NordVPN on Ubuntu Touch
-
@ToxyPoxy Hello
This may help you. Or maybe you knew. -
I downloaded ovpn files from the link.
Dividing ovpn file into CA certificate and TLS key file
and Using VPN editor I could established VPN connection.But somehow after establishing connection name resolving
doesn't work and my Nexus5 can't go anywhere.
I did the same about ProtonVPN and the result is the same.
On my Ubuntu Desktop, Using Network Manager all works fine
both ProtonVPN and NordVPN.I hope this may help you.
-
@Code_Gaug me neither, I've got the .ovpn file but I can't find all the information is in the tutorial that Lakotaubp links.
Are you trying with tcp or udp?
I'll try it later again. -
@uzanto I'm trying with udp.
Connection itself seems to be OK.
So problem of name resolving may be caused by other reason.
But I wonder UT's VPN setting has no DNS settings
like Network Manager of Ubuntu Desktop.I wonder how is DNS information given to Phone
and there is no /etc/resolv.conf on UT,Thank you.
-
-
@Code_Gaug You can download the certificates, so no need to take them from your ovpn file:
https://downloads.nordcdn.com/configs/archives/certificates/servers.zipAlso, if you go to the nordvpn.com page and you see "protected" at the beginning of the page, the vpn setup worked.
-
@Seba I couldn't have found this link.
This is what I've looking for.
Anyway I'll try this later.
Thank you so much. -
@Code_Gaug Yes, the link is hidden on the page, I found it in a description of how to set up a router on the nordvpn.com website. Hope it helps
-
@Seba I gave a try to connect but the result was the same.
VPN connection seems to be activated like a picture I uploaded before
but my nexus5 can't go anywhere.Web Browser shows
'Error: net::ERR_NAME_RESOLUTION_FAILED’
This is exactly the same result as I got before.Thank you Seba.
You must be right.
I'm sure something else is wrong with my Nexus5.
I have no idea why my Nexus5 get to be disable to resolve name when
VPN is on. When VPN is off it can access to NordVPN page without
any problem. -
It doesn't work for me, no matter the cert I use if you make it work just let me know @Code_Gaug
-
@uzanto I'm sorry I can't explain what is happening well.
While VPN is ON the result of 'ip route' shows that tun0 interface is created and up. And the button's color of VPN Tool turns into green.
Doesn't this mean VPN connection is established successfully? -
-
I think I might be having a similar issue with my openvpn connect (not to nordvpn). On my nexus 5 the vpn works fine on wifi and cell service. On my nexus 7 and pinphone using the same keys, certs and settings the vpn connects fine and the routes update but I can't get to the internet. Only difference I saw was that on the nexus 5 (the working connection) the first "default via" entry was for my local router and the second was for the vpn's internal address but on the other devices they were switched around.
The only time I've noticed the nexus 5 not working is if I set up the vpn and the let the phone go to sleep. When I start it back up sometimes I don't have internet access until I turn the vpn connection off and on again.
I'll play around and see if I can spot what's different between them.
-
Considering something is wrong with my Nexus5's system and tryng it again from the beggining I flashed my Nexus5. All things I did before I tried to connect VPN are only to make sshd enable. To get straight to the point, I got the same result. VPN connection is established but name resolutuion doesn't work.
I compared state of networks between Ubuntu Desktop 18.04 LTS and Ubuntu Touch OTA-12.
Note that both of them are on the same local network xx.yy.204.0/24.First, Ubuntu Desktop 18.04 TLS.
Vpn configuration is set by Network-Manager-Gnome(GUI).
It's very easy to configure and works perfectly.( VPN OFF )
$ ip route show default via xx.yy.204.254 dev wlp3s0 proto dhcp metric 600 169.254.0.0/16 dev wlp3s0 scope link metric 1000 xx.yy.204.0/24 dev wlp3s0 proto kernel scope link src xx.yy.204.107 metric 600( VPN ON )
$ ip route show default via 10.8.2.1 dev tun0 proto static metric 50 default via xx.yy.204.254 dev wlp3s0 proto dhcp metric 600 10.8.2.0/24 dev tun0 proto kernel scope link src 10.8.2.8 metric 50 169.254.0.0/16 dev wlp3s0 scope link metric 1000 xx.yy.204.0/24 dev wlp3s0 proto kernel scope link src xx.yy.204.107 metric 600 xx.yy.204.254 dev wlp3s0 proto static scope link metric 600 212.102.51.212 via xx.yy.204.254 dev wlp3s0 proto static metric 600 $ ping -c1 10.8.2.8 PING 10.8.2.8 (10.8.2.8) 56(84) bytes of data. 64 bytes from 10.8.2.8: icmp_seq=1 ttl=64 time=0.073 ms --- 10.8.2.8 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.073/0.073/0.073/0.000 ms $ ping -c1 10.8.2.1 PING 10.8.2.1 (10.8.2.1) 56(84) bytes of data. 64 bytes from 10.8.2.1: icmp_seq=1 ttl=64 time=11.7 ms --- 10.8.2.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 11.706/11.706/11.706/0.000 ms $ ping -c1 212.102.51.212 PING 212.102.51.212 (212.102.51.212) 56(84) bytes of data. 64 bytes from 212.102.51.212: icmp_seq=1 ttl=58 time=9.18 ms --- 212.102.51.212 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 9.186/9.186/9.186/0.000 msSecond, Ubuntu Touch OTA-12.
Vpn configuration is set by VPN Tool(GUI).
Client and TLS Certification files are ported from Ubuntu Desktop I mension above.( VPN OFF )
§ ip route show default via xx.yy.204.254 dev wlan0 proto static metric 600 xx.yy.204.0/24 dev wlan0 proto kernel scope link src xx.yy.204.249 metric 600( VPN ON )
§ ip route show default via 10.8.0.1 dev tun0 proto static metric 50 default via xx.yy.204.254 dev wlan0 proto static metric 600 10.8.0.0/24 dev tun0 proto kernel scope link src 10.8.0.4 metric 50 xx.yy.204.0/24 dev wlan0 proto kernel scope link src xx.yy.204.249 metric 600 212.102.51.212 via xx.yy.204.254 dev wlan0 proto static metric 600 § ping -c1 10.8.0.4 PING 10.8.0.4 (10.8.0.4) 56(84) bytes of data. 64 bytes from 10.8.0.4: icmp_seq=1 ttl=64 time=0.117 ms --- 10.8.0.4 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.117/0.117/0.117/0.000 ms § ping -c1 10.8.0.1 PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data. --- 10.8.0.1 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms § ping -c1 212.102.51.212 PING 212.102.51.212 (212.102.51.212) 56(84) bytes of data. 64 bytes from 212.102.51.212: icmp_seq=1 ttl=58 time=11.2 ms --- 212.102.51.212 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 11.278/11.278/11.278/0.000 msI don't know what makes the difference betweem them.
Do I make big mistake?
What do I have to do next? -
@ToxyPoxy I'm very sorry that I've been hi-jacked your subject for a long time.
At last vpn connection works!I use client/tls certification files which is created by Network-Manager-Gnome client on Ubuntu Desktop.
Network-Manager-Gnome client automatically crates these files in '~/.cert/nm-openvpn' directory when you import ovpn file downloaded from Nordvpn's web site.
When I looked into the contents of ovpn file it said like this.comp-lzo no
So when I configured VPN tool on UT I didn't put a check on 'USE LZO data compression'.
But last night I found this warning from '/var/log/syslog'.ubuntu-phablet nm-openvpn[13678]: WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'Putting a check on 'USE LZO data compression' solve the problem. NordVPN's home page tells me the connection is safe.
Network-Manager-Gnome client automatically sets all items in setting form as written in ovpn file, I set VPN tool on UT as Network-Manager-Gnome client did.
I think this is the easiest way to setup NordVPN connection. This works for ProtonVPN's setting as well.I hope this helps you.
Thank you. -
@Code_Gaug That´s what it´s for! Good work by the way! Just received my Pinephone UB.E. yesterday so I am enjoying that one for the moment.
-
This is exactly the same as I experienced.
-
@Code_Gaug On seeing your post I was relieved because I thought this might allow me for the first time over several attempts ever since my first use of Ubuntu Touch to use my Premiumize VPN connection. But unfortunately it doesn't, not even enabling LCO data compression will help. In sheer frustration and desperation, I am resorting to sharing my OVPN file for one of the connections to see if anyone can help guide me into doing this. The inability to import the file into the UT VPN editor is proving a hindrance, despite my best efforts to import the particulars by manually choosing the settings. Is there something about the way Premiumize configures their VPN settings which precludes them from being used as a VPN with Ubuntu Touch? I don't know. Try to help me out here please, I don't know how to fix it and I need some advice. A step by step guide to the settings given the information I am about to provide would be optimal; I will soon follow up with another post to include some screenshots of the UT VPN editor with the particulars (e.g. username, password) blurred out.
I'll preface this by saying that the certificate has been completely scrambled for the sake of sharing this, so that nobody else can use the certificate for their own means but they can only help troubleshoot. I believe this is the only uniquely identifying information in the .ovpn file but please point out for me if I'm mistaken. I have used both the .ovpn file and the equivalent settings in Ubuntu 18.04 x86's VPN utility which were set when importing the .ovpn file for that system to try to set it up for Ubuntu Touch. Here is the text content of the file:
remote vpn-ca.premiumize.me
verify-x509-name CN=vpn-ca.premiumize.me
auth-user-pass
client
dev tun
proto udp
cipher AES-256-CBC
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
<ca>
-----BEGIN CERTIFICATE-----
bTkSSRcxdOLwRgWAIMVKglkwcVDuxwZAdORsYXAZcMHwRBmYWR9YxB8F/FT1w5g0zC/qtJGF8oCbdTi/SK7YICB/EZMwNQW4VxELzbOLHpLQYygQebZXI/jxcUKKNRnSXgdK2C6rIgJMrlfz6lzCzMU4wxDoE7AFAgZE7XApBTGj5tIRDWIOBJbBeqe1wlw9mjSIuBA6Dc9NqEzMFJ8jiduhIuCwELXaXcEDWRji5g/r+SBbEuKwORTAUCSACIOnbPcoQDZ/m5VRiZCQ02tu3TaQJ3DdlLCBOH/SwLmCTQ/ArbYAPxRAQYNTcgHMMZVQIBT6ug9giMADoIsMg+BCAdnNAqNAQJi9EPS8vj4Rh9VyjUchj2Hd1cfDZxY7t2G+Cm9ix9BaxoWD3xu0gp2rMskKMEK8ErMWfN5CEVeBcLCF2XMDLWB2acjkbVyXFQY+moO3XyDzVBJw7hHLn6vADw4BcDIDZEqAOa7veVVYWy/SiIrFRICNkb7uwvfs7QH0IYAQm4NjUtCD6AIxLocVKoUt1
0amliPEvBdYAcel3nYXMoC20KfGBdMWDh7tWCPoQcjwBMzMbx9jhGEKhRzqOmzacpNjnSylV7EkVyF9Qk7UQ4AB7IRGcDUBQTDCwBXxwu5NFBX8QNCYiH0UbMXJ0pvgK+SBDZE4lUDZ5vx3QcUoHGIQzLR5wokskBtApBmXgMqHS8+E8K9l6PXAP29mRY1GwqroQEaCGbMENST0SeMdQOf9TxiOMFhnrD+wRQ3A+4o9MzgEGDQqOIUuIHgAdB1smkzmO1dIuwJuLBqJrAKDDjIqsAK450Nh3NhXcDQQz3bRn9Xg3dyNWwhFzH2XGUD+CtIxQtgTugVwssByqCQDDAARi7LwEfMmygwao2pNUu4bShQkNgayqImDBoi3rZ0AQ18faTgYBYANRD5/AqFZ4OyBz9YEVaja9EZL3DQyBBvMkYDxTXdMDGxaGQOC9IHAMdkHNAaU1MfawAjMa0AQ0BMFAX4lA+UMNyUMJgAI2CW8I6Z55bvAMJ/pgImk+6DbyWRVubSeoq1zomjgkPBDHEbqlAxgy8biJ17cZ66aJUAGuaGTmA+GDudE6EQYzgDF1lbR8ZwYQnVdYG81
-----END CERTIFICATE-----
</ca>
verb 3
reneg-sec 0 -
Here are the screenshots:
Note that on this second one the file in the ~/.cert/nm-openvpn directory was initially of .pem type rather than .crt type. I renamed the end of the file to .crt to see if that would help, but alas, still nothing.
If it would help, I could also include screenshots of the OpenVPN settings on Ubuntu 18.04 for a 1:1 comparison. If anyone would like to see them, please ask.
-
perhaps you can test the ovpn out via the command line, i forgot the syntax but it should be fairly simple to use. if that works we can figure out what setting is missing in the configs
