NordVPN on OpenWrt seems working, but it's not!

A tiny remark, VPN doesn't "protect" you from anything https://overengineer.dev/blog/2019/04/08/very-precarious-narrative.html

2 Likes

thanks, Noted, but in this case I kinda need to bypass geo restriction.

Yes, then it's a completely different reason for setting it up, and a good one.

1 Like

Let's get back to the actual problem, who says you're unprotected?

Do you know the tunnel's actually up and running? Tried whatsmyip with it on, and off?

yes, the IP address remains the same even after it's turned on.
and as you can see the data is not being transferred in NORD interface. also it mentions the Network device is not present

Was it in their howto to setup the tunnel as unmanaged?

You might want to compare your setup with ExpressVPN in OpenVPN on OpenWrt - SUCCESS!

it actually did. specifically mentioned to put it as unmanaged.
I'll take a look, but I'm not much familiar with SSH command lines, i did almost everything in web interface.

The VPN is showing "network device not present" which probably means that the connection to NordVPN has failed. Restart the OpenVPN service and read the system log to determine the cause of failure. The tun0 device will only exist after the VPN client has fully connected to the server.

Making a dummy unmanaged network to hold the VPN tunnel is now unnecessary since newer versions of the firewall code can attach a zone to a network device (such as tun0) directly.

1 Like

The whole configuration file for Nordvpn is not visible, but if you didn't make any mistake during the copy-paste, it should work. The other thing to verify is if the tun module is loaded.

lsmod | grep tun

Also there is a guide in the wiki, with troubleshooting commands at the bottom. Run them to get a better picture.

I still find it useful when it comes to route manipulation so it doesn't hurt to leave it one. You can also see the in/out bytes.

1 Like

image
i cant actually make anything out of this.


can you understand what the issue is?

That's fine, we can. OpenVPN complains in the logs that network is unreachable. What is the output of: ip -4 addr; ip -4 ro list table all; ip -4 ru ? No need to upload screenshot, you can copy the text and paste it here in preformatted text (the </> button).
Also try a traceroute IP_OF_OPENVPN_SERVER ; ip -4 route get IP_OF_OPENVPN_SERVER

Sorry, I can only help to configure using CLI. Please, write, if you are ready.

I am having the same problem.

root@OpenWrt:~# ip -4 addr                                                              1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000               inet 127.0.0.1/8 scope host lo                                                             valid_lft forever preferred_lft forever                                          3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP qlen 1000      inet 192.168.1.200/24 brd 192.168.1.255 scope global wlan0                                 valid_lft forever preferred_lft forever                                          5: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000      inet 10.61.61.1/24 brd 10.61.61.255 scope global br-lan                                    valid_lft forever preferred_lft forever                       

root@OpenWrt:~# ip -4 ro list table all
default via 192.168.1.1 dev wlan0  src 192.168.1.200
10.61.61.0/24 dev br-lan scope link  src 10.61.61.1
192.168.1.0/24 dev wlan0 scope link  src 192.168.1.200
broadcast 10.61.61.0 dev br-lan table local scope link  src 10.61.61.1
local 10.61.61.1 dev br-lan table local scope host  src 10.61.61.1
broadcast 10.61.61.255 dev br-lan table local scope link  src 10.61.61.1
broadcast 127.0.0.0 dev lo table local scope link  src 127.0.0.1
local 127.0.0.0/8 dev lo table local scope host  src 127.0.0.1
local 127.0.0.1 dev lo table local scope host  src 127.0.0.1
broadcast 127.255.255.255 dev lo table local scope link  src 127.0.0.1
broadcast 192.168.1.0 dev wlan0 table local scope link  src 192.168.1.200
local 192.168.1.200 dev wlan0 table local scope host  src 192.168.1.200
broadcast 192.168.1.255 dev wlan0 table local scope link  src 192.168.1.200

root@OpenWrt:~# ip -4 ru
0:      from all lookup local
32766:  from all lookup main
32767:  from all lookup default

I'm pretty new to this but am learning the hard way. Any insight would be greatly appreciated.

use the </> button when pasting cli output , it's unreadable.

1 Like

I don't know what that means or how to do that. Sorry.

Please use the "Preformatted text </>" button for logs, scripts, configs and general console output.
grafik
Please edit your post accordingly. Thank you! :slight_smile:

1 Like

Thanks. Hopefully that is correct now.

Actually I got my problem fixed. It was not connecting to the NordVPN because the username/password was incorrect.

NordVPN can be made to work fine over WireGuard by the way.

Isn't WireGuard a vpn too. Why use both? An added level of security? From looking at WireGuard info, it makes NordVPN faster?