• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
UBports Robot Logo UBports Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

NordVPN on Ubuntu Touch

Scheduled Pinned Locked Moved Support
39 Posts 10 Posters 9.1k Views 2 Watching
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C Offline
      Code_Gaug @uzanto
      last edited by 13 Jul 2020, 23:59

      @uzanto I'm sorry I can't explain what is happening well.

      While VPN is ON the result of 'ip route' shows that tun0 interface is created and up. And the button's color of VPN Tool turns into green.
      Doesn't this mean VPN connection is established successfully?

      1 Reply Last reply Reply Quote 1
      • C Offline
        Code_Gaug @uzanto
        last edited by 14 Jul 2020, 01:14

        @uzanto
        Screenshot_vpn_connection.png

        C 1 Reply Last reply 19 Jul 2020, 02:48 Reply Quote 1
        • M Offline
          mr_growl
          last edited by 16 Jul 2020, 06:26

          I think I might be having a similar issue with my openvpn connect (not to nordvpn). On my nexus 5 the vpn works fine on wifi and cell service. On my nexus 7 and pinphone using the same keys, certs and settings the vpn connects fine and the routes update but I can't get to the internet. Only difference I saw was that on the nexus 5 (the working connection) the first "default via" entry was for my local router and the second was for the vpn's internal address but on the other devices they were switched around.

          The only time I've noticed the nexus 5 not working is if I set up the vpn and the let the phone go to sleep. When I start it back up sometimes I don't have internet access until I turn the vpn connection off and on again.

          I'll play around and see if I can spot what's different between them.

          1 Reply Last reply Reply Quote 1
          • C Offline
            Code_Gaug @Code_Gaug
            last edited by 19 Jul 2020, 02:48

            Considering something is wrong with my Nexus5's system and tryng it again from the beggining I flashed my Nexus5. All things I did before I tried to connect VPN are only to make sshd enable. To get straight to the point, I got the same result. VPN connection is established but name resolutuion doesn't work.

            I compared state of networks between Ubuntu Desktop 18.04 LTS and Ubuntu Touch OTA-12.
            Note that both of them are on the same local network xx.yy.204.0/24.

            First, Ubuntu Desktop 18.04 TLS.
            Vpn configuration is set by Network-Manager-Gnome(GUI).
            It's very easy to configure and works perfectly.

            ( VPN OFF )

            $ ip route show
            default via xx.yy.204.254 dev wlp3s0 proto dhcp metric 600 
            169.254.0.0/16 dev wlp3s0 scope link metric 1000 
            xx.yy.204.0/24 dev wlp3s0 proto kernel scope link src xx.yy.204.107 metric 600
            

            ( VPN ON )

            $ ip route show
            default via 10.8.2.1 dev tun0 proto static metric 50 
            default via xx.yy.204.254 dev wlp3s0 proto dhcp metric 600 
            10.8.2.0/24 dev tun0 proto kernel scope link src 10.8.2.8 metric 50 
            169.254.0.0/16 dev wlp3s0 scope link metric 1000 
            xx.yy.204.0/24 dev wlp3s0 proto kernel scope link src xx.yy.204.107 metric 600 
            xx.yy.204.254 dev wlp3s0 proto static scope link metric 600 
            212.102.51.212 via xx.yy.204.254 dev wlp3s0 proto static metric 600 
            $ ping -c1 10.8.2.8
            PING 10.8.2.8 (10.8.2.8) 56(84) bytes of data.
            64 bytes from 10.8.2.8: icmp_seq=1 ttl=64 time=0.073 ms
            
            --- 10.8.2.8 ping statistics ---
            1 packets transmitted, 1 received, 0% packet loss, time 0ms
            rtt min/avg/max/mdev = 0.073/0.073/0.073/0.000 ms
            $ ping -c1 10.8.2.1
            PING 10.8.2.1 (10.8.2.1) 56(84) bytes of data.
            64 bytes from 10.8.2.1: icmp_seq=1 ttl=64 time=11.7 ms
            
            --- 10.8.2.1 ping statistics ---
            1 packets transmitted, 1 received, 0% packet loss, time 0ms
            rtt min/avg/max/mdev = 11.706/11.706/11.706/0.000 ms
            $ ping -c1 212.102.51.212
            PING 212.102.51.212 (212.102.51.212) 56(84) bytes of data.
            64 bytes from 212.102.51.212: icmp_seq=1 ttl=58 time=9.18 ms
            
            --- 212.102.51.212 ping statistics ---
            1 packets transmitted, 1 received, 0% packet loss, time 0ms
            rtt min/avg/max/mdev = 9.186/9.186/9.186/0.000 ms
            

            Second, Ubuntu Touch OTA-12.
            Vpn configuration is set by VPN Tool(GUI).
            Client and TLS Certification files are ported from Ubuntu Desktop I mension above.

            ( VPN OFF )

            § ip route show
            default via xx.yy.204.254 dev wlan0  proto static  metric 600 
            xx.yy.204.0/24 dev wlan0  proto kernel  scope link  src xx.yy.204.249  metric 600
            

            ( VPN ON )

            § ip route show
            default via 10.8.0.1 dev tun0  proto static  metric 50 
            default via xx.yy.204.254 dev wlan0  proto static  metric 600 
            10.8.0.0/24 dev tun0  proto kernel  scope link  src 10.8.0.4  metric 50 
            xx.yy.204.0/24 dev wlan0  proto kernel  scope link  src xx.yy.204.249  metric 600 
            212.102.51.212 via xx.yy.204.254 dev wlan0  proto static  metric 600 
            § ping -c1 10.8.0.4
            PING 10.8.0.4 (10.8.0.4) 56(84) bytes of data.
            64 bytes from 10.8.0.4: icmp_seq=1 ttl=64 time=0.117 ms
            
            --- 10.8.0.4 ping statistics ---
            1 packets transmitted, 1 received, 0% packet loss, time 0ms
            rtt min/avg/max/mdev = 0.117/0.117/0.117/0.000 ms
            § ping -c1 10.8.0.1
            PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data.
            
            --- 10.8.0.1 ping statistics ---
            1 packets transmitted, 0 received, 100% packet loss, time 0ms
            § ping -c1 212.102.51.212
            PING 212.102.51.212 (212.102.51.212) 56(84) bytes of data.
            64 bytes from 212.102.51.212: icmp_seq=1 ttl=58 time=11.2 ms
            
            --- 212.102.51.212 ping statistics ---
            1 packets transmitted, 1 received, 0% packet loss, time 0ms
            rtt min/avg/max/mdev = 11.278/11.278/11.278/0.000 ms
            

            I don't know what makes the difference betweem them.😧
            Do I make big mistake?
            What do I have to do next?

            1 Reply Last reply Reply Quote 1
            • C Offline
              Code_Gaug @ToxyPoxy
              last edited by 21 Jul 2020, 01:25

              @ToxyPoxy I'm very sorry that I've been hi-jacked your subject for a long time.
              At last vpn connection works!

              I use client/tls certification files which is created by Network-Manager-Gnome client on Ubuntu Desktop.
              Network-Manager-Gnome client automatically crates these files in '~/.cert/nm-openvpn' directory when you import ovpn file downloaded from Nordvpn's web site.
              When I looked into the contents of ovpn file it said like this.

              comp-lzo no

              So when I configured VPN tool on UT I didn't put a check on 'USE LZO data compression'.
              But last night I found this warning from '/var/log/syslog'.

              ubuntu-phablet nm-openvpn[13678]: WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
              

              Putting a check on 'USE LZO data compression' solve the problem. NordVPN's home page tells me the connection is safe.

              Network-Manager-Gnome client automatically sets all items in setting form as written in ovpn file, I set VPN tool on UT as Network-Manager-Gnome client did.
              I think this is the easiest way to setup NordVPN connection. This works for ProtonVPN's setting as well.

              I hope this helps you.
              Thank you.

              T T 2 Replies Last reply 21 Jul 2020, 05:16 Reply Quote 1
              • T Offline
                ToxyPoxy @Code_Gaug
                last edited by 21 Jul 2020, 05:16

                @Code_Gaug That´s what it´s for! Good work by the way! Just received my Pinephone UB.E. yesterday so I am enjoying that one for the moment. 👍

                C 1 Reply Last reply 22 Jul 2020, 23:50 Reply Quote 0
                • C Offline
                  Code_Gaug @ToxyPoxy
                  last edited by 22 Jul 2020, 23:50

                  This is exactly the same as I experienced. :beaming_face_with_smiling_eyes:

                  https://airvpn.org/forums/topic/18152-openvpn-network-manager-on-linux-why-only-works-with-lzo-data-compression/

                  1 Reply Last reply Reply Quote 1
                  • T Offline
                    TartanSpartan @Code_Gaug
                    last edited by TartanSpartan 24 Jul 2020, 23:37

                    @Code_Gaug On seeing your post I was relieved because I thought this might allow me for the first time over several attempts ever since my first use of Ubuntu Touch to use my Premiumize VPN connection. But unfortunately it doesn't, not even enabling LCO data compression will help. In sheer frustration and desperation, I am resorting to sharing my OVPN file for one of the connections to see if anyone can help guide me into doing this. The inability to import the file into the UT VPN editor is proving a hindrance, despite my best efforts to import the particulars by manually choosing the settings. Is there something about the way Premiumize configures their VPN settings which precludes them from being used as a VPN with Ubuntu Touch? I don't know. Try to help me out here please, I don't know how to fix it and I need some advice. A step by step guide to the settings given the information I am about to provide would be optimal; I will soon follow up with another post to include some screenshots of the UT VPN editor with the particulars (e.g. username, password) blurred out.

                    I'll preface this by saying that the certificate has been completely scrambled for the sake of sharing this, so that nobody else can use the certificate for their own means but they can only help troubleshoot. I believe this is the only uniquely identifying information in the .ovpn file but please point out for me if I'm mistaken. I have used both the .ovpn file and the equivalent settings in Ubuntu 18.04 x86's VPN utility which were set when importing the .ovpn file for that system to try to set it up for Ubuntu Touch. Here is the text content of the file:

                    remote vpn-ca.premiumize.me
                    verify-x509-name CN=vpn-ca.premiumize.me
                    auth-user-pass
                    client
                    dev tun
                    proto udp
                    cipher AES-256-CBC
                    resolv-retry infinite
                    nobind
                    persist-key
                    persist-tun
                    mute-replay-warnings
                    <ca>
                    -----BEGIN CERTIFICATE-----
                    bTkSSRcxdOLwRgWAIMVKglkwcVDuxwZAdORsYXAZcMHwRBmYWR9YxB8F/FT1w5g0zC/qtJGF8oCbdTi/SK7YICB/EZMwNQW4VxELzbOLHpLQYygQebZXI/jxcUKKNRnSXgdK2C6rIgJMrlfz6lzCzMU4wxDoE7AFAgZE7XApBTGj5tIRDWIOBJbBeqe1wlw9mjSIuBA6Dc9NqEzMFJ8jiduhIuCwELXaXcEDWRji5g/r+SBbEuKwORTAUCSACIOnbPcoQDZ/m5VRiZCQ02tu3TaQJ3DdlLCBOH/SwLmCTQ/ArbYAPxRAQYNTcgHMMZVQIBT6ug9giMADoIsMg+BCAdnNAqNAQJi9EPS8vj4Rh9VyjUchj2Hd1cfDZxY7t2G+Cm9ix9BaxoWD3xu0gp2rMskKMEK8ErMWfN5CEVeBcLCF2XMDLWB2acjkbVyXFQY+moO3XyDzVBJw7hHLn6vADw4BcDIDZEqAOa7veVVYWy/SiIrFRICNkb7uwvfs7QH0IYAQm4NjUtCD6AIxLocVKoUt1
                    0amliPEvBdYAcel3nYXMoC20KfGBdMWDh7tWCPoQcjwBMzMbx9jhGEKhRzqOmzacpNjnSylV7EkVyF9Qk7UQ4AB7IRGcDUBQTDCwBXxwu5NFBX8QNCYiH0UbMXJ0pvgK+SBDZE4lUDZ5vx3QcUoHGIQzLR5wokskBtApBmXgMqHS8+E8K9l6PXAP29mRY1GwqroQEaCGbMENST0SeMdQOf9TxiOMFhnrD+wRQ3A+4o9MzgEGDQqOIUuIHgAdB1smkzmO1dIuwJuLBqJrAKDDjIqsAK450Nh3NhXcDQQz3bRn9Xg3dyNWwhFzH2XGUD+CtIxQtgTugVwssByqCQDDAARi7LwEfMmygwao2pNUu4bShQkNgayqImDBoi3rZ0AQ18faTgYBYANRD5/AqFZ4OyBz9YEVaja9EZL3DQyBBvMkYDxTXdMDGxaGQOC9IHAMdkHNAaU1MfawAjMa0AQ0BMFAX4lA+UMNyUMJgAI2CW8I6Z55bvAMJ/pgImk+6DbyWRVubSeoq1zomjgkPBDHEbqlAxgy8biJ17cZ66aJUAGuaGTmA+GDudE6EQYzgDF1lbR8ZwYQnVdYG81
                    -----END CERTIFICATE-----
                    </ca>
                    verb 3
                    reneg-sec 0

                    1 Reply Last reply Reply Quote 1
                    • T Offline
                      TartanSpartan
                      last edited by TartanSpartan 24 Jul 2020, 23:54

                      Here are the screenshots:
                      General settings.png
                      Note that on this second one the file in the ~/.cert/nm-openvpn directory was initially of .pem type rather than .crt type. I renamed the end of the file to .crt to see if that would help, but alas, still nothing.
                      screenshot20200725_003749786.png
                      screenshot20200725_003753306.png screenshot20200725_003801018.png screenshot20200725_003808815.png screenshot20200725_003902292.png screenshot20200725_003914693.png

                      If it would help, I could also include screenshots of the OpenVPN settings on Ubuntu 18.04 for a 1:1 comparison. If anyone would like to see them, please ask.

                      1 Reply Last reply Reply Quote 0
                      • F Offline
                        Fuseteam
                        last edited by 25 Jul 2020, 00:58

                        perhaps you can test the ovpn out via the command line, i forgot the syntax but it should be fairly simple to use. if that works we can figure out what setting is missing in the configs

                        1 Reply Last reply Reply Quote 1
                        • T Offline
                          TartanSpartan
                          last edited by 25 Jul 2020, 01:41

                          Thanks, I will try tinkering with that as soon as I have a moment. Meanwhile, I would still appreciate it if anyone can spot anything glaringly wrong with the setup I've tried to go with.

                          C 1 Reply Last reply 25 Jul 2020, 04:40 Reply Quote 0
                          • C Offline
                            Code_Gaug @TartanSpartan
                            last edited by 25 Jul 2020, 04:40

                            @TartanSpartan I would help you anyway.

                            But as you know I'm not a native speaker of English so I'm sorry for my bad or wrong expressions.

                            I have many things I want let you know but it's hard for me to write. So I will upload the pictures of my settings. Wait a minute, please.

                            T 1 Reply Last reply 25 Jul 2020, 05:16 Reply Quote 2
                            • T Offline
                              TartanSpartan @Code_Gaug
                              last edited by 25 Jul 2020, 05:16

                              @Code_Gaug Your English seems fine to me on first glance my friend 🙂

                              Thank you for your pictures when they are uploaded. Your help is appreciated.

                              C 3 Replies Last reply 25 Jul 2020, 05:38 Reply Quote 0
                              • C Offline
                                Code_Gaug @TartanSpartan
                                last edited by 25 Jul 2020, 05:38

                                @TartanSpartan Here's my settings

                                vpn_settings.png

                                Certification files are just text files.
                                I used files which created by Network Manager Gnome and files which I myself copied and pasted from OVPN file and both worked fine.

                                If you give settings to VPN like above and it does't work ask me again.
                                I hope it works fine.

                                C A 2 Replies Last reply 25 Jul 2020, 09:42 Reply Quote 2
                                • C Offline
                                  Code_Gaug @Code_Gaug
                                  last edited by 25 Jul 2020, 09:42

                                  This post is deleted!
                                  1 Reply Last reply Reply Quote 0
                                  • C Offline
                                    Code_Gaug @TartanSpartan
                                    last edited by 25 Jul 2020, 10:26

                                    @TartanSpartan Oh no, now I found Premiumize VPN's OVPN file includes CA certification but no tls-auth certification. I missed that.
                                    So maybe you made settings by following this tutorial.

                                    https://www.premiumize.me/plugins?os=ubuntu&tool=openvpn

                                    Making VPN settings with Network Manager Gnome on Ubuntu Desktop, setting file is created in '/etc/NetworkManager/system-connections' directory as well as with VPN Tool on UT.

                                    If connection succeed on Ubuntu Desktop and fail on UT you'd better compare both files. Something might be different from each other.

                                    Would you show me what is different between two setting files?

                                    1 Reply Last reply Reply Quote 1
                                    • C Offline
                                      Code_Gaug @TartanSpartan
                                      last edited by 26 Jul 2020, 00:32

                                      @TartanSpartan Hello

                                      I'm sorry.
                                      Your VPN provider doesn't use tsl-auth certification.
                                      So my settings wouldn't be help for you.

                                      If connection results in failure on UT I still recommend you to compare setting files but you can test the ovpn out via the command line as Fuseteam said. Because it shows the reason of failure immediately.

                                      sudo openvpn [ovpnfile name]
                                      

                                      Password for sudo command is required first then usename & password for VPN are required.
                                      (Note that password phrase may not be shown even if you input)

                                      If it works massages end with like following.

                                      Sun Jul 26 09:05:55 2020 Initialization Sequence Completed
                                      

                                      Thank you.

                                      1 Reply Last reply Reply Quote 1
                                      • T Offline
                                        TartanSpartan
                                        last edited by TartanSpartan 26 Jul 2020, 08:47

                                        Sorry I went quiet for a while. Thank you for your advice. I've seen a couple of drawbacks with Premiumize in the VPN and otherwise, such as lack of tsl-auth certification as you say, so I might consider moving to Nord when my subscription runs out. But for now I will continue to use Premiumize. Thankfully I was finally able to achieve a VPN connection on my Pro 5 by using nmcli to take the .ovpn file as input along with my username and password, and this also added the connection to the GUI elements so I can turn it on and off with the button. Just what I wanted. I had to do an apt install of the network-manager-openvpn-gnome package for this to work; as VPN editor cannot take .ovpn files at this time, I am looking into raising an issue with Ubports to see if it would be worth including this package in the system image by default. In case this this approach is of interest to anyone else struggling to add a VPN to Ubuntu Touch, the full command used was sudo nmcli connection import type openvpn file "yourfilename.ovpn". I think I had to run it twice for online IP checkers to actually confirm the phone as (supposedly) being in Montreal as was to be expected.

                                        However, unfortunately now I have another problem. For personal reasons I have decided to keep my M10 on Vivid OTA-3 until such time as I feel the Xenial build is mature enough to upgrade to. But this does mean it may be vulnerable to bugs which Xenial doesn't have. I wonder if I have discovered one in attempting to apply the VPN to the M10 in the same fashion as for my Pro 5. Here, after running the aforementioned command, it responds Error: failed to load VPN plugin: missing "plugin" setting. Is anyone familiar with this error? I have searched for it online but can't find the string really anywhere except in the Network Manager source code itself, and there, the code doesn't really help explain what the problem may be at least not to my eyes. It does seem that whether this is a bug or something that can be fixed by installing a package or similar, this situation changed from Vivid 15.04 to Xenial 16.04. Can anyone shed some light? Perhaps it might help if you happen to have your own UT device still on 15.04, or a livecd image of 15.04 to test this on x86 architecture. I had considered just copying the VPN connection file from /etc/NetworkManager/system-connections from the Pro 5 to the M10, but I thought this wouldn't really make sense because for example if they shared the same uuid (which I presume is generated during VPN configuration) as a consequence, then they can't both be on the same WIFI connection simultaneously.

                                        C 2 Replies Last reply 26 Jul 2020, 16:03 Reply Quote 1
                                        • C Offline
                                          Code_Gaug @TartanSpartan
                                          last edited by 26 Jul 2020, 16:03

                                          @TartanSpartan Congratulations!

                                          Anyway I'm very happy to know you can achieve a VPN connection. 👍

                                          1 Reply Last reply Reply Quote 1
                                          • C Offline
                                            Code_Gaug @TartanSpartan
                                            last edited by 27 Jul 2020, 03:17

                                            @TartanSpartan Last night I was too sleepy to read English writtings. Now I 'm fully awake. :beaming_face_with_smiling_eyes:

                                            I didn't know .ovpn file can be specified as mncli command's argument or doing so mncli can create VPN setting file which is available for network-manager-openvpn-gnome or VPN tool.
                                            I always use 'ip' command for network settings or getting information of network but now I know 'nmcli' is very useful, too.

                                            Thank you for letting me know it. I'll learn much more about NetworkManager. :winking_face:

                                            1 Reply Last reply Reply Quote 1
                                            26 out of 39
                                            • First post
                                              26/39
                                              Last post