NordVPN doesn't seem to work

lazypanda · 24 January 2020 12:41

Hi all

Was hoping you can help

I’ve installed DietPI and have also added the NordVPN add-on.
It seem to connect without any problem, tried with various servers.

However when I try to test it by going to whatsmyipaddress.com or similar, it keeps showing my real IP.

I was wondering if I need to configure anything else to actually mask my IP for online presence?

Thank you!

Joulinar · 24 January 2020 13:18

Hi,

short question. Are you trying to connect to whatsmyipaddress.com from your local computer or from your DietPi system?

lazypanda · 24 January 2020 13:29

I use VNC on my local PC to connect to the machine where DietPi is installed, and open browser on the DietPI desktop.

Joulinar · 24 January 2020 14:25

unfortunetly I don’t have a NordVPN account to check and verify. But pls can you check your routing table. Would be good to know how it looks like once you have the VPN connected

ip route show

lazypanda · 24 January 2020 15:02

Thanks for replying
Sorry I’m quite a newbie with Linux.

Currently the routing table looks like this (VPN is still connected):

root@DietPi:~# ip route
0.0.0.0/1 via 10.8.3.1 dev tun0 
default via 192.168.2.1 dev eth0 
5.181.235.19 via 192.168.2.1 dev eth0 
10.8.3.0/24 dev tun0 proto kernel scope link src 10.8.3.23 
128.0.0.0/1 via 10.8.3.1 dev tun0 
192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.112

If it’s not correct, how do I update the routing to go via the VPN tunnel?

Joulinar · 25 January 2020 08:46

Hi,

can you check if the following is active in your VPN config file

redirect-gateway autolocal

lazypanda · 25 January 2020 11:25

HI

Where do I find this configuration file?

I found two files in /var/lib/dietpi/dietpi-software/installed/dietpi-nordvpn:

settings_dietpi.conf
settings_ovpn.conf

The first one has my credentials and protocol and server name, the second one only my credentials.

Do I just add the redirect line to the first file?..

Cheers,

Joulinar · 25 January 2020 14:49

Hi,

as I said, I don’t have NordVPN installed. Therefore I’m not able to verify it.

I checked the script located on /DietPi/dietpi/misc/dietpi-nordvpn. It seems both files are used. So you could try to enter it in one of the files and check how the default gateway changed. But without grantee.

Default gateway should point to the tun0 interface

128.0.0.0/1 via 10.8.3.1 dev tun0

Once changed the files, you would need to restart the service I guess

systemctl daemon-reload
systemctl restart dietpi-nordvpn.service

oliverjames19931 · 1 April 2020 14:03

delete it and do it again it might resolve your issue.

MichaIng · 2 April 2020 11:41

Those settings files do not allow to add custom commands/routing tables etc. Those contain only the present defined variables. settings_ovpn.conf basically doubles the credentials, only since OpenVPN requires it with special format (username first line, password second line, nothing else).
If you need to run certain commands after VPN has been established (and before it closes), use the Edit Up + Edit Down options from dietpi-nordvpn menu.

However, the routes are and should be handled correctly by OpenVPN. 0.0.0.0/1 via 10.8.3.1 dev tun0 + 128.0.0.0/1 via 10.8.3.1 dev tun0 basically should lead to all requests being routed through the VPN, if there is no closer route defined for a certain IP range.

How is whatsmyipaddress.com resolved?

ping whatsmyipaddress.com

Ah and btw the used OpenVPN .ovpn file can be found here (as it depends on you chosen particular NordVPN server):

systemctl cat dietpi-nordvpn