What's new

VPNMON VPNMON-R2 v2.52 -Mar 27, 2023- Monitor your VPN connection's Health (Thread locked/closed)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

LOL that's absolutely whacky. The routers don't go into hybernation mode around 01:00, do they?? :) There's got to be more to this!

As a workaround, if you continue seeing this, perhaps setting up a manual cron job that executes "vpnmon-r2 -reset" command at a specific time?
If it was only one router, I'd think it's something goofy with the router, but I have both an AX58 and an AX68, configured identically for VPNMON. And they _both_ did the same thing. It's definitely goofy :)

I'll keep an eye on it and post up. And keep looking in the logs to see if there is any info. Will setup a cron job if it keeps being an issue...
 
If it was only one router, I'd think it's something goofy with the router, but I have both an AX58 and an AX68, configured identically for VPNMON. And they _both_ did the same thing. It's definitely goofy :)

I'll keep an eye on it and post up. And keep looking in the logs to see if there is any info. Will setup a cron job if it keeps being an issue...
Yeah, definitely take a look at the syslogs as well around that 01:00 timeframe and see if anything stands out?
 
Hi Victor,
Is it possible to add your script on crontab ?
To automate the execution and not use dedicated computer with ssh on the router.
 
Hi Victor,
Is it possible to add your script on crontab ?
To automate the execution and not use dedicated computer with ssh on the router.
Hi @alisou... The whole idea of the script is to provide you visual feedback on what's happening with the VPN connection. If it's running in the background, I wouldn't have any idea what's going on. Having it run in the "screen" environment gives you more of the ability to set it and forget it/run in the background, while still being able to pull it up to see what's happening, so that seems to be a decent compromise? There's some guidance here if you're looking for instructions on how to automatically start the script after a reboot?

 
Hi @Viktor Jaep ,
Thank you for your job and excellent script.
I'm testing your script ( v2.41) on my : RT-AC88U (386.9).
I got the error message : bad number

==VPN1 Tunnel Active | || 92.072 ms || | Exit: CITY
[: bad number


For testing dual wan, I must enable DUAL WAN on ASUS (WAN - DUAL WAN - Enable Dual WAN) ?
 
Last edited:
Hi @Viktor Jaep ,
Thank you for your job and excellent script.
I'm testing your script ( v2.41) on my : RT-AC88U (386.9).
I got the error message : bad number

==VPN1 Tunnel Active | || 92.072 ms || | Exit: CITY
[: bad number


For testing dual wan, I must enable DUAL WAN on ASUS (WAN - DUAL WAN - Enable Dual WAN) ?
You're welcome, @alisou! Do you see that same error each time the countdown timer starts over? Have you tried hitting the "R" key, and seeing what happens when you connect to a new VPN server? Which VPN provider are you using?

When it comes to Dual-WAN questions, I would have to defer to @Ranger802004, and pointing you to this link below... I would highly recommend using this Dual-WAN-Failover script, because the Dual-WAN functionality on Asus isn't the best (or exactly functional)

 
Same error with "R".
I'm using my own openvpn infra.
The Dual WAN script didn't work on my routers (AC86U and AC68U).

I'm using since yesterday your script VPNMON and KILLMON on my router AC86U. For this moment working fine. I'm continue testing/monitoring ;)
 
Same error with "R".
I'm using my own openvpn infra.
The Dual WAN script didn't work on my routers (AC86U and AC68U).

I'm using since yesterday your script VPNMON and KILLMON on my router AC86U. For this moment working fine. I'm continue testing/monitoring ;)
OK... but it bugs me that you see this error... and that I can't replicate it. :(

Question - are you only using 1 VPN slot?
 
I'm using since yesterday your script VPNMON and KILLMON on my router AC86U. For this moment working fine. I'm continue testing/monitoring ;)

Also... if you're interested, I can send you a special version of VPNMON that you can run that will help me diagnose your particular issue? You'd need to send me back some screenshots & such. ;)
 
VPNMon works fine! Thank you! Really great work! I was looking for something like this for years, no joking.

Question: Will it work in the future with wireguard connections as well? Or maybe does it already?
At the moment I don't use wireguard, but would be interesting as Merlin already supports 5 wireguard VPNs. For now I m happy with Open VPN.
Thanks
 
VPNMon works fine! Thank you! Really great work! I was looking for something like this for years, no joking.
Glad you're enjoying it! ;)
Question: Will it work in the future with wireguard connections as well? Or maybe does it already?
At the moment I don't use wireguard, but would be interesting as Merlin already supports 5 wireguard VPNs. For now I m happy with Open VPN.
Thanks
It currently doesn't work with Wireguard yet, as it is still a fairly new feature. I have it on my roadmap, and will be experimenting with it in the near future to see how it works, and what can be done to bring this functionality into VPNMON. Same - happy with OpenVPN as well right now too. ;)
 
@Viktor Jaep - I got to Istanbul last night and am having trouble with the script. If you have some ideas to help troubleshoot and develop a way to get the script working again, I'd appreciate it.

Let me give you what I know, and we can go from there.
  • As you may recall, I use Nord's SmartDNS service. I must register my public IP address with Nord before using their DNS servers. So, as soon as I got here, I tried going to https://my.nordaccount.com/dashboard/nordvpn/ to record the public IP from the Airbnb's cable modem without using a software VPN.
  • That page either doesn't load or is so slow that it times out. I had to use the software VPN on my laptop to connect, load the page, then turn off the VPN to register the public IP.
  • That brings us to your script and this error:
  • 1679487103264.png
  • If I use vpnmgr directly, it will take a while to get a VPN server to connect to, but it finally happens, and I can use the VPN. However, if I try to use your script to monitor the connections and switch automatically, it eventually dies, and nothing works.
Here's everything in the log file from the moment we arrived and I turned the router on:
Less:
Tue Mar 21 17:27:08 BRT 2023 - VPNMON-R2 - API call made to update WAN0 city to Istanbul
Tue Mar 21 17:33:40 BRT 2023 - VPNMON-R2 - API call made to update WAN0 city to Istanbul
Tue Mar 21 17:58:00 BRT 2023 - VPNMON-R2 ----------> INFO: Executing VPN Reset via Commandline Switch
Tue Mar 21 17:58:00 BRT 2023 - VPNMON-R2 - Executing VPN Reset
Tue Mar 21 17:58:07 BRT 2023 - VPNMON-R2 - Killed all VPN Client Connections
Tue Mar 21 18:03:51 BRT 2023 - VPNMON-R2 ----------> INFO: Executing VPN Reset via Commandline Switch
Tue Mar 21 18:03:51 BRT 2023 - VPNMON-R2 - Executing VPN Reset
Tue Mar 21 18:03:58 BRT 2023 - VPNMON-R2 - Killed all VPN Client Connections
Tue Mar 21 18:05:23 BRT 2023 - VPNMON-R2 ----------> ERROR: Unable to reach NordVPN API!
Tue Mar 21 18:05:24 BRT 2023 - VPNMON-R2 ----------> ERROR: NordVPN.txt VPN Server list is blank! Skipping Skynet Firewall import.
Tue Mar 21 18:05:25 BRT 2023 - VPNMON-R2 ----------> ERROR: NordVPNRS.txt recommended servers list is blank!
Tue Mar 21 18:06:28 BRT 2023 - VPNMON-R2 - Successfully downloaded VPNMON-R2 v2.41
Tue Mar 21 18:06:48 BRT 2023 - VPNMON-R2 - Successfully wrote a new config file
Tue Mar 21 18:07:36 BRT 2023 - VPNMON-R2 - API call made to update WAN0 city to Istanbul
Tue Mar 21 18:11:04 BRT 2023 - VPNMON-R2 - API call made to update WAN0 city to Istanbul
Tue Mar 21 18:11:06 BRT 2023 - VPNMON-R2 - API call made to update VPN city to New York
Wed Mar 22 04:57:16 BRT 2023 - VPNMON-R2 - API call made to update WAN0 city to Istanbul
Wed Mar 22 04:57:20 BRT 2023 - VPNMON-R2 - API call made to update VPN city to New York
Wed Mar 22 04:58:13 BRT 2023 - VPNMON-R2 ----------> INFO: Executing VPN Reset via Commandline Switch
Wed Mar 22 04:58:13 BRT 2023 - VPNMON-R2 - Executing VPN Reset
Wed Mar 22 04:58:20 BRT 2023 - VPNMON-R2 - Killed all VPN Client Connections
Wed Mar 22 05:03:29 BRT 2023 - VPNMON-R2 - API call made to update WAN0 city to Istanbul
 
@Viktor Jaep - I got to Istanbul last night and am having trouble with the script. If you have some ideas to help troubleshoot and develop a way to get the script working again, I'd appreciate it.
So apparently Turkey is notorious for blocking VPN providers... :(

To me, it looks like a resolution issue... they are blocking you from resolving the NordVPN api URL. What do you have your WAN DNS configured to? I would recommend making sure it's working solid with Quad9 DoT (or another secure DNS service that isn't being blocked in Turkey?), and seeing what happens then?
 
So apparently Turkey is notorious for blocking VPN providers... :(

To me, it looks like a resolution issue... they are blocking you from resolving the NordVPN api URL. What do you have your WAN DNS configured to? I would recommend making sure it's working solid with Quad9 DoT (or another secure DNS service that isn't being blocked in Turkey?), and seeing what happens then?
My WAN DNS uses the Nord SmartDNS servers:
1679492876603.png


vpnmgr seems to get updated servers eventually and can check the server load, so it seems like something is different about how each tool uses the Nord API.

 
My WAN DNS uses the Nord SmartDNS servers: View attachment 48745

vpnmgr seems to get updated servers eventually and can check the server load, so it seems like something is different about how each tool uses the Nord API.

His code...

Code:
getServerLoad(){
    curlstring="https://api.nordvpn.com/server/stats/"
    serverhostname="$(echo "$1" | cut -f2 -d ' ' | tr "A-Z" "a-z").nordvpn.com"
    /usr/sbin/curl -fsL --retry 3 "$curlstring$serverhostname" | jq -r -e '.percent // "Unknown"'

My code...

Code:
  while [ $loadcount -ne 60 ]
          do
            loadcount=$(($loadcount+1))
            VPNLOAD="curl --silent --retry 3 https://api.nordvpn.com/v1/servers?limit=16384 | jq '.[] | select(.station == \"$VPNIP\") | .load' 2>&1"
            VPNLOAD="$(eval $VPNLOAD 2>/dev/null)"; if echo $VPNLOAD | grep -qoE '\berror.*\b'; then VPNLOAD=0; printf "${CRed}\r [API Error Occurred... retrying $loadcount/60]           "; sleep 1; fi

Slightly different methods, but they both work... but the error you're getting definitely means that it's not getting any results from the URL/query it's trying to run... which could point to a resolution issue.

That's why I'm saying, turn off all the bells & whistles, and go back to basics to figure out where they potential block is coming from? Instead of hooking this up to a cable modem, can you try hooking the WAN up to a cellphone (using a USB cable), and seeing if you get the same results from that?
 
This is interesting. I was looking through both files and found exactly what you wrote:
His code...

Code:
getServerLoad(){
    curlstring="https://api.nordvpn.com/server/stats/"
    serverhostname="$(echo "$1" | cut -f2 -d ' ' | tr "A-Z" "a-z").nordvpn.com"
    /usr/sbin/curl -fsL --retry 3 "$curlstring$serverhostname" | jq -r -e '.percent // "Unknown"'

My code...

Code:
  while [ $loadcount -ne 60 ]
          do
            loadcount=$(($loadcount+1))
            VPNLOAD="curl --silent --retry 3 https://api.nordvpn.com/v1/servers?limit=16384 | jq '.[] | select(.station == \"$VPNIP\") | .load' 2>&1"
            VPNLOAD="$(eval $VPNLOAD 2>/dev/null)"; if echo $VPNLOAD | grep -qoE '\berror.*\b'; then VPNLOAD=0; printf "${CRed}\r [API Error Occurred... retrying $loadcount/60]           "; sleep 1; fi

Slightly different methods, but they both work... but the error you're getting definitely means that it's not getting any results from the URL/query it's trying to run...
So I tried loading that link from my browser and it worked (that's using a US VPN from Nord via vpnmgr).

Then, I tried curling from the router and it also worked.
It's still outputting to the screen, but here it is:
1679494454245.png
 
This is interesting. I was looking through both files and found exactly what you wrote:

So I tried loading that link from my browser and it worked (that's using a US VPN from Nord via vpnmgr).

Then, I tried curling from the router and it also worked.
It's still outputting to the screen, but here it is:
If you know your VPN IP... try inserting it in this?

Code:
curl --silent --retry 3 https://api.nordvpn.com/v1/servers?limit=16384 | jq '.[] | select(.station == \"$VPNIP\") | .load'
 
Will do. I had just tracked that down and was trying to determine where $VPNIP is assigned. That led me to VPNIP=$($timeoutcmd$timeoutsec nvram get vpn_client$1_addr).

I ran that command (without the timeouts) manually and got this IP: 87.249.139.110 Because $1 resolved to nothing. If I use vpn_client2_addr, it works correctly.

However, that is not the IP of my VPN:
1679495509613.png
I'll run the command now, but I wanted to share that first.
 
Last edited:
I got an error about Unix shell quoting issues. I even removed the quotes and typed them back in:
1679495834727.png
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top