Skip to content
This repository has been archived by the owner on Nov 25, 2022. It is now read-only.

Nas Synology + NordVPN Auth problem #130

Open
BioSs54 opened this issue Jun 10, 2022 · 1 comment
Open

Nas Synology + NordVPN Auth problem #130

BioSs54 opened this issue Jun 10, 2022 · 1 comment

Comments

@BioSs54
Copy link

BioSs54 commented Jun 10, 2022
edited

Information

Hi,
I try to up the container on my NAS Synology.

When i check logs, seem auth' problem but I have been send user, password & provider to the container. I also check my credentials file, he is complete. I use latest container. So maybe some arguments are wrong ? What do you think ?

The strangest: this docker-compose works locally but not on Synology

Docker compose file


services:
    qbittorrent-openvpn:
        volumes:
            - '/volume1/Download:/data'
            - '/volume1/docker/qbitorrent/config:/config'
            - '/etc/localtime:/etc/localtime:ro'
        environment:
            - CREATE_TUN_DEVICE=true
            - WEBPROXY_ENABLED=false
            - OPENVPN_PROVIDER=NORDVPN
            - NORDVPN_COUNTRY=FR
            - NORDVPN_CATEGORY=p2p
            - NORDVPN_PROTOCOL=udp
            - OPENVPN_USERNAME=XXXXXXXXXXXXX
            - OPENVPN_PASSWORD=XXXXXXXXXXXXX
            - PUID=1024
            - PGID=100
            #- OPENVPN_CONFIG=
            #- OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60
            - LAN=192.168.1.0/24
            - HEALTH_CHECK_HOST=google.com
            #- OPENVPN_CONFIG_FILE=/config/openvpn/config.ovpn
            - QBT_WEBUI_PORT=9092
        cap_add:
            - NET_ADMIN
        privileged: true
        #devices:
        #    - /dev/net/tun
        logging:
            driver: json-file
            options:
                max-size: 10m
        ports:
            - '9092:9092'
        image: guillaumedsde/alpine-qbittorrent-openvpn:latest

Logs

qbittorrent-openvpn_1  | [s6-init] making user provided files available at /var/run/s6/etc...exited 0.
qbittorrent-openvpn_1  | [s6-init] ensuring user provided files have correct perms...exited 0.
qbittorrent-openvpn_1  | [fix-attrs.d] applying ownership & permissions fixes...
qbittorrent-openvpn_1  | [fix-attrs.d] done.
qbittorrent-openvpn_1  | [cont-init.d] executing container initialization scripts...
qbittorrent-openvpn_1  | [cont-init.d] 01-setup-permissions: executing...
qbittorrent-openvpn_1  | [cont-init.d] 01-setup-permissions: exited 0.
qbittorrent-openvpn_1  | [cont-init.d] 02-setup-openvpn: executing...
qbittorrent-openvpn_1  | 2022-06-10 18:11:31 TUN/TAP device tun0 opened
qbittorrent-openvpn_1  | 2022-06-10 18:11:31 Persist state set to: ON
qbittorrent-openvpn_1  | INFO: Trying to use OpenVPN provider: NORDVPN
qbittorrent-openvpn_1  | A    nordvpn
qbittorrent-openvpn_1  | A    nordvpn/configure-openvpn.sh
qbittorrent-openvpn_1  | Exported revision 1286.
qbittorrent-openvpn_1  | Provider NORDVPN has a custom startup script, executing it
qbittorrent-openvpn_1  | 2022-06-10 18:11:33 Checking curl installation
qbittorrent-openvpn_1  | 2022-06-10 18:11:33 DNS: resolution ok
qbittorrent-openvpn_1  | 2022-06-10 18:11:33 PING: ok, configurations download site reachable
qbittorrent-openvpn_1  | 2022-06-10 18:11:33 Removing existing configs in /etc/openvpn/nordvpn
qbittorrent-openvpn_1  | 2022-06-10 18:11:33 Selecting the best server...
qbittorrent-openvpn_1  | 2022-06-10 18:11:33 Searching for country : FR (74)
qbittorrent-openvpn_1  | 2022-06-10 18:11:33 Searching for group: legacy_p2p
qbittorrent-openvpn_1  | 2022-06-10 18:11:33 Searching for technology: openvpn_udp
qbittorrent-openvpn_1  | 2022-06-10 18:11:33 Best server : fr551.nordvpn.com, load: 6
qbittorrent-openvpn_1  | 2022-06-10 18:11:33 Downloading config: fr551.nordvpn.com.ovpn
qbittorrent-openvpn_1  | 2022-06-10 18:11:33 Downloading from: https://downloads.nordcdn.com/configs/files/ovpn_udp/servers/fr551.nordvpn.com.udp.ovpn
qbittorrent-openvpn_1  | INFO: Found OpenVPN configuration: "fr551.nordvpn.com" for provider "NORDVPN" using it
qbittorrent-openvpn_1  | [cont-init.d] 02-setup-openvpn: exited 0.
qbittorrent-openvpn_1  | [cont-init.d] 03-setup-iptables: executing...
qbittorrent-openvpn_1  | INFO: Configuring Docker networks: 172.21.0.2/16
qbittorrent-openvpn_1  | [cont-init.d] 03-setup-iptables: exited 0.
qbittorrent-openvpn_1  | [cont-init.d] done.
qbittorrent-openvpn_1  | [services.d] starting services
qbittorrent-openvpn_1  | [services.d] done.
qbittorrent-openvpn_1  | 2022-06-10 18:12:02 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
qbittorrent-openvpn_1  | 2022-06-10 18:12:02 OpenVPN 2.5.2 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on May  4 2021
qbittorrent-openvpn_1  | 2022-06-10 18:12:02 library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
qbittorrent-openvpn_1  | 2022-06-10 18:12:02 WARNING: --ping should normally be used with --ping-restart or --ping-exit
qbittorrent-openvpn_1  | 2022-06-10 18:12:02 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
qbittorrent-openvpn_1  | 2022-06-10 18:12:02 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
qbittorrent-openvpn_1  | 2022-06-10 18:12:02 TCP/UDP: Preserving recently used remote address: [AF_INET]89.40.XXX.XXX:1194
qbittorrent-openvpn_1  | 2022-06-10 18:12:02 Socket Buffers: R=[212992->212992] S=[212992->212992]
qbittorrent-openvpn_1  | 2022-06-10 18:12:02 UDP link local: (not bound)
qbittorrent-openvpn_1  | 2022-06-10 18:12:02 UDP link remote: [AF_INET]89.40.XXX.XXX:1194
qbittorrent-openvpn_1  | 2022-06-10 18:12:03 TLS: Initial packet from [AF_INET]89.40.XXX.XXX:1194, sid=b0b3abeb f21039ec
qbittorrent-openvpn_1  | 2022-06-10 18:12:03 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
qbittorrent-openvpn_1  | 2022-06-10 18:12:03 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA7
qbittorrent-openvpn_1  | 2022-06-10 18:12:03 VERIFY KU OK
qbittorrent-openvpn_1  | 2022-06-10 18:12:03 Validating certificate extended key usage
qbittorrent-openvpn_1  | 2022-06-10 18:12:03 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
qbittorrent-openvpn_1  | 2022-06-10 18:12:03 VERIFY EKU OK
qbittorrent-openvpn_1  | 2022-06-10 18:12:03 VERIFY OK: depth=0, CN=fr551.nordvpn.com
qbittorrent-openvpn_1  | 2022-06-10 18:12:05 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA512
qbittorrent-openvpn_1  | 2022-06-10 18:12:05 [fr551.nordvpn.com] Peer Connection Initiated with [AF_INET]89.40.XXX.XXX:1194
qbittorrent-openvpn_1  | 2022-06-10 18:12:06 SENT CONTROL [fr551.nordvpn.com]: 'PUSH_REQUEST' (status=1)
qbittorrent-openvpn_1  | 2022-06-10 18:12:06 AUTH: Received control message: AUTH_FAILED
qbittorrent-openvpn_1  | 2022-06-10 18:12:06 SIGTERM[soft,auth-failure] received, process exiting
qbittorrent-openvpn_1  | 2022-06-10 18:12:06 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
qbittorrent-openvpn_1  | 2022-06-10 18:12:06 OpenVPN 2.5.2 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on May  4 2021
qbittorrent-openvpn_1  | 2022-06-10 18:12:06 library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
qbittorrent-openvpn_1  | 2022-06-10 18:12:06 WARNING: --ping should normally be used with --ping-restart or --ping-exit
qbittorrent-openvpn_1  | 2022-06-10 18:12:06 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
qbittorrent-openvpn_1  | 2022-06-10 18:12:06 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
qbittorrent-openvpn_1  | 2022-06-10 18:12:06 TCP/UDP: Preserving recently used remote address: [AF_INET]89.40.XXX.XXX:1194
qbittorrent-openvpn_1  | 2022-06-10 18:12:06 Socket Buffers: R=[212992->212992] S=[212992->212992]
qbittorrent-openvpn_1  | 2022-06-10 18:12:06 UDP link local: (not bound)
qbittorrent-openvpn_1  | 2022-06-10 18:12:06 UDP link remote: [AF_INET]89.40.XXX.XXX:1194
qbittorrent-openvpn_1  | 2022-06-10 18:12:07 TLS: Initial packet from [AF_INET]89.40.XXX.XXX:1194, sid=e77bce73 0819ddd3
qbittorrent-openvpn_1  | 2022-06-10 18:12:15 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
qbittorrent-openvpn_1  | 2022-06-10 18:12:15 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA7
qbittorrent-openvpn_1  | 2022-06-10 18:12:15 VERIFY KU OK
qbittorrent-openvpn_1  | 2022-06-10 18:12:15 Validating certificate extended key usage
qbittorrent-openvpn_1  | 2022-06-10 18:12:15 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
qbittorrent-openvpn_1  | 2022-06-10 18:12:15 VERIFY EKU OK
qbittorrent-openvpn_1  | 2022-06-10 18:12:15 VERIFY OK: depth=0, CN=fr551.nordvpn.com
qbittorrent-openvpn_1  | 2022-06-10 18:13:06 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
qbittorrent-openvpn_1  | 2022-06-10 18:13:06 TLS Error: TLS handshake failed
qbittorrent-openvpn_1  | 2022-06-10 18:13:06 SIGUSR1[soft,tls-error] received, process restarting
qbittorrent-openvpn_1  | 2022-06-10 18:13:06 Restart pause, 5 second(s)
qbittorrent-openvpn_1  | 2022-06-10 18:13:11 WARNING: --ping should normally be used with --ping-restart or --ping-exit
qbittorrent-openvpn_1  | 2022-06-10 18:13:11 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
qbittorrent-openvpn_1  | 2022-06-10 18:13:11 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
qbittorrent-openvpn_1  | 2022-06-10 18:13:11 TCP/UDP: Preserving recently used remote address: [AF_INET]89.40.XXX.XXX:1194
qbittorrent-openvpn_1  | 2022-06-10 18:13:11 Socket Buffers: R=[212992->212992] S=[212992->212992]
qbittorrent-openvpn_1  | 2022-06-10 18:13:11 UDP link local: (not bound)
qbittorrent-openvpn_1  | 2022-06-10 18:13:11 UDP link remote: [AF_INET]89.40.XXX.XXX:1194
qbittorrent-openvpn_1  | 2022-06-10 18:13:11 TLS: Initial packet from [AF_INET]89.40.XXX.XXX:1194, sid=a6f5226a a19fb221
qbittorrent-openvpn_1  | 2022-06-10 18:13:11 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
qbittorrent-openvpn_1  | 2022-06-10 18:13:11 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA7
qbittorrent-openvpn_1  | 2022-06-10 18:13:11 VERIFY KU OK
qbittorrent-openvpn_1  | 2022-06-10 18:13:11 Validating certificate extended key usage
qbittorrent-openvpn_1  | 2022-06-10 18:13:11 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
qbittorrent-openvpn_1  | 2022-06-10 18:13:11 VERIFY EKU OK
qbittorrent-openvpn_1  | 2022-06-10 18:13:11 VERIFY OK: depth=0, CN=fr551.nordvpn.com
qbittorrent-openvpn_1  | 2022-06-10 18:13:13 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA512
qbittorrent-openvpn_1  | 2022-06-10 18:13:13 [fr551.nordvpn.com] Peer Connection Initiated with [AF_INET]89.40.XXX.XXX:1194
qbittorrent-openvpn_1  | 2022-06-10 18:13:14 SENT CONTROL [fr551.nordvpn.com]: 'PUSH_REQUEST' (status=1)
qbittorrent-openvpn_1  | 2022-06-10 18:13:15 AUTH: Received control message: AUTH_FAILED
qbittorrent-openvpn_1  | 2022-06-10 18:13:15 SIGTERM[soft,auth-failure] received, process exiting
qbittorrent-openvpn_1  | 2022-06-10 18:13:15 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
qbittorrent-openvpn_1  | 2022-06-10 18:13:15 OpenVPN 2.5.2 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on May  4 2021
qbittorrent-openvpn_1  | 2022-06-10 18:13:15 library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
qbittorrent-openvpn_1  | 2022-06-10 18:13:15 WARNING: --ping should normally be used with --ping-restart or --ping-exit
qbittorrent-openvpn_1  | 2022-06-10 18:13:15 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
qbittorrent-openvpn_1  | 2022-06-10 18:13:15 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
qbittorrent-openvpn_1  | 2022-06-10 18:13:15 TCP/UDP: Preserving recently used remote address: [AF_INET]89.40.XXX.XXX:1194
qbittorrent-openvpn_1  | 2022-06-10 18:13:15 Socket Buffers: R=[212992->212992] S=[212992->212992]
qbittorrent-openvpn_1  | 2022-06-10 18:13:15 UDP link local: (not bound)
qbittorrent-openvpn_1  | 2022-06-10 18:13:15 UDP link remote: [AF_INET]89.40.XXX.XXX:1194
qbittorrent-openvpn_1  | 2022-06-10 18:13:15 TLS: Initial packet from [AF_INET]89.40.XXX.XXX:1194, sid=098e5dbc 587e01f0
qbittorrent-openvpn_1  | 2022-06-10 18:13:17 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
qbittorrent-openvpn_1  | 2022-06-10 18:13:17 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA7
qbittorrent-openvpn_1  | 2022-06-10 18:13:17 VERIFY KU OK
qbittorrent-openvpn_1  | 2022-06-10 18:13:17 Validating certificate extended key usage
qbittorrent-openvpn_1  | 2022-06-10 18:13:17 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
qbittorrent-openvpn_1  | 2022-06-10 18:13:17 VERIFY EKU OK
qbittorrent-openvpn_1  | 2022-06-10 18:13:17 VERIFY OK: depth=0, CN=fr551.nordvpn.com
qbittorrent-openvpn_1  | 2022-06-10 18:13:20 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA512
qbittorrent-openvpn_1  | 2022-06-10 18:13:20 [fr551.nordvpn.com] Peer Connection Initiated with [AF_INET]89.40.XXX.XXX:1194
qbittorrent-openvpn_1  | 2022-06-10 18:13:21 SENT CONTROL [fr551.nordvpn.com]: 'PUSH_REQUEST' (status=1)
qbittorrent-openvpn_1  | 2022-06-10 18:13:21 AUTH: Received control message: AUTH_FAILED
qbittorrent-openvpn_1  | 2022-06-10 18:13:21 SIGTERM[soft,auth-failure] received, process exiting

Try

  • In the General Settings of the container on the Synology, try ticking the checkbox for 'Execute container using high privelege'
@MrBradricks
Copy link

MrBradricks commented Jun 11, 2022
edited

Here are my values that work, note I wrap my password in quotes so it consumes the special characters properly. Perhaps thats your issue?

environment:
     - OPENVPN_PROVIDER=NORDVPN
     - OPENVPN_USERNAME=redacted@redacted.com
     - "OPENVPN_PASSWORD=redacted"
     - NORDVPN_COUNTRY=US
     - NORDVPN_CATEGORY=legacy_p2p
     - NORDVPN_PROTOCOL=tcp
     - PUID=911
     - PGID=911
     - LAN=192.168.1.0/24

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MrBradricks @BioSs54