Jump to content
Not connected, Your IP: 3.235.137.159
Sign in to follow this  
bm9vbmUK

Best setup for a Raspberry Pi?

Recommended Posts

Hello everyone,

 

I've been an AirVPN customer for about a year now and absolutely love it for many reasons. The only issue I really have is Raspberry Pi support. I just got an RPi3 a few weeks ago and want to set it up as a media server/P2P box. This makes a stable VPN connection with a network lock an absolute necessity.

 

From what I've read here, Eddie is not and probably will never be supported on any Raspberry Pi. I can understand that's a relatively small concern for Air considering the limited use compared to OSX, Linux, and Windows, so I'm not going to complain too much. I will say that it's really a bummer as I love Eddie and it's always running on my PC.

 

So far, I've had to settle by running openvpn with a config file from the terminal (I should mention i'm running Raspbian) with Firestarter as a kill-switch. The problem is I can rarely stay connected for more than 12 hours. This may be due to my internet connection, or a problem with one of Air's servers, but it's a problem either way. This means every day, usually more than once a day, I have to plug my RPi into my TV (or SSH into it) to kill my P2P client, restart openvpn, and restart the firewall. This really isn't the seamless P2P/media center experience I was looking for. 

 

I've done a fair amount of searching and can't come up with anything. I was thinking about trying the Debain network manager, but I see that it is not recommended for security reasons, and I'm not sure it would solve my problem anyway. If anyone has any suggestions, I'm open to try just about anything as I really wan't to get this up and running. I'm even open to trying out a different OS for the pi if anyone thinks it will make a difference.

 

Worst case scenario, I will try to write up something that does all of this manually. In that case I think my main problem would be detecting when the vpn connection goes down. If anyone knows of a good way to do that (i'll be using Java to make it), please let me know.

 

This post got much longer than I had planned. Thanks for taking the time to read it and helping me out

Share this post


Link to post

First, you might want to look at this interesting project:

https://airvpn.org/topic/17291-fruho-new-nix-openvpn-gui-with-multiple-provider-support/

 

 

This isn't really clear from your question, to me at least, what is your issue. Is that the

disconnects or the kill-switch?

Since the kill-switch can be solved in most cases with a single permanent solution, and for

the disconnects you have to post your OpenVPN logs in order to determine where does

this come from. Most likely it is your ISP or bad wireless signal, or both.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

Thank you very much for the link! I will check that out and report back if it works. Essentially my problem is that there's no automatic reconnect without using Eddie. It's not uncommon for my home internet to go out for a minute or two, and with Eddie that's no problem, but when connecting via terminal my connection is dead until I restart it manually. Because I'm running a headless server, this is an extreme inconvenience.

 

I'm not trying to troubleshoot my connection. I'm trying to figure out how to setup an automatic reconnect like Eddie has.

 

First, you might want to look at this interesting project:

https://airvpn.org/topic/17291-fruho-new-nix-openvpn-gui-with-multiple-provider-support/

 

 

This isn't really clear from your question, to me at least, what is your issue. Is that the

disconnects or the kill-switch?

Since the kill-switch can be solved in most cases with a single permanent solution, and for

the disconnects you have to post your OpenVPN logs in order to determine where does

this come from. Most likely it is your ISP or bad wireless signal, or both.

Share this post


Link to post

OpenVPN is supposed to reconnect automatically in case of connectivity loss.

Together with a properly configured network lock, you should not have any issues

(like traffic leaks) when your VPN is off.

 

If you wish to troubleshoot these steps, you are welcome to post the connection

logs and your client config.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

I am using this tutorial as a network lock --> https://airvpn.org/topic/5586-prevent-leaks-with-linux-firestarter-also-stop-traffic-when-vpn-drops/ This works great, but it doesn't allow the vpn to try to reconnect (as per the author's comment). This is the only guide that I can find that will successfully run on the RPi so that's my problem. I have to manually kill the firewall to reconnect. Hopefully that clarifies my problem

Share this post


Link to post

I've been running RPI2 with openvpn for many years, no problems with vpn reconnecting.

 

For network lock I just remove the 0.0.0.0 netmask for the default gateway from the iptables,  i add it back when openvpn is shut down. I add these entries to the .ovpn file to run this when openvpn starts/stops

 

<< this goes in .ovpn>

script-security 2
route-up route-up.sh
down-pre down down.sh

 

and these are my scripts which reside in /etc/openvpn where 192.168.1.254 is my default gateway in my setup, each router models default is different.

 

$ cat route-up.sh
#!/bin/sh
while ! route -n | grep "128.0.0.0";do
    sleep 2
done
sudo /sbin/route del -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.1.254

$ cat down.sh
#!/bin/sh
sudo /sbin/route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.1.254 2>/dev/null

 

If required you can add stop | start commands  for your P2P software in the scripts.

 

Something extra I do with the .ovpn files is when i generate them I use the resolve option to get the ip, had some issues in the past where it wouldn't resolve and openvpn would keep re-trying and fail in an infinite loop.

 

hope this helps

 

Regards,

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...