PIA Next-Gen Servers and Port Forwarding Automation
|
Posts: 23
Threads: 4
Joined: Jan 2017
Reputation:
2
[Solved]
Nov 13, 2020, 11:32 PM
(Nov 13, 2020, 07:58 PM)Mrzx Wrote: (Nov 13, 2020, 02:11 PM)Pyrhic Wrote: (Nov 12, 2020, 10:06 PM)Mrzx Wrote: Heey guys, thanks you soo much for this post.
But i having some trouble get it to run, and i got no clue how to get it working, im so new to this
i get this when i run systemctl status pia-pf.service
Code:
● pia-pf.service - PIA Port Forwarding Daemon
Loaded: loaded (/etc/systemd/system/pia-pf.service; enabled)
Active: active (running) since Thu 2020-11-12 22:37:55 CET; 8ms ago
Main PID: 1354 (pia-portforward)
CGroup: /system.slice/pia-pf.service
└─1354 /bin/sh /etc/openvpn/pia-portforward.sh -f tun0 -p /etc/openvpn/port.dat -s /etc/openvp...
Nov 12 22:37:55 raspberrypi1 systemd[1]: Starting PIA Port Forwarding Daemon...
Nov 12 22:37:55 raspberrypi1 systemd[1]: Started PIA Port Forwarding Daemon.
Nov 12 22:37:55 raspberrypi1 pia-pf[1354]: trap: SIGTERM: bad trap
Nov 12 22:37:55 raspberrypi1 pia-pf[1354]: /etc/openvpn/pia-portforward.sh: 55: /etc/openvpn/pia-port...ound
Hint: Some lines were ellipsized, use -l to show in full.
root@raspberrypi1:~# sudo systemctl status pia-pf.service
● pia-pf.service - PIA Port Forwarding Daemon
Loaded: loaded (/etc/systemd/system/pia-pf.service; enabled)
Active: activating (auto-restart) (Result: exit-code) since Thu 2020-11-12 22:38:00 CET; 2s ago
Process: 1354 ExecStart=/etc/openvpn/pia-portforward.sh -f tun0 -p /etc/openvpn/port.dat -s /etc/openvpn/portforward.sh (code=exited, status=1/FAILURE)
Main PID: 1354 (code=exited, status=1/FAILURE)
and i don´t see anything in `/etc/openvpn/port.dat`
not sure i even get a "token"
really on deep water here
but a least transmission is downloading again
Hey Mrzx,
As is probably clear from my earlier posts, I'm about as far from an expert as they come, but in the spirit of paying it forward, I shall try to help!
Code:
/etc/openvpn/pia-portforward.sh: 55
I could be entirely wrong, but I think that's indicating something is going wrong with line 55 of the pia-portforward.sh script?
if you haven't tried it already, probably the best thing to do is run the script manually so you can see the full output and get a better idea of why it's failing. Sorry if this is insultingly basic, but in case you don't know, I believe you'd enter:
cd /etc/openvpn
sudo ./pia-portforward.sh -f tun0
^ that's assuming that tun0 is your VPN interface.
Try that and let us know what message is spat out?
Also - super super basic stuff, but if you're not even seeing the token file has been created in the folder (i.e. "pia-token.dat") that could suggest something as simple as you've got your username and password wrong - so maybe just check you've added them to the pia-portforward.sh script correctly.
Hopefully we can get you over the line with this!
Heey Pyrhic, thank you so much for replying, im really grateful and appreciate the all the super super basic stuff
Yes im not even seeing the token file has been created in the folder (`/etc/openvpn/pia-token.dat` or `/etc/openvpn/port.dat`)
/etc/openvpn/pia-portforward.sh: 55
that line is:
Code:
[ $? -ne 0 ] && echo "Failed to acquire new auth token" && exit 1
So i must fined out why im not getting the token, did check the username and password and it looks right.
We need the
in-front and after username and password right ?
Also this is what happens when i do sudo ./pia-portforward.sh -f tun0
Code:
root@raspberrypi1:/etc/openvpn# sudo ./pia-portforward.sh -f tun0
trap: SIGTERM: bad trap
./pia-portforward.sh: 54: ./pia-portforward.sh: jq: not found
(23) Failed writing body
Failed to acquire new auth token
root@raspberrypi1:/etc/openvpn#
And yes, i do use tun0 as VPN interface, just like in the guide
Hiya,
Yes, you should have the "" marks around the user and pass, so not that.
That output says "jq: not found." Do you have jq installed? Not sure what os you're using, but it's available from apt in Ubuntu (I.e. 'sudo apt install jq').
Posts: 1
Threads: 0
Joined: Nov 2020
Reputation:
0
[Solved]
Nov 14, 2020, 12:37 AM
(This post was last modified: Nov 14, 2020, 12:53 AM by Niikonz.)
Well, after about 2 years the old way (using the guides) stopped working completely for me today.
Using the information above, everything now works again even port forwarding and i'm using the nextgen servers.
I had an issue of my server not having traceroute installed and the script would run. So make sure you install traceroute!! (sudo apt-get install traceroute)
EDIT: Not done a restart of the server yet. Will this survive a server reboot?
Posts: 7
Threads: 0
Joined: Nov 2020
Reputation:
4
[Solved]
Nov 14, 2020, 02:35 AM
Ah, yes. Good catch guys. Another thing I forgot... the scripts require traceroute, jq, and curl to be installed.
Code:
sudo apt install traceroute jq curl -y
As for the reboot... if you've set it up as a service (like I talk about in my original post) then yes, it will survive a system reboot and automatically restart itself... however, there is one catch: Look at the top of the service file and you'll see the "After=" section. This tells the service to start after the "openvpn@openvpn.service" starts. If your openvpn/PIA service is named differently, you'll need to adjust this section to match your service's name or it will never start (since the service it's looking for won't ever start.)
Again, this goes back to my original statement about how my guide is designed around the steps provided in the main guides... (which names the openvpn/PIA service as "openvpn@openvpn.service"). Any deviation from the main guides will cause my fix to not work, however, it is possible to adjust it... you just have to be willing to figure it out.
Glad to hear this is working for some of you. Keep paying it forward folks.
Posts: 1
Threads: 0
Joined: Nov 2020
Reputation:
0
[Solved]
Nov 16, 2020, 04:13 AM
(This post was last modified: Nov 16, 2020, 04:14 AM by phaedrus.)
Thank you for this post Doc. I finally got around to troubleshooting why my server went down. I had fixed the next-gen server connection and found your post for port forwarding. You saved me a great deal of googling!
Posts: 2
Threads: 0
Joined: Nov 2020
Reputation:
0
[Solved]
Nov 21, 2020, 04:53 AM
Hello,
I am following this guide but the portforward.sh file I have is from the PIA website and completely different from what you have mentioned.
Located here PIA Port Forwarding
Would you be able to attach the version from this forum or link me to the PIA OPENVPN guide so I can grab that file and modify as described?
I have searched everywhere on this site for the guide and the file but no luck.
Posts: 23
Threads: 4
Joined: Jan 2017
Reputation:
2
[Solved]
Nov 21, 2020, 08:28 AM
(Nov 21, 2020, 04:53 AM)fostex437 Wrote: Hello,
I am following this guide but the portforward.sh file I have is from the PIA website and completely different from what you have mentioned.
Located here PIA Port Forwarding
Would you be able to attach the version from this forum or link me to the PIA OPENVPN guide so I can grab that file and modify as described?
I have searched everywhere on this site for the guide and the file but no luck.
Hi,
The port forwarding script you need is the one linked to in this guide:
https://www.htpcguides.com/configure-aut...or-deluge/
There's also a variant for if you use Transmission instead.
Posts: 2
Threads: 0
Joined: Nov 2020
Reputation:
0
[Solved]
Nov 21, 2020, 03:58 PM
(Nov 21, 2020, 08:28 AM)Pyrhic Wrote: (Nov 21, 2020, 04:53 AM)fostex437 Wrote: Hello,
I am following this guide but the portforward.sh file I have is from the PIA website and completely different from what you have mentioned.
Located here PIA Port Forwarding
Would you be able to attach the version from this forum or link me to the PIA OPENVPN guide so I can grab that file and modify as described?
I have searched everywhere on this site for the guide and the file but no luck.
Hi,
The port forwarding script you need is the one linked to in this guide:
https://www.htpcguides.com/configure-aut...or-deluge/
There's also a variant for if you use Transmission instead.
Thank you so much for the link and information!
I have successfully got my PIA port forwarding from the Next Gen servers thru OpenVPN and confirmed that it automatically sets that port in my Deluge server.
And a big thank you to DocDrydenn and everyone that helped put this guide together!
As additional information, I am running OpenVPN on a Raspberry Pi 3 B+ connecting to PIA and have been using the old servers. Yesterday I made the switch to the "Next Gen" servers and got connected but had such a hard time finding information on port forwarding. This guide definitely helped.
Thanks again!
Posts: 23
Threads: 4
Joined: Jan 2017
Reputation:
2
[Solved]
Nov 21, 2020, 07:07 PM
(Nov 21, 2020, 03:58 PM)fostex437 Wrote: (Nov 21, 2020, 08:28 AM)Pyrhic Wrote: (Nov 21, 2020, 04:53 AM)fostex437 Wrote: Hello,
I am following this guide but the portforward.sh file I have is from the PIA website and completely different from what you have mentioned.
Located here PIA Port Forwarding
Would you be able to attach the version from this forum or link me to the PIA OPENVPN guide so I can grab that file and modify as described?
I have searched everywhere on this site for the guide and the file but no luck.
Hi,
The port forwarding script you need is the one linked to in this guide:
https://www.htpcguides.com/configure-aut...or-deluge/
There's also a variant for if you use Transmission instead.
Thank you so much for the link and information!
I have successfully got my PIA port forwarding from the Next Gen servers thru OpenVPN and confirmed that it automatically sets that port in my Deluge server.
And a big thank you to DocDrydenn and everyone that helped put this guide together!
As additional information, I am running OpenVPN on a Raspberry Pi 3 B+ connecting to PIA and have been using the old servers. Yesterday I made the switch to the "Next Gen" servers and got connected but had such a hard time finding information on port forwarding. This guide definitely helped.
Thanks again!
Brilliant! Glad you got sorted - and yes, thanks again to DocDrydenn for getting us all back to normal
Posts: 1
Threads: 0
Joined: Feb 2021
Reputation:
0
[Solved]
Feb 17, 2021, 04:52 AM
(This post was last modified: Feb 17, 2021, 05:02 AM by bob22.)
Hey Doc!
I just wanted to drop by and tell you just how thankful I am to you for stitching this script back together - I was pulling my hair out over the last days trying to modify the "official" pia scripts to my needs, which in the end never worked. Your script though ... it works like a charm for me (hopefully it won't break again )
It was not self-explanatory for you to take the time to write the steps needed together and put it out here for the rest of us. I just wanted to let you know that there are people out there who really appreciate your efforts
Greetings, Bob
PS: You said the token lasts for 2 months? Is it enough to restart the new pia-pf.service in order for the token to be regenerated? If yes, would it be enough to just make up a cronjob like
@monthly sudo systemctl restart pia-pf.service
in order for it to keep working over time?
Posts: 7
Threads: 0
Joined: Nov 2020
Reputation:
4
[Solved]
Feb 17, 2021, 04:52 PM
(Feb 17, 2021, 04:52 AM)bob22 Wrote: Hey Doc!
I just wanted to drop by and tell you just how thankful I am to you for stitching this script back together - I was pulling my hair out over the last days trying to modify the "official" pia scripts to my needs, which in the end never worked. Your script though ... it works like a charm for me (hopefully it won't break again )
It was not self-explanatory for you to take the time to write the steps needed together and put it out here for the rest of us. I just wanted to let you know that there are people out there who really appreciate your efforts
Greetings, Bob
PS: You said the token lasts for 2 months? Is it enough to restart the new pia-pf.service in order for the token to be regenerated? If yes, would it be enough to just make up a cronjob like
@monthly sudo systemctl restart pia-pf.service
in order for it to keep working over time?
Anytime. Glad it worked for ya.
I had a problem. I managed to solve that problem. I saw others with the same problem. I shared the solution. Knowledge is power... and free, so why not pass it on.
Yes, you just need to restart the service or reboot the rig. A new token is created everytime the service starts, so a cron would work or a reboot would work. My Take: we're talking 2 months... that's a long time for a home machine to go... so unless you're using some businesss "uptime-means-money" machine, I'd honestly just go with a scheduled reboot... they do a computer/server good and it'll regen your token and port at the same time. Win-Win.
|
|
|