What's new

vpnmgr vpnmgr - Manage and update VPN Client configurations for NordVPN and PIA

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Which VPN provider do you use?


  • Total voters
    315
Ok, I have also found the issue here. It does has no effect when you schedule through the UI. When I do it throug ssh it works perfectly
Any reason why you are setting this interval so short? You want to ask Nordvpn every 2 minutes if this is the best server to use for this country/city? These things don't change that often. Why not set it for every 6hrs?
 
Any reason why you are setting this interval so short? You want to ask Nordvpn every 2 minutes if this is the best server to use for this country/city? These things don't change that often. Why not set it for every 6hrs?
I wanted only to test this plugin before I get rid of all my AVM Routers tomorrow, to be sure, Asus is the right choice. Of course I will change it to once a day during night.
 
I have some issues with the script. Everytime when it tries to reboot/update the server it runs into this problem:

Code:
Feb 28 06:10:51 ovpn-client2[2505]: [ch319.nordvpn.com] Inactivity timeout (--ping-restart), restarting
Feb 28 06:10:51 ovpn-client2[2505]: SIGUSR1[soft,ping-restart] received, process restarting
Feb 28 06:10:51 ovpn-client2[2505]: Restart pause, 5 second(s)
Feb 28 06:10:56 ovpn-client2[2505]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Feb 28 06:10:56 ovpn-client2[2505]: Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Feb 28 06:10:56 ovpn-client2[2505]: Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Feb 28 06:10:56 ovpn-client2[2505]: TCP/UDP: Preserving recently used remote address: [AF_INET]195.216.219.121:1194
Feb 28 06:10:56 ovpn-client2[2505]: Socket Buffers: R=[524288->1048576] S=[524288->1048576]
Feb 28 06:10:56 ovpn-client2[2505]: UDP link local: (not bound)
Feb 28 06:10:56 ovpn-client2[2505]: UDP link remote: [AF_INET]195.216.219.121:1194
Feb 28 06:10:56 ovpn-client2[2505]: TLS: Initial packet from [AF_INET]195.216.219.121:1194, sid=2ae45b8a de29ed13
Feb 28 06:10:56 ovpn-client2[2505]: VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
Feb 28 06:10:56 ovpn-client2[2505]: VERIFY OK: depth=1, O=NordVPN, CN=NordVPN CA8
Feb 28 06:10:56 ovpn-client2[2505]: VERIFY KU OK
Feb 28 06:10:56 ovpn-client2[2505]: Validating certificate extended key usage
Feb 28 06:10:56 ovpn-client2[2505]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Feb 28 06:10:56 ovpn-client2[2505]: VERIFY EKU OK
Feb 28 06:10:56 ovpn-client2[2505]: VERIFY OK: depth=0, CN=ch319.nordvpn.com
Feb 28 06:10:56 ovpn-client2[2505]: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA512
Feb 28 06:10:56 ovpn-client2[2505]: [ch319.nordvpn.com] Peer Connection Initiated with [AF_INET]195.216.219.121:1194
Feb 28 06:10:57 ovpn-client2[2505]: SENT CONTROL [ch319.nordvpn.com]: 'PUSH_REQUEST' (status=1)
Feb 28 06:11:03 ovpn-client2[2505]: SENT CONTROL [ch319.nordvpn.com]: 'PUSH_REQUEST' (status=1)
Feb 28 06:11:03 ovpn-client2[2505]: AUTH: Received control message: AUTH_FAILED
Feb 28 06:11:03 ovpn-client2[2505]: SIGTERM received, sending exit notification to peer
Feb 28 06:11:06 ovpn-client2[2505]: ovpn-route-pre-down tun12 1500 1654 10.8.0.10 255.255.255.0 init
Feb 28 06:11:06 ovpn-client2[2505]: Closing TUN/TAP interface
Feb 28 06:11:06 ovpn-client2[2505]: /usr/sbin/ip addr del dev tun12 10.8.0.10/24
Feb 28 06:11:06 ovpn-client2[2505]: ovpn-down 2 client tun12 1500 1654 10.8.0.10 255.255.255.0 init
Feb 28 06:11:06 ovpn-client2[2505]: SIGTERM[soft,exit-with-notification] received, process exiting


1677575409922.png


It tells me, that the AUTH failed but the credentials are 100% right. It works, when I turn it on manually but just for few minutes/hours. Any clue what I am doing wrong?
 
I have some issues with the script. Everytime when it tries to reboot/update the server it runs into this problem:

Code:
Feb 28 06:10:51 ovpn-client2[2505]: [ch319.nordvpn.com] Inactivity timeout (--ping-restart), restarting
Feb 28 06:10:51 ovpn-client2[2505]: SIGUSR1[soft,ping-restart] received, process restarting
Feb 28 06:10:51 ovpn-client2[2505]: Restart pause, 5 second(s)
Feb 28 06:10:56 ovpn-client2[2505]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Feb 28 06:10:56 ovpn-client2[2505]: Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Feb 28 06:10:56 ovpn-client2[2505]: Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Feb 28 06:10:56 ovpn-client2[2505]: TCP/UDP: Preserving recently used remote address: [AF_INET]195.216.219.121:1194
Feb 28 06:10:56 ovpn-client2[2505]: Socket Buffers: R=[524288->1048576] S=[524288->1048576]
Feb 28 06:10:56 ovpn-client2[2505]: UDP link local: (not bound)
Feb 28 06:10:56 ovpn-client2[2505]: UDP link remote: [AF_INET]195.216.219.121:1194
Feb 28 06:10:56 ovpn-client2[2505]: TLS: Initial packet from [AF_INET]195.216.219.121:1194, sid=2ae45b8a de29ed13
Feb 28 06:10:56 ovpn-client2[2505]: VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
Feb 28 06:10:56 ovpn-client2[2505]: VERIFY OK: depth=1, O=NordVPN, CN=NordVPN CA8
Feb 28 06:10:56 ovpn-client2[2505]: VERIFY KU OK
Feb 28 06:10:56 ovpn-client2[2505]: Validating certificate extended key usage
Feb 28 06:10:56 ovpn-client2[2505]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Feb 28 06:10:56 ovpn-client2[2505]: VERIFY EKU OK
Feb 28 06:10:56 ovpn-client2[2505]: VERIFY OK: depth=0, CN=ch319.nordvpn.com
Feb 28 06:10:56 ovpn-client2[2505]: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA512
Feb 28 06:10:56 ovpn-client2[2505]: [ch319.nordvpn.com] Peer Connection Initiated with [AF_INET]195.216.219.121:1194
Feb 28 06:10:57 ovpn-client2[2505]: SENT CONTROL [ch319.nordvpn.com]: 'PUSH_REQUEST' (status=1)
Feb 28 06:11:03 ovpn-client2[2505]: SENT CONTROL [ch319.nordvpn.com]: 'PUSH_REQUEST' (status=1)
Feb 28 06:11:03 ovpn-client2[2505]: AUTH: Received control message: AUTH_FAILED
Feb 28 06:11:03 ovpn-client2[2505]: SIGTERM received, sending exit notification to peer
Feb 28 06:11:06 ovpn-client2[2505]: ovpn-route-pre-down tun12 1500 1654 10.8.0.10 255.255.255.0 init
Feb 28 06:11:06 ovpn-client2[2505]: Closing TUN/TAP interface
Feb 28 06:11:06 ovpn-client2[2505]: /usr/sbin/ip addr del dev tun12 10.8.0.10/24
Feb 28 06:11:06 ovpn-client2[2505]: ovpn-down 2 client tun12 1500 1654 10.8.0.10 255.255.255.0 init
Feb 28 06:11:06 ovpn-client2[2505]: SIGTERM[soft,exit-with-notification] received, process exiting


View attachment 48232

It tells me, that the AUTH failed but the credentials are 100% right. It works, when I turn it on manually but just for few minutes/hours. Any clue what I am doing wrong?
I would recommend probably just downloading a brand new .config file from NordVPN, and set up your VPN slot from scratch. Make sure it works reliably and functions without fail before using vpnmgr.
 
I think I have found the problem.

Step 1: Reset the PW for NordVPN (you will get a new PW also for the service/manual configuration which is needed)
Step 2: Config VPN Client (Upload the config file for the server you haven chosen before)
Step 3: And that is important: delete everything under custom configuration
Step 4: Important: Wait at least 60 Minutes after reset of the PW.

That was it. Now it works perfectly.
 
I just tried to install on FT-AX6000 with Merlin and got an error message "Entware not detected".

Do I need Entware and is it easy and safe to load?
 
I'll let the poll run for a week, and whichever comes out on top I'll take a stab at adding. Doesn't look like many offer free trials annoyingly!

Could you add MullVad to the poll, please? Thanks.
 
develop has been merged to master. I'm not anticipating adding anything else before going 1.0.0 (roughly a week from now unless anything major happens)


This is such a great script!! Could you please add MullVad when you are going to add other VPN services to vpnmg? It would be greatly
appreciated by many I think because even MullVad doesn't have a decent tut to config MullVad on an AsusWRT-Merlin, in my case with
the Asus GT-AEX16000.
 
How about IPVanish VPN
 
DId not realize this was a dead thread. IF so it should have been locked.
 
DId not realize this was a dead thread. IF so it should have been locked.
Unfortunately the original dev of this project has stepped away, and is no longer under active development. VPNMON-R3 is a continuation of vpnmgr (of sorts)... and have actively been building in capabilities for different VPN providers ONLY IF they offer an API of sorts in order to pull vpn server data to help automate generating server lists for the purposes of randomizing connections etc. I've been keeping a tally of which VPN providers play nice, and provide examples and samples at this "custom server list generation" discussion here. Feel free to give it a try.

I just took a look at IPvanish, and it seems they had a json file available for a while many years ago, but has since gotten pulled (previously available here: https://www.ipvanish.com/api/servers.geojson). That would have been ideal. Now, the only thing I can find is a big list of ovpn config files, which make it extremely laborious to pull anything from. Available here: https://configs.ipvanish.com/configs/
 
Last edited:

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top