Dear Any/And Other Linux Mavens Here,
Hello and I hope that you are doing well. Your latest Builds on your brand spanking new AMD RYZEN 9 3900X have been working great. Thank you from me personally and on behalf of all of us in the Community who benefit from your dedication and expertise.
Now, I have a question / request - and also guidance if needs be. My fundamental question is how does one go about building a suitable and functioning .ipk package for arm_cortex-a9_vfpv3 architecture from a Debian .deb file. More specifically, NordLynx has been released and this is the initial offering in order to get WireGuard working with NordVPN. The NordVPN Linux App is needed in order to configure WireGuard. Now, I have researched and found that .ipk files are similar to .deb files. See here for NordLynx info : https://nordvpn.com/blog/nordlynx-protocol-wireguard/ and here for NordVPN for Linux App : https://nordvpn.com/download/linux/ -
The actual .deb file is " nordvpn-release_1.0.0_all.deb " with direct download here : https://repo.nordvpn.com/deb/nordvpn/debian/pool/main/nordvpn-release_1.0.0_all.deb and here is a link to a tutorial for complete setup of NordVPN Linux App on Debian - https://blog.sleeplessbeastie.eu/2019/02/04/how-to-use-nordvpn-command-line-utility/ Lastly, if anyone can provide instructions to point me in the right direction to actually build this package for OpenWRT arm_cortex-a9_vfpv3 architecture I will greatly appreciate any and all assistance with this project.
Thanks and God Bless
According to your first link:
"Not using Linux but want to try NordLynx? We will soon provide tutorials on how to set it up on any third-party WireGuard client."
May have to wait a little...
Typically, it just works as a simple WireGuard/OpenVPN client which is already documented in the OpenWrt wiki.
Dear scott68 and vgaetera,
Hello - I was trying to get The NordVPN Linux App running on OpenWRT because this is the only way that you can currently connect to NORDVPN using their WIREGUARD setup and implementation. From NORDVPN regarding Project NordLynx :
The WireGuard protocol alone can’t ensure complete privacy. Here’s why. It can’t dynamically assign IP addresses to everyone connected to a server. Therefore, the server must contain a local static IP address table to know where internet packets are traveling from and to whom they should return. It means that the user's identity must be stored on the server and linked to an internal IP address assigned by the VPN.
To put it less technically: by implementing the out-of-the-box WireGuard protocol in our service, we would have put your privacy at risk. And we would never do this.
So we had a puzzle to solve: how can we bring WireGuard’s benefits to our users while strengthening the wobbly privacy part?
How we made it work :
We needed to find a way for the WireGuard protocol to work without posing a risk to our customers’ privacy.
And we found it. We developed something called a double NAT (Network Address Translation) system.
To put it simply, the double NAT system creates two local network interfaces for each user. The first interface assigns a local IP address to all users connected to a server. Unlike in the original WireGuard protocol, each user gets the same IP address.
Once a VPN tunnel is established, the second network interface with a dynamic NAT system kicks in. The system assigns a unique IP address for each tunnel. This way, internet packets can travel between the user and their desired destination without getting mixed up.
The double NAT system allows us to establish a secure VPN connection without storing any identifiable data on a server. Dynamic local IP addresses remain assigned only while the session is active. Meanwhile, user authentication is done with the help of a secure external database.
Linux users, try NordLynx now
In fall 2018, we invited a small group of users to take our WireGuard implementation for a test drive as a part of a closed beta. Today, after months of further research, development, and testing, we’re going public with NordLynx – our solution for a fast, private and secure VPN connection. And we’re inviting every curious soul out there to try it!
Our Linux users are the first ones to get hands-on experience with NordLynx. The NordVPN Linux app already supports it.
By default, NordVPN for Linux runs on the OpenVPN protocol. Follow these steps to switch to NordLynx:
1- Update your app to the latest version.
2- Install WireGuard. Tutorials for different distributions are available in our Help Center.
3- Open the terminal and enter ‘nordvpn set technology NordLynx’.
4- Enter ‘nordvpn c’ to connect to VPN.
So The NordVPN Linux App is essential if you want to use WIREGUARD with NORDVPN - Wireguard packages available in OpenWRT are not applicable.
Thanks - that is why I was asking about deb to ipk - if possible.
A .deb package may contain binaries, scrips, configuration files, etc. Scrips and configuration files can be easily inspected, but binaries are a whole other level. I would "open" the .deb file and inspect its contents.
I know it's an old post but did you find a way to do it? I am trying to achieve the same thing.
No change - even though - NordVPN / SurfShark / and others say that we will be able to download config files soon to make this possible. Currently - I use Mullvad VPN - TorGuard - VPN.ac - Even though - OpenWRT ( I use WRT32x and WRT3200ACM - and WRT1900ACS ) is under powered when it comes to WireGuard. It runs fine with pfSense / OPNsense - on my QOTOM Mini PC Intel Core i7-5500U - 16GB Crucial Ram and SSD ( SAMSUNG 860 PRO SSD 256GB ) - Samsung ( SSD 850 EVO mSATA 250GB )
very interesting. what do you mean by under powered? you don't get the full speeds like on a pc?