@BrutalBirdie said in OpenVPN with Adguard: register-dns block-outside-dns Good to know these! Apparently, these are Windows only directives - https://iflorian.com/openvpn-block-outside-ds/

@timo-betz I missed this post somehow. Did you manage to figure this out?

Thank you so much. Appreciate your help. I have updated the package, now working fine. Thank you again

I actually just figured it out, somehow the profile had some sort of error in it. I generated another one and it fixed the problem. I appreciate the help!

thank you all. i've almost resigned myself to the fact that it doesn't work with simple gui settings. i also don't know enough to tinker with config files on my own. i asked my colleague again about his settings on synology. he redirects port 443 to the default port 1194 via his home router. So he uses the router-nat, is reachable from outside via 443 and simply routes to the VPN instance. there is probably no comparable NAT function in cloudron, is there? while searching the internet i found the "haproxy" in docker-hub. maybe such a container (app) could transparently redirect from a host with port 443 to an internal ip with port 7494. but this is probably going too far and i don't want to overuse your help.

@mehdi said in OpenVPN config types: In summary, we could defintely remove the least used ones, and leave only .ovpn embedded and .tblk. I think most others are less useful and these 2 can do the job in most, if not all, cases. right, this is the confirmation I needed. Looks like, we can remove the first 3. Will do that in next release then.

@girish Awesome! That got it. Thanks. The first time I tried it it didn't take after the reboot but I added back in the " " marks and it worked as expected. Thank you so much. And again for the quick response!

I have also updated the app to use easyrsa3 now. This will roll out slowly since there is a lot of migration code .

@mehdi GMT +1 but my idea is that when I installed first time Cloudron has Los Angeles time... that's can a possible source of issue.

@robi Thanks. Port-knocking sounds interesting to research. When time permits !

This is more involved. First, there is HEAD request with /?embedded=true. Then, there is a POST request to /RPC2. We have to reverse engineer a bit to implement this. There's more info in parts at https://forums.openvpn.net/viewtopic.php?f=36&t=29767 https://github.com/ryanharrison554/pyovpn-as/blob/a5d4ad36a952b982cc74c4573595b9031369239a/pyovpn_as/api/cli.py * https://forums.openvpn.net/viewtopic.php?t=28491 http://blog.manton.im/2016/02/reverse-engineering-openvpn-as-login.html

Recognizing TCP OpenVPN traffic is really not easy, as it kinda looks like any other TLS encrypted stream. As far as I know, doing so requires advanced Deep Packet Inspection capabilities that are only available to few countries, and even this is not foolproof. May I ask, @hasan, where are you based?

@mehdi said in Support VPN Client: I don't know a single commercial VPN provider that provides a public IP to each VPN connection It is probably because you didn't fell the need I lived in Switzerland and before in Canada, where Torrenting and self hosting is not an issue. But since I'm in Thailand; first, Torrenting is it as the Government fell about you, and the Internet is monitored and limited (not as much than China but still) they block several ports and websites. It took me a while to find and I chat with a lot of online support to find few of them Has I will not recommend it but still a good example PureVPN support this you control which port you open with OpenVPN but the IP is dynamic and yes it still through a NAT, and you could buy a static IP available via only PPTP (which they don't claim at loud). If I remember well mullvad also offer this kind of service My idea came from: https://labriqueinter.net

@girish Awesome thanks! I'm looking forward to Wireguard more, if possible haha.

Thanks to everyone, I managed to get a few games going, some did not work, but they probably wouldn't run in an actual LAN either. Didn't have to adjust anything, The game I was trying was just not working properly. Cheers!

avoid the $

The just released app package now contains the first settings for admins and also there is a file at /app/data/config.ini now to grant admin rights to users. [image: 1601144110791-a2f94f88-64eb-4714-b442-15217a9fe3d3-image-resized.png]

I have added docs at https://cloudron.io/documentation/apps/openvpn/#custom-client-configuration

@Trankery https://git.cloudron.io/cloudron/box/-/commit/b46d3e74d6be94718c3a3df7899dbb6af0b4a407 is the fix for the crash itself. But the real solution is to move the domain away from Cloudflare OR change the domain provider to Wildcard. Sucks that they made such a big change with no announcement.

@girish so is the process I understand about the installing steps the right way for this? thanks for the suggestion, I just know that we can do my.vpnserver.domain.com. Am intending for consumer use for now.