Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] binhex - rTorrentVPN

Featured Replies

Please be nice but I can't seem to get RSS feeds working. I have never used feeds before. My private tracker site has a step by step how to generate a URL then paste in to feeds. When I hit submit I get an error. Does this docker support RSS? Do I have to activate something I'm settings before using it? I have not touched anything in settings it is all default.

Thank you

 

Sent from my Nexus 5X using Tapatalk

 

  • Replies 3k
  • Views 610.2k
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • OK guys, multi remote endpoint support is now in for this image please pull down the new image (this change will be rolled out to all my vpn images shortly).   What this means is that the im

  • @binhex Any plans to update this docker now when ruTorrent 4.0.1 is released? Seems like a very nice update from them.

  • its very possible that there was an issue with autodl-irssi at the time of the build (pulls from master branch), and this issue has now been resolved, so subsequent builds are ok, i will create a new

Posted Images

Hello,

 

I am trying to install this docker but it becomes an orphaned image.

I ensures the volume mappings exist in my cache, i tried host and bridged mode and it continues to show orphaned.

 

I have Binhex sickbeard and sab installed and works perfectly.

Any advise?

I can't seem to figure out what ports to forward, I'm using the default setup, anyone mind helping?

  • Author

I can't seem to figure out what ports to forward, I'm using the default setup, anyone mind helping?

 

the only optional port to forward is for the web interface, and thats only if you want to get access to rutorrent whilst out and about. all other ports are talking over the vpn tunnel, so you dont need to worry about opening up an incoming/outgoing port on your router for torrent traffic.

I can't seem to figure out what ports to forward, I'm using the default setup, anyone mind helping?

 

the only optional port to forward is for the web interface, and thats only if you want to get access to rutorrent whilst out and about. all other ports are talking over the vpn tunnel, so you dont need to worry about opening up an incoming/outgoing port on your router for torrent traffic.

 

None of my private trackers are reporting I'm seeding/leeching.  I set the report ip to my actual IP (seeing how they don't allow VPN website access).  Is there something I'm doing wrong?

None of my private trackers are reporting I'm seeding/leeching.  I set the report ip to my actual IP (seeing how they don't allow VPN website access).  Is there something I'm doing wrong?

Not sure what you mean by not allowing VPN website access. Port forwarding is handled automatically if you are using PIA, and then only if you are using one of the gateways that has it enabled. If you are using another VPN provider, you will need to refer to their support to figure out if they even support incoming ports, many VPN providers don't.

Sonarr adds everything as "pausing" for some reason.  I have looked extensively and it appears as though it is permissions or a path not being seen.  I have confirmed the path variables I am passing through the containers and set the directories as permissive as possible (0777) and it shows as paused in both.  Honestly, thinking of skipping sonarr as it has been nothing but finicky within a container although in fairness, I am certain it is me, not sonarr.  I use a private tracker for 95% of everything I get and would just like the shows to come down automatically, but is seems incredibly difficult to get these pieces working where it downloads and then moves into final destination under the show directories....

 

These containers are fantastic though, the VPN insertion makes life so easy to get them spun up.  Just cannot seem to get the shows coming down without showing up as paused when called from Sonarr.  If I do a torrent on it's own, it completes and seeds fine.  Thanks for any insight.

None of my private trackers are reporting I'm seeding/leeching.  I set the report ip to my actual IP (seeing how they don't allow VPN website access).  Is there something I'm doing wrong?

Not sure what you mean by not allowing VPN website access. Port forwarding is handled automatically if you are using PIA, and then only if you are using one of the gateways that has it enabled. If you are using another VPN provider, you will need to refer to their support to figure out if they even support incoming ports, many VPN providers don't.

 

Meaning when I'm on the trackers site, I'm not connected via VPN, therefore the docker reports whatever VPN I'm connected to (example 10.10.1.10) where my actual IP is 104.104.12.192.  The tracker I'm using doesn't show me any stats (no ratio, dl, upld etc).

Hello every time i try to install this it becomes an orphaned image.

 

I've deleted the settings folders, tried moving them to a different locaiton but still i get the same problem.

 

Can anyone help please?

I've been trying to get this to work with reverse proxy on my nginx installation, but no luck so far.

 

It's set up like this:

 

location /rutorrent {
    include /config/nginx/include/proxy-control.conf;
    proxy_pass http://192.168.0.5:9080;
    proxy_redirect default;
}

 

proxy-control.conf contains:

client_max_body_size 10m;
client_body_buffer_size 128k;

#Timeout if the real server is dead
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

# Advanced Proxy Config
send_timeout 5m;
proxy_read_timeout 240;
proxy_send_timeout 240;
proxy_connect_timeout 240;

# Basic Proxy Config
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect  http://  $scheme://;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
proxy_buffers 32 4k;

 

When i visit mydomain.tld/rutorrent i get the nginx auth prompt but then it just throws a 404.

 

Any ideas on what i'm doing wrong?

I have reverse proxy working fine with CP, Sonarr, Plexpy, Trasmission and unRaid itself.

 

Edit: i can see in the docket log that it outputs the following error:

2016/10/11 01:11:23 [error] 687#687: *1 "/usr/share/webapps/rutorrent/rutorrent/index.html" is not found (2: No such file or directory)

 

with the second rutorrent being my reverse proxy location (mydomain.tld/rutorrent) which is obviously breaking functionality since it's looking for ruTorrent in the wrong pace. How is this solved?

Hello every time i try to install this it becomes an orphaned image.

 

I've deleted the settings folders, tried moving them to a different locaiton but still i get the same problem.

 

Can anyone help please?

This is what we need to see: http://lime-technology.com/forum/index.php?topic=40937.msg481150#msg481150

 

Thanks squid, actually one of your earlier posts suggested to update the UI for unraid and it fixed it.

 

FYI though, the Rutorrent WebGUI config doesn't make any updates to rtorrent.rc.

 

I have to manually go in and make the changes via terminal.

So things like changing ports and limiting speed connections on the WebGUI don't work.

Hey @binhex. Thanks again for this docker, its awesome.

 

I'm wondering if you have any suggestions with my issue. Are you aware of a way to have rtorrent download torrents labeled "movies" (from couch) to one folder and labeled "tv" from sonarr to a different folder? I believe this setup would prevent couch from incorrectly trying to process tv shows added by sonarr.

 

Any suggestions/input would help

 

Thanks!

  • 2 weeks later...

Does this docker support RSS FEEDS out of the box or do I need to do some additional set up? Also I there a guide out there for this dock that shows how to set things up that someone can point me towards.

 

Thank you

 

Sent from my Nexus 5X using Tapatalk

 

 

  • Author

Does this docker support RSS FEEDS out of the box or do I need to do some additional set up? Also I there a guide out there for this dock that shows how to set things up that someone can point me towards.

 

Thank you

 

Sent from my Nexus 5X using Tapatalk

Yes it does support RSS feeds, as far as guides are concerned you just need to configure the env vars by switching to advanced mode, once this is fine then you can configure the application as you see fit. If this is your first docker then you might consider something simpler to get you used to volume mappings and port mappings first.

 

Sent from my LG-V500 using Tapatalk

 

 

Does this docker support RSS FEEDS out of the box or do I need to do some additional set up? Also I there a guide out there for this dock that shows how to set things up that someone can point me towards.

 

Thank you

 

Sent from my Nexus 5X using Tapatalk

Yes it does support RSS feeds, as far as guides are concerned you just need to configure the env vars by switching to advanced mode, once this is fine then you can configure the application as you see fit. If this is your first docker then you might consider something simpler to get you used to volume mappings and port mappings first.

 

Sent from my LG-V500 using Tapatalk

Thank you for the response. I have been using this docker for 6 months now adding files manually. I am new to unRAID and dockers as a whole.

So your telling me that I have to turn on this function? What is "Env Vars"?

 

Sent from my Nexus 5X using Tapatalk

 

Hello,

 

i've been running this for a couple of weeks now and seems to work fine.

 

In the log file I see the below output every hour.

I did some research and apparently the keys are being renegotiated and it should not cause any interruption in the connection. I just want to confirm that this is in fact what is going on here.

 

Thanks

 

2016-10-24 11:02:05,170 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:05 2016 TLS: tls_process: killed expiring key

2016-10-24 11:02:11,163 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 WARNING: file 'credentials.conf' is group or others accessible

2016-10-24 11:02:11,313 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, [email protected]

2016-10-24 11:02:11,314 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 Validating certificate key usage

2016-10-24 11:02:11,315 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 ++ Certificate has key usage 00a0, expects 00a0

2016-10-24 11:02:11,316 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY KU OK

2016-10-24 11:02:11,316 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 Validating certificate extended key usage

2016-10-24 11:02:11,317 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication

2016-10-24 11:02:11,318 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY EKU OK

2016-10-24 11:02:11,319 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, [email protected]

2016-10-24 11:02:15,204 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:15 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Oct 24 11:02:15 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Oct 24 11:02:15 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Oct 24 11:02:15 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

2016-10-24 11:02:15,216 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:15 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA

  • Author

Hello,

 

i've been running this for a couple of weeks now and seems to work fine.

 

In the log file I see the below output every hour.

I did some research and apparently the keys are being renegotiated and it should not cause any interruption in the connection. I just want to confirm that this is in fact what is going on here.

 

Thanks

 

2016-10-24 11:02:05,170 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:05 2016 TLS: tls_process: killed expiring key

2016-10-24 11:02:11,163 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 WARNING: file 'credentials.conf' is group or others accessible

2016-10-24 11:02:11,313 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, [email protected]

2016-10-24 11:02:11,314 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 Validating certificate key usage

2016-10-24 11:02:11,315 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 ++ Certificate has key usage 00a0, expects 00a0

2016-10-24 11:02:11,316 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY KU OK

2016-10-24 11:02:11,316 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 Validating certificate extended key usage

2016-10-24 11:02:11,317 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication

2016-10-24 11:02:11,318 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY EKU OK

2016-10-24 11:02:11,319 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, [email protected]

2016-10-24 11:02:15,204 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:15 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Oct 24 11:02:15 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Oct 24 11:02:15 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Oct 24 11:02:15 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

2016-10-24 11:02:15,216 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:15 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA

 

can you post the contents of your ovpn file, im assuming it has "reneg" defined in there but i would like to take a look.

Hello,

 

i've been running this for a couple of weeks now and seems to work fine.

 

In the log file I see the below output every hour.

I did some research and apparently the keys are being renegotiated and it should not cause any interruption in the connection. I just want to confirm that this is in fact what is going on here.

 

Thanks

 

2016-10-24 11:02:05,170 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:05 2016 TLS: tls_process: killed expiring key

2016-10-24 11:02:11,163 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 WARNING: file 'credentials.conf' is group or others accessible

2016-10-24 11:02:11,313 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, [email protected]

2016-10-24 11:02:11,314 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 Validating certificate key usage

2016-10-24 11:02:11,315 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 ++ Certificate has key usage 00a0, expects 00a0

2016-10-24 11:02:11,316 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY KU OK

2016-10-24 11:02:11,316 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 Validating certificate extended key usage

2016-10-24 11:02:11,317 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication

2016-10-24 11:02:11,318 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY EKU OK

2016-10-24 11:02:11,319 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, [email protected]

2016-10-24 11:02:15,204 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:15 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Oct 24 11:02:15 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Oct 24 11:02:15 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Oct 24 11:02:15 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

2016-10-24 11:02:15,216 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:15 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA

 

can you post the contents of your ovpn file, im assuming it has "reneg" defined in there but i would like to take a look.

 

It does not, here it is;

 

client
dev tun
resolv-retry infinite
nobind
persist-key
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
route-delay 5
verb 3
explicit-exit-notify 5
<ca>
-----BEGIN CERTIFICATE-----

 

Also the container config is;

 

<Variable>
      <Name>VPN_ENABLED</Name>
      <Value>yes</Value>
    </Variable>
    <Variable>
      <Name>VPN_USER</Name>
      <Value>#######</Value>
    </Variable>
    <Variable>
      <Name>VPN_PASS</Name>
      <Value>#######</Value>
    </Variable>
    <Variable>
      <Name>VPN_PORT</Name>
      <Value>443</Value>
    </Variable>
    <Variable>
      <Name>VPN_PROTOCOL</Name>
      <Value>udp</Value>
    </Variable>
    <Variable>
      <Name>VPN_PROV</Name>
      <Value>custom</Value>
    </Variable>
    <Variable>
      <Name>STRONG_CERTS</Name>
      <Value>no</Value>
    </Variable>
    <Variable>
      <Name>ENABLE_PRIVOXY</Name>
      <Value>yes</Value>
    </Variable>
    <Variable>
      <Name>LAN_NETWORK</Name>
      <Value>192.168.1.0/24</Value>
    </Variable>
    <Variable>
      <Name>DEBUG</Name>
      <Value>false</Value>
    </Variable>
    <Variable>
      <Name>PHP_TZ</Name>
      <Value>UTC</Value>
    </Variable>
    <Variable>
      <Name>PUID</Name>
      <Value>99</Value>
    </Variable>
    <Variable>
      <Name>PGID</Name>
      <Value>100</Value>
    </Variable>
    <Variable>
      <Name>VPN_REMOTE</Name>
      <Value>fr.vpn.airdns.org</Value>
    </Variable>

  • Author

Hello,

 

i've been running this for a couple of weeks now and seems to work fine.

 

In the log file I see the below output every hour.

I did some research and apparently the keys are being renegotiated and it should not cause any interruption in the connection. I just want to confirm that this is in fact what is going on here.

 

Thanks

 

2016-10-24 11:02:05,170 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:05 2016 TLS: tls_process: killed expiring key

2016-10-24 11:02:11,163 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 WARNING: file 'credentials.conf' is group or others accessible

2016-10-24 11:02:11,313 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, [email protected]

2016-10-24 11:02:11,314 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 Validating certificate key usage

2016-10-24 11:02:11,315 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 ++ Certificate has key usage 00a0, expects 00a0

2016-10-24 11:02:11,316 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY KU OK

2016-10-24 11:02:11,316 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 Validating certificate extended key usage

2016-10-24 11:02:11,317 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication

2016-10-24 11:02:11,318 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY EKU OK

2016-10-24 11:02:11,319 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, [email protected]

2016-10-24 11:02:15,204 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:15 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Oct 24 11:02:15 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Oct 24 11:02:15 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Oct 24 11:02:15 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

2016-10-24 11:02:15,216 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:15 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA

 

can you post the contents of your ovpn file, im assuming it has "reneg" defined in there but i would like to take a look.

 

It does not, here it is;

 

client
dev tun
resolv-retry infinite
nobind
persist-key
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
route-delay 5
verb 3
explicit-exit-notify 5
<ca>
-----BEGIN CERTIFICATE-----

 

Also the container config is;

 

<Variable>
      <Name>VPN_ENABLED</Name>
      <Value>yes</Value>
    </Variable>
    <Variable>
      <Name>VPN_USER</Name>
      <Value>#######</Value>
    </Variable>
    <Variable>
      <Name>VPN_PASS</Name>
      <Value>#######</Value>
    </Variable>
    <Variable>
      <Name>VPN_PORT</Name>
      <Value>443</Value>
    </Variable>
    <Variable>
      <Name>VPN_PROTOCOL</Name>
      <Value>udp</Value>
    </Variable>
    <Variable>
      <Name>VPN_PROV</Name>
      <Value>custom</Value>
    </Variable>
    <Variable>
      <Name>STRONG_CERTS</Name>
      <Value>no</Value>
    </Variable>
    <Variable>
      <Name>ENABLE_PRIVOXY</Name>
      <Value>yes</Value>
    </Variable>
    <Variable>
      <Name>LAN_NETWORK</Name>
      <Value>192.168.1.0/24</Value>
    </Variable>
    <Variable>
      <Name>DEBUG</Name>
      <Value>false</Value>
    </Variable>
    <Variable>
      <Name>PHP_TZ</Name>
      <Value>UTC</Value>
    </Variable>
    <Variable>
      <Name>PUID</Name>
      <Value>99</Value>
    </Variable>
    <Variable>
      <Name>PGID</Name>
      <Value>100</Value>
    </Variable>
    <Variable>
      <Name>VPN_REMOTE</Name>
      <Value>fr.vpn.airdns.org</Value>
    </Variable>

OK it must be forced from the server end then, regen-sec 0 is already set by me so if it's still doing it then there is nothing you can do to prevent it.

 

Sent from my SM-G900F using Tapatalk

 

 

Hello,

 

i've been running this for a couple of weeks now and seems to work fine.

 

In the log file I see the below output every hour.

I did some research and apparently the keys are being renegotiated and it should not cause any interruption in the connection. I just want to confirm that this is in fact what is going on here.

 

Thanks

 

2016-10-24 11:02:05,170 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:05 2016 TLS: tls_process: killed expiring key

2016-10-24 11:02:11,163 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 WARNING: file 'credentials.conf' is group or others accessible

2016-10-24 11:02:11,313 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, [email protected]

2016-10-24 11:02:11,314 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 Validating certificate key usage

2016-10-24 11:02:11,315 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 ++ Certificate has key usage 00a0, expects 00a0

2016-10-24 11:02:11,316 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY KU OK

2016-10-24 11:02:11,316 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 Validating certificate extended key usage

2016-10-24 11:02:11,317 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication

2016-10-24 11:02:11,318 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY EKU OK

2016-10-24 11:02:11,319 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, [email protected]

2016-10-24 11:02:15,204 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:15 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Oct 24 11:02:15 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Oct 24 11:02:15 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Oct 24 11:02:15 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

2016-10-24 11:02:15,216 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:15 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA

 

can you post the contents of your ovpn file, im assuming it has "reneg" defined in there but i would like to take a look.

 

It does not, here it is;

 

client
dev tun
resolv-retry infinite
nobind
persist-key
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
route-delay 5
verb 3
explicit-exit-notify 5
<ca>
-----BEGIN CERTIFICATE-----

 

Also the container config is;

 

<Variable>
      <Name>VPN_ENABLED</Name>
      <Value>yes</Value>
    </Variable>
    <Variable>
      <Name>VPN_USER</Name>
      <Value>#######</Value>
    </Variable>
    <Variable>
      <Name>VPN_PASS</Name>
      <Value>#######</Value>
    </Variable>
    <Variable>
      <Name>VPN_PORT</Name>
      <Value>443</Value>
    </Variable>
    <Variable>
      <Name>VPN_PROTOCOL</Name>
      <Value>udp</Value>
    </Variable>
    <Variable>
      <Name>VPN_PROV</Name>
      <Value>custom</Value>
    </Variable>
    <Variable>
      <Name>STRONG_CERTS</Name>
      <Value>no</Value>
    </Variable>
    <Variable>
      <Name>ENABLE_PRIVOXY</Name>
      <Value>yes</Value>
    </Variable>
    <Variable>
      <Name>LAN_NETWORK</Name>
      <Value>192.168.1.0/24</Value>
    </Variable>
    <Variable>
      <Name>DEBUG</Name>
      <Value>false</Value>
    </Variable>
    <Variable>
      <Name>PHP_TZ</Name>
      <Value>UTC</Value>
    </Variable>
    <Variable>
      <Name>PUID</Name>
      <Value>99</Value>
    </Variable>
    <Variable>
      <Name>PGID</Name>
      <Value>100</Value>
    </Variable>
    <Variable>
      <Name>VPN_REMOTE</Name>
      <Value>fr.vpn.airdns.org</Value>
    </Variable>

OK it must be forced from the server end then, regen-sec 0 is already set by me so if it's still doing it then there is nothing you can do to prevent it.

 

Sent from my SM-G900F using Tapatalk

 

Thanks,

 

is it an issue though? I don't mind it renegotiating it hourly, as long as i remain connected during this process

  • Author

Hello,

 

i've been running this for a couple of weeks now and seems to work fine.

 

In the log file I see the below output every hour.

I did some research and apparently the keys are being renegotiated and it should not cause any interruption in the connection. I just want to confirm that this is in fact what is going on here.

 

Thanks

 

2016-10-24 11:02:05,170 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:05 2016 TLS: tls_process: killed expiring key

2016-10-24 11:02:11,163 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 WARNING: file 'credentials.conf' is group or others accessible

2016-10-24 11:02:11,313 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, [email protected]

2016-10-24 11:02:11,314 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 Validating certificate key usage

2016-10-24 11:02:11,315 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 ++ Certificate has key usage 00a0, expects 00a0

2016-10-24 11:02:11,316 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY KU OK

2016-10-24 11:02:11,316 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 Validating certificate extended key usage

2016-10-24 11:02:11,317 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication

2016-10-24 11:02:11,318 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY EKU OK

2016-10-24 11:02:11,319 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:11 2016 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, [email protected]

2016-10-24 11:02:15,204 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:15 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Oct 24 11:02:15 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Oct 24 11:02:15 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Oct 24 11:02:15 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

2016-10-24 11:02:15,216 DEBG 'start-script' stdout output:
Mon Oct 24 11:02:15 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA

 

can you post the contents of your ovpn file, im assuming it has "reneg" defined in there but i would like to take a look.

 

It does not, here it is;

 

client
dev tun
resolv-retry infinite
nobind
persist-key
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
route-delay 5
verb 3
explicit-exit-notify 5
<ca>
-----BEGIN CERTIFICATE-----

 

Also the container config is;

 

<Variable>
      <Name>VPN_ENABLED</Name>
      <Value>yes</Value>
    </Variable>
    <Variable>
      <Name>VPN_USER</Name>
      <Value>#######</Value>
    </Variable>
    <Variable>
      <Name>VPN_PASS</Name>
      <Value>#######</Value>
    </Variable>
    <Variable>
      <Name>VPN_PORT</Name>
      <Value>443</Value>
    </Variable>
    <Variable>
      <Name>VPN_PROTOCOL</Name>
      <Value>udp</Value>
    </Variable>
    <Variable>
      <Name>VPN_PROV</Name>
      <Value>custom</Value>
    </Variable>
    <Variable>
      <Name>STRONG_CERTS</Name>
      <Value>no</Value>
    </Variable>
    <Variable>
      <Name>ENABLE_PRIVOXY</Name>
      <Value>yes</Value>
    </Variable>
    <Variable>
      <Name>LAN_NETWORK</Name>
      <Value>192.168.1.0/24</Value>
    </Variable>
    <Variable>
      <Name>DEBUG</Name>
      <Value>false</Value>
    </Variable>
    <Variable>
      <Name>PHP_TZ</Name>
      <Value>UTC</Value>
    </Variable>
    <Variable>
      <Name>PUID</Name>
      <Value>99</Value>
    </Variable>
    <Variable>
      <Name>PGID</Name>
      <Value>100</Value>
    </Variable>
    <Variable>
      <Name>VPN_REMOTE</Name>
      <Value>fr.vpn.airdns.org</Value>
    </Variable>

OK it must be forced from the server end then, regen-sec 0 is already set by me so if it's still doing it then there is nothing you can do to prevent it.

 

Sent from my SM-G900F using Tapatalk

 

Thanks,

 

is it an issue though? I don't mind it renegotiating it hourly, as long as i remain connected during this process

According to the openvpn docs it shouldn't, but I have seen people reporting that it can cause a drop in the connection, thus why I attempt to disable this feature. I would say keep an eye on it and if it does cause an issue then it's time to start logging the issue with your VPN provider.

 

Sent from my SM-G900F using Tapatalk

 

 

Guest
This topic is now closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.