for your patience with this :)

delugevpn_log_09102020_v3.txt

Link to comment
5 hours ago, gr021857 said:

Damn sorry, should have checked that new server I picked from the website locations list was actually working on Windows *rookie mistake!* 😢.  I've switched to a working one and confirmed it works on Windows where it connects fine.  The docker isn't connecting (TLS message has gone now) it sits at the section below for half an hour then tries again and hangs in the same place, I've attached the new log file for this working server).

 

2020-10-09 17:36:07,569 DEBG 'start-script' stdout output:
[debug] Waiting for valid local and gateway IP addresses from tunnel...

2020-10-09 17:36:07,571 DEBG 'start-script' stdout output:
Fri Oct 9 17:36:07 2020 Initialization Sequence Completed

2020-10-09 18:06:46,069 DEBG 'start-script' stdout output:
Fri Oct 9 18:06:46 2020 [VPN] Inactivity timeout (--ping-restart), restarting

 

I don't know if it will help but I used the console of the delugevpn docker container whilst it is in this state and I can successfully ping google.com, the ip address of the vpn server it is trying to connect to and a local ip address all with returned pings (cut out repeat responses and left statistics):

Slick server

sh-5.0# ping 146.185.17.165
PING 146.185.17.165 (146.185.17.165) 56(84) bytes of data.
64 bytes from 146.185.17.165: icmp_seq=1 ttl=54 time=13.5 ms
--- 146.185.17.165 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 13.466/13.472/13.479/0.006 ms

 

Google.com

sh-5.0# ping google.com
PING google.com (142.250.64.78) 56(84) bytes of data.
64 bytes from lga34s30-in-f14.1e100.net (142.250.64.78): icmp_seq=1 ttl=116 time=83.0 ms
--- google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 8154ms
rtt min/avg/max/mdev = 82.213/84.800/92.661/3.961 ms

 

Local IP

sh-5.0# ping 192.168.0.15

PING 192.168.0.15 (192.168.0.15) 56(84) bytes of data.
64 bytes from 192.168.0.15: icmp_seq=1 ttl=63 time=188 ms
--- 192.168.0.15 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4002ms
rtt min/avg/max/mdev = 8.746/350.446/991.771/353.807 ms

 

Thanks for your patience with this :)

delugevpn_log_09102020_v3.txt 28.76 kB · 1 download

So I am having the exact same issue, Even getting the TLS errors at times. I am thinking Slickvpn may block us from connecting after a number of tries because I changed servers both times I ran into it and it went away. 

 

 

2020-10-09 15:20:06,709 DEBG 'start-script' stdout output:
Fri Oct 9 15:20:06 2020 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10

2020-10-09 15:20:11,709 DEBG 'start-script' stdout output:
Fri Oct 9 15:20:11 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2020-10-09 15:20:11,709 DEBG 'start-script' stdout output:
Fri Oct 9 15:20:11 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]192.171.19.130:443
Fri Oct 9 15:20:11 2020 UDP link local: (not bound)

2020-10-09 15:20:11,710 DEBG 'start-script' stdout output:
Fri Oct 9 15:20:11 2020 UDP link remote: [AF_INET]192.171.19.130:443

2020-10-09 15:20:34,563 DEBG 'start-script' stdout output:
Fri Oct 9 15:20:34 2020 [VPN] Peer Connection Initiated with [AF_INET]192.171.19.130:443

2020-10-09 15:20:35,803 DEBG 'start-script' stdout output:
Fri Oct 9 15:20:35 2020 TUN/TAP device tun0 opened
Fri Oct 9 15:20:35 2020 /usr/bin/ip link set dev tun0 up mtu 1500

2020-10-09 15:20:35,804 DEBG 'start-script' stdout output:
Fri Oct 9 15:20:35 2020 /usr/bin/ip addr add dev tun0 local 10.10.8.10 peer 10.10.8.9

2020-10-09 15:20:35,805 DEBG 'start-script' stdout output:
Fri Oct 9 15:20:35 2020 /root/openvpnup.sh tun0 1500 1557 10.10.8.10 10.10.8.9 init

2020-10-09 15:20:35,808 DEBG 'start-script' stdout output:
[debug] Waiting for valid local and gateway IP addresses from tunnel...

2020-10-09 15:20:35,809 DEBG 'start-script' stdout output:
Fri Oct 9 15:20:35 2020 Initialization Sequence Completed

 

 

Are you using a core subscription? I am so just asking incase that may be related. 

 

I have figured out if I roll back to the below version, It works, but I think the VPN is disconnecting every 12-24 hours. Just pointed to a new slickvpn server, im hoping that helps. 

binhex/arch-delugevpn:2.0.4.dev38_g23a48dd01-2-06

 

Any thing major happen to change after 01-2-06?

 

I have tried the later versions with new docker config folders and can't get them to connect either. Same end point in the logs. 

 

 

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.