Start a new topic

Beta testing

THIS THREAD IS FOR THE USE OF THE FRIENDLY USERS WHO ARE TRIALING OUR BETA RELEASE OF OPENVPN


1 person likes this idea

I've had troubles using VPN on two of my devices.

One is Ubuntu Xenial. The other is my phone, not a Samsung but possibly the same issue that's in the issues of the current setup section for Vanished using PPTP and L2TP.


Ubuntu Xenial did not work on PPTP, there was a leak and my location was apparent to Netflix.

With OpenVPN, the network-manager package does not tunnel DNS, at all, so everything was inaccessable. Using OpenVPN at the command line leaked DNS, and again my location was apparent.


Solution: 

In Network Manager, "Edit Connections"

"Add" and choose WiFi or Ethernet, or whatever you use to connect.

Name the Connection at the very top, differant to your normal connection. This can be done later via "Edit"

Add the Interface name. For me this was the WiFi SSID, you can also hit Edit on the actual connection for the same interface to see side by side what the settings are.

In "Mode" I selected "Client"

"Device" may or may not be optional, however there is a pull down list, or it can be copied and pasted.

On the "General" tab, unselect "Automatically Connect to this network..."

I use WiFi, in the "WiFi Security" tab, I chose my encryption type "WPA & WPA2 personal" and entered the password for the router.

in the IPV6 Tab, I selected "Ignore" for "Method". This was important apparently. I don't know how to configure my network to IPV6 so this was the only option to make sure I didn't get a DNS leak over IPV6.

In the IPV4 Tab, I selected "Manual". It may be possible to select "DHCP Adresses Only" and leave the DNS feild blank (which is what's important here) however I didn't test that.

Click on "Add", choose an IP address for your computer on the local network, something that wont be used by the DHCP server and is a valid address on your network.

Put in your Netmask, this is quite commonly 255.255.255.0, and if you look back when editing, and it was changed to simply 24 by the system, don't worry about it, its obscure to see but makes sense as an address range.

Add the local IP address for your router, or connection point to the internet, in "Gateway"

Most importantly, leave the "DNS servers" field blank.


Connect to the network you just made. It will appear in Network Manager as a pop-out selection to the side of your normal network (in the Wifi selection anyway).

openvpn must be run from the command line:

sudo openvpn --config /path/to/openvpnfile

CTRL-c to exit

Select your normal network (now moved as a side pop-out item). You may notice, however, that if don't disconnect from the connection that had no DNS entries, your system will continue to use the DNS server that was pushed to the system from Vanished, which happens to be the Google DNS server. You must, however connect to the connection with no DNS entries and be connected using openvpn to successfully proxy

Also, assuming this works for others as well, you can add a username and password file, two lines of text, first line username, second line password, and run openvpn as follows

sudo openvpn --config /path/to/file.ovpn --auth-user-pass /path/to/usernameAndPassword


Ubuntu 16.04 took quite a lot of troubleshooting and there were a few packages installed along the way, and by the way you do need to install openvpn to use it. Possibly  network-manager-openvpn is also needed. network-manager-openvpn-gnome is needed to make a profile from network manager but it is broken for now. Hopefully it will be fixed.  I'll search around for whatever the 2 or 3 other packages were if there isn't some success with this method, though I suspect most problems are going to be with configuring the network properly, as described above, for those that aren't familiar with it.



On to the Phone:

I have a Sony Xperia Z3 compact. It suffered from an issue of leaking using PPTP.

OpenVPN has solved this. In my case it doesn't seem to be a case of Location Services being sourced by the Netflix app since they are now on and working with OpenVPN, while off and not working without it.

I did, however, want to state that I always thought that when I got an error 13 (I think this is the right error code) that I thought rebooting was BS, because why wouldn't clearing data be fine? In any case, this does happen, and it happens when Netflixed is greenified for example. It leaves a service running after its closed. I found that clearing data, connecting to the openvpn server, signing in, backing out of the app, as not to kill the service, then rebooting (I've done this always with the openvpn app running and connected) then all goes well. Perhaps this is merely an issue of having Netflix on my list of apps with Greenify, but I figure that while I was here I should mention it.

Apologise for the double post but I wasn't able to edit above.


In Ubuntu 16.04, openvpn must be run from the command line, as in the example. Network manager will connect but will still fail to tunnel the DNS and nothing will be reachable like that.


Also, Firefox users, don't bother with plugins for Netflix using WINE. Chromium and Google Chrome browsers support it.

My setup:  ADSL > modem/router (a)  > router (B)

modem/router does local (au) internet for LAN

router is currently PPTP for Vanished for LAN VPN  (dd-wrt)


Using PPTP configured on router (b) works well with US netflx

I have managed to get Openvpn working and connected on router (b) passing through modem/router (a)

But my apple tv is having all sorts of connection issues attempting to go to us netflx.


If I swing back to pptp, netflx is up and usable again.


I think i need more work on the DNS settings and maybe the option of router b as a DMZ host from router a.


I'll have more plays next day or so and report back..

Karl

Try using the "Extended Test" button on this page https://www.dnsleaktest.com/ to test if its a problem with the DNS tunneling or not.  I found that really helpful when troubleshooting mine.  


Also, if you're able to look at the output or log file of what's happening when it connects to openvpn, look to see that dns-push happened.

With my problem, I had to create a network with no DNS at all and the computer initially uses either environmental settings for DNS, or the router's DNS  to look up *.vanishedvpn.com and afterwards uses the DNS that gets pushed to it, otherwise it always uses the default DNS.  If its the same issue as you're running a router behind a router, perhaps omitting DNS in that router (if it will let you), router b if I understood right, will work.

I also had to turn off IPV6 or I'd still get a leak. Though I didn't test what the leak was, it was sorted when doing so, the last thing I did (I think), after realising that I had a DNS leak.


I'm curious to hear if putting it in a DMZ works. I've never done that and had to also add DNS to a box, so I imagine that my stuff has always still gotten DNS from the initial router.


I wonder if the servers have a static or dynamic address.  If they were static, and 4 have differant IP addresses, then DNS could be disabled entirely for the initial lookup by putting the numerical IP in the config.ovpn file.


The link up top using "Extended Test" should tell you if you're leaking DNS at all or not, though.

Also, I realise that this is basic stuff for some people but at the same time not so much for others but I'm about to get worse as its something that can be easily overlooked, you can see that I overlooked it above; make sure the AppleTV is set to get DNS from the router that's connected to the VPN.  That might be easier said than done if the router has to be configured without DNS settings.

Hi Dean, thanks, will give the "dnsleaktest" a go later today when I get a chance. I tried both google and opendns servers as local resolvers, which the apple tv got pushed. I'll remove all dns entries from router-b and see how that goes.


I noted from the openvpn logs that the default route option is sent back from the servers, indicating that all traffic should be pushed down the tunnel. hopefully the leak test will show if that is indeed happening. Doing a "where's my ip" search, dropped me into the same location as the pptp connection.


I guess of note is that the pptp connection is set as the WAN connection on router-b

Again, thanks.. will update when I've had another go

OpenVPN is working well on my Asus 88U.  This is particularly welcome as this Router is unable to connect via L2TP because it does not support a secret.  Also, I have found OpenVPN to be faster and superior to the other alternatives.  I hope to see it offered on all servers in the near future.


The setup did not work well with the latest firmware.  The router was using a TP-Link modem in bridged mode for internet access.  It kept insisting that the Lan Interface was using a private IP address, and suggesting double nat was taking place.  This was not true and was I think a firmware problem.  I installed the latest Merlin firmware, and this problem was fixed.  An excellent solution as this firmware has increased functionality and control.  I was quickly connected and US Netflix worked very well.  This firmware supports policy based routing, so I wsa able to route just my Fire TV Stick through the OpenVPN tunnel with all other traffic routed as normal.  I considered Tomato or DD-WRT and the like, which I have used in the past and gives much more functionality.  However, I decided I did not need this extra functionality at this location, and also wanted to stick with something based on the ASUS firmware.  I was a little disappointed that Merlin did not allow a secret with L2TP and that even the custom scripts feature did not cater for this.  I would like to try the Canadian VPN which was at last check L2TP only.  However, IMHO OpenVPN is a superior solution anyway and will hopefully be implemented on all servers soon.



Great work VanishedVPN.  You are doing Netflix a favor as I would long ago have abandoned them if stuck with the paltry Australian selection.  Thanks.


Apologies for not getting back here earlier.

With the newest release, it appears to be working very well.

Still have same config as before.   ADSL > modem/router (a - local au lan) >  Router (b - Vanishedvpn)

Second router gives me both wireless and wired access to the VPN.


On brief testing, before I had to leave for work this mornig, works well.

Netfix is much faster than the pptp option.

The other test tonight will be HBO as I was experiencing severe buffering with pptp. Went back to a DNS re-director for HBO


As advised by Dean earlier, a dns leak test confirmed that all was US based.

Will do some more testing tonight and report back.

Will add some screen shots too.

Cheers

Got home tonight and thought I'd reboot both routers before going any further.

Not sure what has happened, but for some reason, my router is saying I'm connected to Vanished.

The logs tell me it's pushing google dns.

But my laptop plugged into the router is failing with dns leaks.

I' now reporting as being back in Melb. (ip says usa though..)


I have exact same config as before where all dns entries are blank.

I have had to hard code google dns entries to semi pass the leak test to get usa responses.


I've tried every combination I can try over the last few hours..

I'll come back to it next day or so.

For the moment, I'm back to PPTP



Switched back over to PPTP, no additional changes and my 2 x dns servers on my laptop are both google.

DNS leak test all pass with no issues - all usa


I don't know if this will help, but I tried it out just now using the DNS IP addresses from the dnsleaktest page, and this worked, opposed to leaving DNS entries blank.  I did, however, still have to leave IPV6 disabled for this. I really don't know if this will help you Ottafish, and it seems like a long shot since mine was already working fine with the blank entries, but its worth a shot, also making sure that IPV6 is off, assuming you're second router lets you.  


You might also consider using these servers in your first router if all else fails and you think it might be a problem with the second router getting DNS from the first one and the leak somehow happening during the lookup of vanishedvpn.com; the servers will be further away from you but will still resolve IP addresses the same regardless of weather your'e on a VPN or not.


If PPTP is problematic for you, or you just want openvpn for other reasons, its sort of a shot in the dark but possibly worth a try.


It looks like, from the dnsleaktest.com page, that 204.194.238.11 is a primary DNS server for OpenDNS in the US.  I used 204.194.238.13 for a secondary however I'm not in Australia right now so you may want to try out the test page from there before trying it out.


It may also be a glitch with vanished VPN as I suppose we're still in beta.  I have some extra garbage in the window that's running the VPN right now, invalid packets. A leak is pretty big glitch though :p


Just to be sure, there was updated config files sent out, I think the day before yesterday. these are the ones that should be used so if you don't have them, check your SPAM folder and email Phil if you never got them at all.  If memory serves there were some extra options for, I think, Windows machines and I doubt that applies to a router but also might be worth looking at.

I'd like to help with the beta testing, but not sure who to contact to get involved. Can someone point me in the right direction to please? Thanks.

Still working flawlessly for me.  At the moment the ASUS router is running two openvpn tunnels, one to the US server and one to Aus.  The policy based routing for openvpn on the Merlin firmware is very convenient.  At the moment I have my Android TV Stick routed through the US tunnel and my Notebook Computer through the AUS tunnel.  All other devices still go through the Wan interface directly, which is of course the default behaviour.  Routing other devices through one or the other of the VPN tunnels is as easy as adding them through the Web GUI.  Netflix is fast, the quality is good and I have not experienced any buffering which did sometimes happen using PPTP.


I am very happy using Openvpn.

Update:

It would seem the planets have aligned..

I can now confirm it's working flawlessly for me.

In router b, I had to put static dns entries into the 3 fields for local dhcp options. The third entry I put a dummy IP.

Multiple reboots, multiple leak tests and all report non AU based

It would appear that you were right Dean, router b was taking/using DNS of router (a) as a 3rd dns entry and that's what was reporting as AU based - thanks so much for the info - appreciated.


Just to confirm my setting:

ADSL > modem/router (a)  >  router (b)

modem/router (a) is for local LAN for normal stuff.

Router (b) is strictly for Vanishedvpn - both wired and wireless

Both devices are TP-Link

modem/router (a) is running stock firmware

router (b) is running dd-wrt release v3.0-30631


Can confirm both Netfix and HB0 both work very well and very fast.

buffering that used to occur (on pptp)  has also gone.


Thanks Phil and team - awesome work :-)

Login or Signup to post a comment