NordVPN/PIA and qBittorrent problem

Currently reading
NordVPN/PIA and qBittorrent problem

291
90
NAS
DS920+, DS416slim
Operating system
  1. Windows
Mobile operating system
  1. Android
Hi there people. My aim is to have QBit running via a VPN. I have subscriptions to both PIA and Nord, have tried with both but to no avail.

I am mega new to both SSH and docker so I'm probably doing something very obviously wrong.

I've followed the instructions over here - I had no idea these were @Rusty 's guides, but makes sense now recognising the face!

I can SSH in fine, and install the QBit container fine.

docker run --privileged -d --name=qbittorrent -v /volume1/docker/qbit/config/:/config -v /volume1/torr/:/downloads -e "VPN_ENABLED=yes" -e "VPN_USERNAME=myPIAusername" -e "VPN_PASSWORD=myPIApassword" -e "LAN_NETWORK=192.168.1.0/24" -e "NAME_SERVERS=8.8.8.8,8.8.4.4" -p 8080:8080 -p 8999:8999 -p 8999:8999/udp markusmcnugen/qbittorrentvpn

The username and password I am using are the regular ones I use to log into the website and app etc.

It runs and gives the following log:

Code:
date    stream    content
2021-11-26 13:33:26    stdout    Use --help for more information.
2021-11-26 13:33:26    stdout    Options error: In [CMD-LINE]:1: Error opening configuration file: /config/openvpn/uk-aes-256-cbc-udp-dns.ovpn
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.385118 [info] Starting OpenVPN...
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.349514 [info] PGID not defined. Defaulting to root group
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.312613 [info] PUID not defined. Defaulting to root user
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.277512 [info] Adding 8.8.4.4 to resolv.conf
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.241315 [info] Adding 8.8.8.8 to resolv.conf
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.204678 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.168158 [info] NAME_SERVERS defined as '8.8.8.8,8.8.4.4'
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.132110 [info] LAN_NETWORK defined as '192.168.1.0/24'
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.095738 [info] VPN_DEVICE_TYPE defined as 'tun0'
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.059533 [info] VPN_PROTOCOL defined as 'udp'
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.023264 [info] VPN_PORT defined as '1197'
2021-11-26 13:33:25    stdout    2021-11-26 13:33:25.986947 [info] VPN_REMOTE defined as 'uk-london.privacy.network'
2021-11-26 13:33:25    stdout    2021-11-26 13:33:25.950240 [info] VPN remote line defined as 'uk-london.privacy.network 1197'
2021-11-26 13:33:25    stderr    dos2unix: converting file /config/openvpn/uk-aes-256-cbc-udp-dns.ovpn to Unix format...
2021-11-26 13:33:25    stdout    2021-11-26 13:33:25.866884 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/uk-aes-256-cbc-udp-dns.ovpn
2021-11-26 13:33:25    stdout    2021-11-26 13:33:25.801596 [info] VPN_ENABLED defined as 'yes'

The last part of the log "Options error" seems odd to me as it has already opened the config file at the beginning of the process?

When I try to open the QBit local/admin page at 192.168.1.174:8080 (in Firefox) i get an error:
- via http: "The connection was reset: The connection to the server was reset while the page was loading."
- via https: "Secure Connection Failed: An error occurred during a connection to 192.168.1.174:8080. PR_END_OF_FILE_ERROR"

I have done the tun.ko testing part, making sure it runs on reboot etc and this seems fine (even if it did take me hours to work out i needed putty, and how to close the file once editing it...!).

curl ifconfig.me gives the error "Could not resolve host" so i think maybe the issue is with the ovpn cert I am using? Which is:

client
dev tun
proto udp
remote uk-london.privacy.network 1197
resolv-retry infinite
nobind
persist-key
persist-tun
cipher aes-256-cbc
auth sha256
tls-client
remote-cert-tls server

auth-user-pass
compress
verb 1
reneg-sec 0
<crl-verify>
-----BEGIN X509 CRL-----

xxx

-----END X509 CRL-----
</crl-verify>

<ca>
-----BEGIN CERTIFICATE-----

xxx

-----END CERTIFICATE-----
</ca>

disable-occ

I am putting the ovpn file in "/docker/qbit/config/openvpn" which I think is correct given what i have defined the config folder as (and it seems to be getting read).

If anyone is able to shed some light on this it would be most appreciated. I am in well above my depth here!!
 
I am putting the ovpn file in "/docker/qbit/config/openvpn" which I think is correct given what i have defined the config folder as (and it seems to be getting read).
From all this it looks fine. The reason QBit is not running is because it did start after the VPN connection has been initiated. You would see it in the log when Qbit has started. Because of a "kill-switch" way it works, Qbit will not start without an active connection.

Reason your connection is not running is a matter that needs to be resolved 1st.

Qbit folder needs to be created (automatically not manually!!) inside the folder where you placed the openvpn folder and it should have its config files in there. If the folder structure is missing that is a definitive evidence that the VPN part of this container did not go as expected.
 
Upvote 0
From all this it looks fine. The reason QBit is not running is because it did start after the VPN connection has been initiated. You would see it in the log when Qbit has started. Because of a "kill-switch" way it works, Qbit will not start without an active connection.

Reason your connection is not running is a matter that needs to be resolved 1st.

Qbit folder needs to be created (automatically not manually!!) inside the folder where you placed the openvpn folder and it should have its config files in there. If the folder structure is missing that is a definitive evidence that the VPN part of this container did not go as expected.
Thanks for the seriously quick reply.

So the issue is that the VPN connection is not successful - I guess also why the curl command doesn't work.

Do I need to open up anything in the DS / router firewall or have any specific settings tweaked outside of docker for the VPN to connect?
 
Upvote 0
Thanks for the seriously quick reply.

So the issue is that the VPN connection is not successful - I guess also why the curl command doesn't work.

Do I need to open up anything in the DS / router firewall or have any specific settings tweaked outside of docker for the VPN to connect?
Not needed by default, but it could be a factor depending on your configuration on your end. What you can do, is try and run this container 1st with VPN_ENABLE=no variable to get the QBIT to boot up.

Then bash into it and see if you have internet connectivity. If you do, you will know that from that side, all is well.

Do you have anythings special configured on your end regarding FW on any level?
 
Upvote 0
Not needed by default, but it could be a factor depending on your configuration on your end. What you can do, is try and run this container 1st with VPN_ENABLE=no variable to get the QBIT to boot up.

Then bash into it and see if you have internet connectivity. If you do, you will know that from that side, all is well.

Do you have anythings special configured on your end regarding FW on any level?

OK so I deleted the container, changed VPN_ENABLE=no and then re-created the container. Went into docker, opened the container, Terminal -> create -> bash -> "curl ifconfig.me" and the result is "Could not resolve host" again. So I think still no intenernet conn.

I think the FW setup at my end is fairly simple. 920+ -> network switch via a bond (Adaptive load balancing) -> router (hyperoptic ZTE router).

Is it possible the router is blocking something?? Or does docker need to be opened up somehow maybe?
-- post merged: --

I have just realised that qbit has been created and i can get through to it at http://192.168.1.174:8080/

SO something is working!
 
Upvote 0
OK so I deleted the container, changed VPN_ENABLE=no and then re-created the container. Went into docker, opened the container, Terminal -> create -> bash -> "curl ifconfig.me" and the result is "Could not resolve host" again. So I think still no intenernet conn.

I think the FW setup at my end is fairly simple. 920+ -> network switch via a bond (Adaptive load balancing) -> router (hyperoptic ZTE router).

Is it possible the router is blocking something?? Or does docker need to be opened up somehow maybe?
-- post merged: --

I have just realised that qbit has been created and i can get through to it at http://192.168.1.174:8080/

SO something is working!
Ok so the container has loaded as intended, but if you can't talk to the internet, then VPN connections once it starts the process will not work as well.

LAN_NETWORK variable, have you configured it to your lan subnet?
 
Upvote 0
not that this will help you very much, but i do use an old NUC with 128mb SSD, installed KDE neon plasma, installed the NordVPN package with killswitch, qbitt, setup a share on the nas where the completed downloads are saved by qbitt and there it flies..

No extra burden on my NAS with extra connections, fully separated from precious data, managed via nomachine.
 
Upvote 0
Last edited:
Ok so the container has loaded as intended, but if you can't talk to the internet, then VPN connections once it starts the process will not work as well.

LAN_NETWORK variable, have you configured it to your lan subnet?

I think so - my router is 192.168.1.1 and so i think 192.168.1.0 is correct also? I'm not sure what the /24 relates too though? Or should it be 255.255.255.0 (i think not) ?
-- post merged: --

not that this will help you very much, but i do use an old NUC with 128mb SSD, installed KDE neon plasma, installed the NordVPN package with killswitch, qbitt, setup a share on the nas where the completed downloads are saved by qbitt and there it flies..

No extra burden on my NAS with extra connections, fully separated from precious data, managed via nomachine.

After battling with this for three days, yes the thought of using an old laptop to do something similar has occurred a few times! But my conclusion is that the NAS is barely being taxed and so it should fulfil this purpose too. Even if it is a massive pain to set up!!

@Rusty poking around in the docker settings I can see that under Network there is a bridge with two active containers, one is the orginal qbit image (murkusmcnugen) and the one we have created.

It has the details:

bridge
2 connected container(s)
Driver: bridge
Subnet: 172.17.0.0/16
Gateway: 172.17.0.1
IPv6: Disabled
Container: markusmcnugen-qbittorrentvpn1, qbittorent

should i delete this???

----------------

So,
With VPN_ENABLED=no and the firewall off, I can connect to qbit and download torrents.
With VPN_ENABLED=no and the firewall on, I can connect to qbit and download torrents.
With VPN_ENABLED=yes and the firewall off, I cannot connect to qbit.

Therefore connecting to the VPN is 100% the issue

I also have the Synology OpenVPN server running but I don't think that should be an issue?
 
Upvote 0
Still struggling with this, hours later o_O

If someone is able to post a working .ovpn file (for PIA or Nord) that would be great as it would square off one of my potential problems... And the docker setup command if possible too!
 
Upvote 0
This was one of the reasons I quit with the opvn setup and went back to the NUC.
It worked for a few years, and then, when I forgot how I set it up, the server was taken out of service. As the server is hard coded in the opvn file, it took me again 3 days to find out why and how, and redo the setup (yes, yes bad memory and did not write it down)
Using the nordvpn CLI application, you can just give a comment like "nordvpn connect p2p" and it will find you a working server on each startup.
 
Upvote 0
Not sure what you mean with a working .opvn file for NordVPN, these are downloadable from nordvpn website.
opvn files
Make sure you choose a Nordvpn server that supports P2P. nordvpn helps you with that choice on the website: server select

I was wondering if maybe the Nordvpn files weren't working properly with Docker - one of the error messages was "Options error: In [CMD-LINE]:1: Error opening configuration file: /config/openvpn/uk-aes-256-cbc-udp-dns.ovpn"

Thank you for the links, I had found them already (albeit in a different place on the Nordvpn website) but hadn't considered p2p only. Unfortunately it didn't make a difference.

After doing some reading on github, people have been having various issues with this image recently, and some have suggested a similar one by dyonr, so it looks like there are wider problems and me with zero knowledge is not going to be able to solve anything. A lot of the things people are suggesting I simply don't understand.

So it seems like a general DSM 7 issue and I'll need to wait a while for things to settle down and someone to come up with a bulletproof method!
 
Upvote 0
Or should it be 255.255.255.0 (i think not) ?
it’s fine then.

should i delete this???
no need.

So it seems like a general DSM 7 issue and I'll need to wait a while for things to settle down and someone to come up with a bulletproof method!
might suggest to test out a separate image or maybe a vpn container and the a torrent app one in the next.

you will be able to push your torrent container via vpn one.
 
Upvote 0
might suggest to test out a separate image or maybe a vpn container and the a torrent app one in the next.

you will be able to push your torrent container via vpn one.

This sounds even more complicated so I think I will need a clear day to try it out! Docker/portainer was new to me and I am feeble with ssh so will need to dedicate some serious time to it.

In my mind what you have suggested is actually a better idea as separating out the links means you can more easily see where (if) something has broken.

Thank you again for the tips, both here and on your website - greatly appreciated.
 
Upvote 0
@Rusty this is potentially a daft question but here goes

Can I just create a new user on the DSM, set up a VPN connection through the control panel, and then install and use Download Station (or any other torrent app) as normal ?

If I set up a VPN conn. through my main user it will route all traffic through it which I don't want to happen - I want torrent traffic to be the only traffic through the VPN. So I think the above would work? Just need to turn off all other services etc to keep things minimal.

..... right?!
 
Upvote 0
Can I just create a new user on the DSM, set up a VPN connection through the control panel, and then install and use Download Station (or any other torrent app) as norma
No. VPN connection will be NAS-wide, not user-wide.
 
Upvote 0
Last edited:
Hi there people. My aim is to have QBit running via a VPN. I have subscriptions to both PIA and Nord, have tried with both but to no avail.

I am mega new to both SSH and docker so I'm probably doing something very obviously wrong.

I've followed the instructions over here - I had no idea these were @Rusty 's guides, but makes sense now recognising the face!

I can SSH in fine, and install the QBit container fine.



The username and password I am using are the regular ones I use to log into the website and app etc.

It runs and gives the following log:

Code:
date    stream    content
2021-11-26 13:33:26    stdout    Use --help for more information.
2021-11-26 13:33:26    stdout    Options error: In [CMD-LINE]:1: Error opening configuration file: /config/openvpn/uk-aes-256-cbc-udp-dns.ovpn
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.385118 [info] Starting OpenVPN...
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.349514 [info] PGID not defined. Defaulting to root group
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.312613 [info] PUID not defined. Defaulting to root user
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.277512 [info] Adding 8.8.4.4 to resolv.conf
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.241315 [info] Adding 8.8.8.8 to resolv.conf
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.204678 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.168158 [info] NAME_SERVERS defined as '8.8.8.8,8.8.4.4'
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.132110 [info] LAN_NETWORK defined as '192.168.1.0/24'
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.095738 [info] VPN_DEVICE_TYPE defined as 'tun0'
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.059533 [info] VPN_PROTOCOL defined as 'udp'
2021-11-26 13:33:26    stdout    2021-11-26 13:33:26.023264 [info] VPN_PORT defined as '1197'
2021-11-26 13:33:25    stdout    2021-11-26 13:33:25.986947 [info] VPN_REMOTE defined as 'uk-london.privacy.network'
2021-11-26 13:33:25    stdout    2021-11-26 13:33:25.950240 [info] VPN remote line defined as 'uk-london.privacy.network 1197'
2021-11-26 13:33:25    stderr    dos2unix: converting file /config/openvpn/uk-aes-256-cbc-udp-dns.ovpn to Unix format...
2021-11-26 13:33:25    stdout    2021-11-26 13:33:25.866884 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/uk-aes-256-cbc-udp-dns.ovpn
2021-11-26 13:33:25    stdout    2021-11-26 13:33:25.801596 [info] VPN_ENABLED defined as 'yes'

The last part of the log "Options error" seems odd to me as it has already opened the config file at the beginning of the process?

When I try to open the QBit local/admin page at 192.168.1.174:8080 (in Firefox) i get an error:
- via http: "The connection was reset: The connection to the server was reset while the page was loading."
- via https: "Secure Connection Failed: An error occurred during a connection to 192.168.1.174:8080. PR_END_OF_FILE_ERROR"

I have done the tun.ko testing part, making sure it runs on reboot etc and this seems fine (even if it did take me hours to work out i needed putty, and how to close the file once editing it...!).

curl ifconfig.me gives the error "Could not resolve host" so i think maybe the issue is with the ovpn cert I am using? Which is:

nordvpn premium apk

I am putting the ovpn file in "/docker/qbit/config/openvpn" which I think is correct given what i have defined the config folder as (and it seems to be getting read).

If anyone is able to shed some light on this it would be most appreciated. I am in well above my depth here!!
I am also having the same issue
 
Upvote 0
I am also having the same issue

If it's any help, I gave up doing this on DSM because of all the inherent issues. Instead I bought a Raspberry Pi and did it on that, which works VERY well.

Installing NordVPN on Debian, Ubuntu, Raspberry Pi, Elementary OS & Linux Mint | NordVPN support

Installing qBittorrent on the Raspberry Pi

My notes for one particular part, connecting RPi to DSM shares

TO SEE SHARED FOLDER FROM NAS:


Make rpi wait for networkSettings - Pref - Rpi Config - wait for network
Enable ssh
ssh into pi
Create mount point on rpi in terminalsudo mkdir /mnt/torr
Edit startup filesudo nano /etc/fstab
enter as one single line//192.168.1.174/torr /mnt/torr cifs username=username,password=password,rw,file_mode=0777,dir_mode=0777 0 0

IP address is for DSM torrent share
save and exitCTRL + X
Y
ENTER
reboot and checksudo reboot
repeat for video don't forget to create video directory in mnt as well

/mnt/vid/
 
Upvote 0

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Hi, I'll start by saying, my understanding of networking is very limited so I apologize if I'm asking an...
Replies
0
Views
845

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top