RaspBerry Pi 2 and AirVPN client problem

[babiole 1]

Hello,

 

It seems AirVPN client is not compatible with standard RPi2 Debian. After install it's not possible to launch AirVVPN client, it just closes.

 

Log: http://pastebin.com/N4sxfg2v

 

Mono version:

 

Mono JIT compiler version 3.2.8 (Debian 3.2.8+dfsg-10)

Copyright © 2002-2014 Novell, Inc, Xamarin Inc and Contributors. www.mono-project.com

TLS:           __thread

SIGSEGV:       normal

Notifications: epoll

Architecture:  armel,vfp+hard

Disabled:      none

Misc:          softdebug 

LLVM:          supported, not enabled.

GC:            sgen

[zhang888 1066]

Currently x86 platforms only.

[babiole 1]

Could you clarify your answer a bit? Does this problem is only with 32-bit AirVPN client?

[babiole 1]

Any suggestions or tutorials how to setup OpenVPN + AirVPN on RPi2?

[OpenSourcerer 1435]

As already stated, Raspberry Pis are running with ARM CPUs and the AirVPN client doesn't support them. But you can run standalone OpenVPN via Terminal for example.

[11647 1]

This may or may not be a possible solution for Raspberry Pi owners to try: ExaGear

[babiole 1]

ExaGear is not an option.

 

Can anyone help with network lock via iptables. I have set iptables rules like it is shown here https://airvpn.org/topic/9139-prevent-leaks-with-linux-iptables/ (Linux edition).

 

Whenever I do this, OpenVPN fails to start:

 

 

write UDPv4: Operation not permitted (code=1)

 

 

Can anyone help a little bit?

[johndoe_01 3]

 

ExaGear is not an option.

 

Can anyone help with network lock via iptables. I have set iptables rules like it is shown here https://airvpn.org/topic/9139-prevent-leaks-with-linux-iptables/ (Linux edition).

 

Whenever I do this, OpenVPN fails to start:

 

 

write UDPv4: Operation not permitted (code=1)

 

 

Can anyone help a little bit?

Maybe here's a solution ? https://bbs.archlinux.org/viewtopic.php?id=210534

[babiole 1]

No, it's not working. I'am giving up, it's useless.

[frnckdsrt 0]

Look at my post in this topic, I managed it.

 

https://airvpn.org/topic/16528-raspberry-pi-2-raspbian-jessie/

[airvpnclient 13]

I have it running on a headless RPi.  My setup works well, though am working on an occasional stubborn disconnect issue that I am working to debug.

 

For RPi I keep it simple  and use a little cheat -- I install the client on a linux desktop and then port the openvpn configuration files over to the lan-connected RPi using scp or the venerable "midnight commander".

 

From my recollection here are the steps I used:

 

1. install openvpn from standard repository on the pi

 

$ sudo apt-get install openvpn

 

2. Copy the config from the eddie client machine (my dual-boot laptop)  to the /etc/openvpn directory on the RPi -- this directory belongs to the root user so you need root privileges on your RPI to copy it there

 

4. start openvpn on the RPi using invocation of your choice (OS dependent).  I am on a Debian8 OS so use SystemD methods.

 

$ sudo systemctl start openvpn.service 

 

and once I am content that all is well, make it run as a service by using:

 

$ sudo systemctl enable openvpn.service

 

Assuming that all worked you should have a tunnel that you can see using:

 

$sudo ifconfig

 

The config files from the laptop should have taken care of DNS leaks using the ifup/down scripts in the /etc/openvpn directory, but you still need to set up a firewall to protect you when the tunnel drops unexpectedly (as it will due to line noise and other normal circumstances)

 

To get the firewall rules from the laptop to the RPi follow the instructions here: 

 

https://airvpn.org/external_link/?url=https%3A%2F%2Fwww.digitalocean.com%2Fcommunity%2Ftutorials%2Fhow-to-migrate-iptables-firewall-rules-to-a-new-server

 

Once you have these rules ported and running, make sure you install netfilter-persistent if you want the firewall up automatically after every reboot.

 

Voila!

 

These instructions come with a YOYMF warranty -- aka your mileage may vary.

[OpenSourcerer 1435]

RPi's version of OpenVPN is so old, last time I installed it it was 2.3.2 or something I recommend adding the official APT repo.

[zhang888 1066]

RPi's version of OpenVPN is so old, last time I installed it it was 2.3.2 or something I recommend adding the official APT repo.

 

This actually depends on the distro you have on your RPI. If you run Raspbian the version will be the same as the one in Debian.

OpenVPN apt repo does not contain packages for arm. So that won't be too much helpful for RPI users

 

To get the latest version, you can add it from the sid repository for example, which includes arm64 builds:

https://packages.debian.org/sid/openvpn

[airvpnclient 13]

I use latest stable debian with version

2.3.4-5

[OpenSourcerer 1435]

 

RPi's version of OpenVPN is so old, last time I installed it it was 2.3.2 or something I recommend adding the official APT repo.

 

This actually depends on the distro you have on your RPI. If you run Raspbian the version will be the same as the one in Debian.

OpenVPN apt repo does not contain packages for arm. So that won't be too much helpful for RPI users

 

To get the latest version, you can add it from the sid repository for example, which includes arm64 builds:

https://packages.debian.org/sid/openvpn

 

I could have sworn I installed it on RPi through APT.. but then I checked the version and remembered, it was on my Linux-Netbook.. -.-

So, yeah, 2.3.4 is the most recent in Raspbian repo.

[airvpnclient 13]

 

RPi's version of OpenVPN is so old, last time I installed it it was 2.3.2 or something I recommend adding the official APT repo.

 

This actually depends on the distro you have on your RPI. If you run Raspbian the version will be the same as the one in Debian.

OpenVPN apt repo does not contain packages for arm. So that won't be too much helpful for RPI users

 

To get the latest version, you can add it from the sid repository for example, which includes arm64 builds:

https://packages.debian.org/sid/openvpn

Actually Jessie is latest stable and has openvpn so I just

$ sudo apt-get install openvpn

OR (for the purists in the audience)

 

$ sudo aptitude install openvpn

[airvpnclient 13]

Spoke too soon -- I see what you are saying  Debian sid (unstable) has the more up to date

2.3.11-2 version of openvpn  

[airvpnclient 13]

But Debian expressly recommends not mixing stable and unstable packages.  I may take the risk but will do it mindfully taking note of the advice here:

 

https://linuxaria.com/howto/how-to-install-a-single-package-from-debian-sid-or-debian-testing

[airvpnclient 13]

Well it turns out I didn't even follow my own instructions and that is what is giving me grief.  The client on my laptop doesn't have a "conf" file in the /etc/openvpn directory, since AirVPN uses an XML configuration file.  That includes a not of interesting information including my airvpn password in plaintext, since I choose to have it remembered.

 

So the cheat from the laptop is only really useful for porting iptables config.

 

I do get the DNS scripts though and put them in the /etc/openvpn directory so they can be called by my config (see following).

 

After some futzing-about, I made a few config changes that I hope will have me sorted.  Find following the directives (but not the certs from the AirVPN.conf file I use on my RPi boxen (this one with "persist-tun" commented out and another not (for comparison to see if it impacts connectivity).

 

client
dev tun
proto tcp
remote ca.vpn.airdns.org 443
resolv-retry infinite
nobind
persist-key
#persist-tun
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
route-delay 5
log-append /var/log/openvpn.log
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf 
verb 4
<ca>
-----BEGIN CERTIFICATE----- 

...

[air_is_nice 3]

I don't understand this thread anymore. So, can you run Eddie on the raspberry pi or not?

[OpenSourcerer 1435]

Eddie, no.

OpenVPN, yes.