What's new

VPNMON VPNMON-R2 v2.0 -Jul 10, 2022- Monitor your VPN connection's Health (Thread locked/closed)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I have been doing that connect to specific host and keep it as it is. I like the IP address, silly reason I know. I have not spend enough time to read through and get a better picture of your script. Earlier I have the impression it only works for a single VPN connection. What if I have three VPN connection, using ovpnc1, ovpnc3 and ovpnc5. Each connect to different country. Will it randomize accordingly and have the option to keep the city/country? Obviously I did not RTFM. I will probably spend some time over the weekend and apply it. Thanks for your sharing.

Yes, this would work only under these conditions:
1. You would need to move your connections from slots 1, 3 and 5 to 1, 2 and 3.
2. You can only have 1 VPN connection going at a time.

In this case, yes, it could randomly pick from your 3 VPN slots each day to make a new connection. Let me know if you need any other advice, ok? Good luck! ;)
 
I bet that's it. I have them all set that way. But I suppose I shouldn't set them that way with your tool, right?

I just looked at the logs, here's a snippet. It looks like it happens during the VPN reset at night for about two hours.
I really haven't tested it... but I would think that if you have vpnmon-r2 starting after a reboot, then you probably don't want any of your VPN slots to automatically start after bootup as it would probably interfere. I have all 5 of my slots set to "no". I'll see if I can find some time early in the morning this weekend while the family is still sleeping to test this... ;)
 
I just looked at the logs, here's a snippet. It looks like it happens during the VPN reset at night for about two hours.

Code:
May  4 01:02:11 RT-AX86U-ADA0 YazFi: wl0.1 (SSID: Guest1-US-2G) - VPN redirection enabled, sending all interface internet traffic over VPN Client 2
May  4 01:02:13 RT-AX86U-ADA0 YazFi: wl0.2 (SSID: Guest1-Other-2G) - VPN redirection enabled, sending all interface internet traffic over VPN Client 5
May  4 01:02:17 RT-AX86U-ADA0 YazFi: wl1.1 (SSID: Guest1-US-5G) - VPN redirection enabled, sending all interface internet traffic over VPN Client 2
May  4 01:02:20 RT-AX86U-ADA0 YazFi: wl1.2 (SSID: Guest1-Other-5G) - VPN redirection enabled, sending all interface
@iTyPsIDg ... Could you post some of your vpnmon-r2.log contents for this time period? Perhaps that would give us a better idea what was happening during this loop?
 
Oh snap! We have officially gone official with our very own "vpnmon" prefix! lol! Let's bring out the champagne! :p

vpnmon-prefix.PNG
 
@iTyPsIDg ... Could you post some of your vpnmon-r2.log contents for this time period? Perhaps that would give us a better idea what was happening during this loop?
Less:
Tue May  3 19:15:39 CST 2022 - VPNMON-R2 - **Multiple VPN Client Connections detected** - Executing VPN Reset
Wed May  4 01:03:58 CST 2022 - VPNMON-R2 - **Multiple VPN Client Connections detected** - Executing VPN Reset
Wed May  4 01:09:23 CST 2022 - VPNMON-R2 - **Multiple VPN Client Connections detected** - Executing VPN Reset
Wed May  4 01:14:03 CST 2022 - VPNMON-R2 - **Multiple VPN Client Connections detected** - Executing VPN Reset
Wed May  4 01:19:14 CST 2022 - VPNMON-R2 - **Multiple VPN Client Connections detected** - Executing VPN Reset
Wed May  4 01:29:51 CST 2022 - VPNMON-R2 - **Multiple VPN Client Connections detected** - Executing VPN Reset
Wed May  4 01:38:39 CST 2022 - VPNMON-R2 - **Multiple VPN Client Connections detected** - Executing VPN Reset
Wed May  4 02:42:09 CST 2022 - VPNMON-R2 - **Multiple VPN Client Connections detected** - Executing VPN Reset
Wed May  4 02:49:45 CST 2022 - VPNMON-R2 - **Multiple VPN Client Connections detected** - Executing VPN Reset
Wed May  4 02:55:00 CST 2022 - VPNMON-R2 - **Multiple VPN Client Connections detected** - Executing VPN Reset
Wed May  4 02:58:01 CST 2022 - VPNMON-R2 - **Multiple VPN Client Connections detected** - Executing VPN Reset
Wed May  4 03:03:22 CST 2022 - VPNMON-R2 - **Multiple VPN Client Connections detected** - Executing VPN Reset
Wed May  4 03:06:24 CST 2022 - VPNMON-R2 - **Multiple VPN Client Connections detected** - Executing VPN Reset

I turned off connect on start-up and it seems it fixed the problem. I'll keep monitoring, but I think that was my issue.
 
Talking about those old modems brought back memories.

I had a 14.4 with the cups for the handset and later got a 56k modem. Remember those USR robotics...those were the bomb. I also had a compuserve account. Took forever just to go through the menus to the forum you were interested in...and then list the messages. Wow, talk about changes.

OK, now back to the real question. I have now settled on VPNMON using SCREEN instead of VPNNON for the switching VPN slots when the VPN client goes down.

My VPN became non-functional. I knew this because I could no longer surf the web on one of my devices. Checked another two devices and found they weren't responding either. I checked VPNMON and found it thought the VPN was still active, all OK. I tried pinging 8.8.8.8 from the router and it responded successfully. I then manually switched VPN slots and my browsing started to work again.

So, I'm not sure what's happening. I was thinking maybe there should be additional checks for connectivity and not just a ping. Such as:

curl --interface tun12 http://icanhazip.com

I think you can also leave out the "http://"

The response would be the public IP address of the VPN connection and not the WAN...another way to confirm the VPN is working properly. Maybe even display that on the monitor screen somewhere.
 
@Viktor Jaep Here's the change for the description displayed in the monitor when non-NordVPN provider is being used. Change the following in the checkvpn() routine where the VPNCITY is set:

Code:
if [ "$UseNordVPN" == "1" ]; then
  VPNCITY=$(curl --silent --retry 3 --request GET --url https://ipapi.co/$VPNIP/city
else
  VPNCITY=$(nvram get vpn_client$1_desc)
fi
 
Not sure why I get the following error:

Code:
9. Would you like to sync the active VPN slot with YazFi?
(Default = No)
(Yes/No):  no
_    ______  _   ____  _______  _   __      ____ ___
| |  / / __ \/ | / /  |/  / __ \/ | / /     / __ \__ \
| | / / /_/ /  |/ / /|_/ / / / /  |/ /_____/ /_/ /_/ /
| |/ / ____/ /|  / /  / / /_/ / /|  /_____/ _, _/ __/
|___/_/   /_/ |_/_/  /_/\____/_/ |_/     /_/ |_/____/

Configuration of VPNMON-R2 is complete.  Would you like to save this config?
(Yes/No):  yes

Would you like to start VPNMON-R2 now?
(Yes/No):  yes
date: invalid date ‘+%H:%M’
date: invalid date ‘+%s’
/jffs/scripts/vpnmon-r2.sh: line 1314: arithmetic syntax error
date: invalid date ‘+%H:%M’
date: invalid date ‘+%s’
/jffs/scripts/vpnmon-r2.sh: line 1314: arithmetic syntax error
admin@RT-AC86U-DBA8:/jffs/scripts#

Update: ok, got rid of the error after key in all value including "01:00" in the reset time. Earlier I just press enter, supposedly using default value. Now I get a different error...
By the way, I have vpn1 and vpn3 configured but in the config, I only select 1 vpn.

Code:
-----------------------------------------------------------------
- VPN1 Disconnected
-----------------------------------------------------------------

Connection has failed, VPNMON-R2 is executing VPN Reset

Step 1 - Kill all VPN Client Connections

Kill VPN Client 1

Done.
Kill VPN Client 2

Done.
Kill VPN Client 3

Done.
Kill VPN Client 4

Done.
Kill VPN Client 5

Done.

Step 2 - Skipping Skynet whitelist update with NordVPN Server IPs


Step 3 - Error: NordVPN.txt list is blank! Check NordVPN service or config's Country Name.
 
Last edited:
Not sure why I get the following error:

Update: ok, got rid of the error after key in all value including "01:00" in the reset time. Earlier I just press enter, supposedly using default value. Now I get a different error...

OK... sounds like I need to some error checking during the config process... so when you just press enter on a line that's expecting input, I'll assume that the default value is being asked for. I'll work on that!

By the way, I have vpn1 and vpn3 configured but in the config, I only select 1 vpn.

Could you make sure you entered the correct NordVPN country name, and check to see how it's listed in the contents of your /jffs/addons/vpnmon-r2.d/vpnmon-r2.cfg file? Feel free to post it so I can take a look at it. Also, check in your /jffs/scripts folder... if you see a NordVPN.txt file, delete it, and see if that makes it work? It's either blank, or the country might be spelled wrong?
 
@Viktor Jaep Here's the change for the description displayed in the monitor when non-NordVPN provider is being used. Change the following in the checkvpn() routine where the VPNCITY is set:

Code:
if [ "$UseNordVPN" == "1" ]; then
  VPNCITY=$(curl --silent --retry 3 --request GET --url https://ipapi.co/$VPNIP/city
else
  VPNCITY=$(nvram get vpn_client$1_desc)
fi

Thanks @Kal1975 ... the reason I chose this method is because it's a general-use IP location lookup API. It works for both NordVPN users, or any other VPN service... and simply translates your public-facing IP to a city name. I have seen individuals run into the occasional message where the city name returns "undefined" or something of the sort, but that seems to be rare only because these IP blocks can be so volatile, shifting entire ranges between countries at times, so that might be the occasional message you'd deal with. If it becomes a real problem, I'll work on some alternate solution... like if VPNCITY="undefined" then VPNCITY="Anytown, USA!" ;)
 
Talking about those old modems brought back memories.

I had a 14.4 with the cups for the handset and later got a 56k modem. Remember those USR robotics...those were the bomb. I also had a compuserve account. Took forever just to go through the menus to the forum you were interested in...and then list the messages. Wow, talk about changes.
Definitely shows our age. My first modem was a USR 2400 baud beast... wow, those were the days. LOL

OK, now back to the real question. I have now settled on VPNMON using SCREEN instead of VPNNON for the switching VPN slots when the VPN client goes down.
Screen is definitely the way to go. It is much more robust in the event of network interruptions!

My VPN became non-functional. I knew this because I could no longer surf the web on one of my devices. Checked another two devices and found they weren't responding either. I checked VPNMON and found it thought the VPN was still active, all OK. I tried pinging 8.8.8.8 from the router and it responded successfully. I then manually switched VPN slots and my browsing started to work again.

So, I'm not sure what's happening. I was thinking maybe there should be additional checks for connectivity and not just a ping. Such as:

curl --interface tun12 http://icanhazip.com

I think you can also leave out the "http://"

The response would be the public IP address of the VPN connection and not the WAN...another way to confirm the VPN is working properly. Maybe even display that on the monitor screen somewhere.
That is a great idea @Kal1975! I'll look at adding something in addition to a ping to validate network traffic. If you could still ping, that meant your tunnel was up and intact, but something else must have happened on the provider side for things to go south.
 
Last edited:
I tried pinging 8.8.8.8 from the router and it responded successfully.
I believe that pinging from the router bypasses the VPN and goes directly through the WAN. @eibgrad usually knows this stuff pretty well and can probably confirm or deny the accuracy of my statement.
 
Everything is still running smoothly since I turned off Automatic start at boot time. It looks like that was my culprit for the connection issues.
 
I believe that pinging from the router bypasses the VPN and goes directly through the WAN. @eibgrad usually knows this stuff pretty well and can probably confirm or deny the accuracy of my statement.
You are correct... that would have gone directly over the WAN. Good point!
 
I saw you had something like this to force the ping go through tun interface.

ping -I $TUN -q -c 1 -W 2 $PINGHOST &> /dev/null
Sorry, I should have been clearer in my reply. My concern was that @Kal1975 didn't specify the command used to run the ping. So as a first step, I wanted to point out that the default is for it to run using the WAN. Using "-I iface" will allow one to test a particular interface. https://ss64.com/osx/ping.html
 
Sorry, I should have been clearer in my reply. My concern was that @Kal1975 didn't specify the command used to run the ping. So as a first step, I wanted to point out that the default is for it to run using the WAN. Using "-I iface" will allow one to test a particular interface. https://ss64.com/osx/ping.html
Ah, my bad, I did not see the full context. I used to ping 1.1.1.1 in my watchdog but find it intermittent few times due to cloudflare issue. After add google 8.8.8.8 in the watchdog, it has been reliable.
 
OK... sounds like I need to some error checking during the config process... so when you just press enter on a line that's expecting input, I'll assume that the default value is being asked for. I'll work on that!



Could you make sure you entered the correct NordVPN country name, and check to see how it's listed in the contents of your /jffs/addons/vpnmon-r2.d/vpnmon-r2.cfg file? Feel free to post it so I can take a look at it. Also, check in your /jffs/scripts folder... if you see a NordVPN.txt file, delete it, and see if that makes it work? It's either blank, or the country might be spelled wrong?
Thanks. I have the impression with default values stated, an enter will means to take the default value.
You are right. I must have some typo in the country. I delete the blank NordVPN.txt file and try again. It is running now.
 
Thanks. I have the impression with default values stated, an enter will means to take the default value.
You are right. I must have some typo in the country. I delete the blank NordVPN.txt file and try again. It is running now.
Glad to hear! Yeah, I have a working version now that takes the default value after hitting enter. Thanks for the suggestion - it's a good one! :)
 
OK. I don't think I used any interface when I tried a manual ping on the router. I think I saw it in the code but it didn't click. However, the behavior I described did happen. Browsing did not work on VPN connected devices but VPNMON showed all was OK.

It happens once in a while but it still is happening. I'll try ping over the VPN tunnel next time it happens.

As for the ipapi.co, I didn't look too much into that and wasn't clear on what it was used for. However, now that I know, I checked and I think I've figured out what the issue is. In the VPN client slot page, the address specified can also be a URL in the field:

Server Address and Port

It doesn't have to be an IP address, as is the case for my situation. That probably is done to handle the VPN provider changing server IP addresses. I looked at the nvram variables and I think the rip and not the addr variable should be used:

vpn_client$1_addr ---> vpn_client$1_rip

I think "rip" probably stands for Remote IP. This seemed to be the public IP address for the slot / active VPN when I had a look. That should solve the Undefined in my case and probably all cases.

PS: I was thinking a little more about this. Maybe this should be a configuration option. For example, you can set the description to anything like "New York - Gaming VPN" and another might be "Chicago - Netflix". It wouldn't be an Exit, though. I have "New York-JFK". This is helpful as the OpenVPN configuration file is named using the airport, JFK. I believe many VPN providers do that. In any case, just another thought...no biggie.

PPS: Another thing I noticed. Now, when using the RIP variable, it displays a city. However, it's not what I was expecting. For example, I see "Ashburn" instead of "Washington, DC". I think Ashburn is a suburb of DC but again, I was thinking it would say Washington DC. Just another observation.

Everyone has suggestions :)
 
Last edited:

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top