OpenVPN Vs. PIA Applicaton Setup

Connection sharing, Firewall, Samba..etc
Forum rules
Before you post please read how to get help
User avatar
majpooper
Level 5
Level 5
Posts: 591
Joined: Thu May 09, 2013 1:56 pm
Location: North Carolina, USA

Re: OpenVPN Vs. PIA Applicaton Setup

Post by majpooper » Tue Jan 16, 2018 1:58 pm

Oh . . . . and when I shut down my VPN and use dnscrypt only - I use OpenDNS servers = no dns leak ???????

Pippin
Level 3
Level 3
Posts: 125
Joined: Wed Dec 13, 2017 11:14 am
Location: NL/DE/TH

Re: OpenVPN Vs. PIA Applicaton Setup

Post by Pippin » Tue Jan 16, 2018 4:28 pm

When VPN is shutdown then we do not speak about DNS leakage.
From what you write it`s working as intended.

DNS leakage is spoken about only in relation with VPN/when VPN is active.
So, if applications or even only one application, on the host (running VPN client) are/is not doing DNS requests over the VPN tunnel, it`s called DNS leak.

I hope this pic can shed some light on this:
ovpn-flow08.png
Imagine DNS request going directly out eth0 instead of being routed through tun0...they would go straight to WAN exposing the request to for example ISP.
Of course VPN provider sees the request except when using dnscrypt/dns-over-tls or something alike but then the dnscrypt/dns-over-tls server sees it.
In the end it`s all a matter of trust.
"One good thing about music, when it hits you feel no pain.”
B.M.

User avatar
sammiev
Level 4
Level 4
Posts: 369
Joined: Sat May 19, 2012 12:16 pm

Re: OpenVPN Vs. PIA Applicaton Setup

Post by sammiev » Tue Jan 16, 2018 8:03 pm

The way I see it, you either trust your Vpn supplier or DNScrypt supplier.

There is VPN providers that people would likely not use as well as DNScrypt providers.

Cisco is one of the big DNScrypt players that a lot of folks trust as myself, but they record everything as Google does as well.

The no name DNS providers say they don't record anything but are there one month and gone the next.

VPN providers like PIA are trusted by many as a lot of others as well. Do they recored everything? ( likely, I don't care what they say )

For the DNScrpt and VPN servers that are here one month and gone the next, wonder what they do with your info? :shock:

corcaigher
Level 1
Level 1
Posts: 41
Joined: Thu Mar 03, 2011 11:18 am

Re: OpenVPN Vs. PIA Applicaton Setup

Post by corcaigher » Sun Feb 04, 2018 2:31 pm

I made the poor decision of enabling VPN kill switch only to have it permanently disable internet when PIA is not running and connected. Can anyone help me remove this service? I disabled the switch setting in the PIA client, but nothing has changed; if PIA client is not running, there is no internet connection.

In addition, a senior technician at PIA has advised me that Linux Mint users are not supposed to be using their client. He sent instructions to install and enable openVPN settings, but those instructions did not work.

Running on 64bit Rosa, kde Platform Version 4.14.2
Desktop: Rosa 17.3 Linux 4.4.0-111-generic, KDE Platform Version 4.14.2, AMD A6-3420M APU with Radeon(tm) HD Graphics, 10GiB Memory,

User avatar
sammiev
Level 4
Level 4
Posts: 369
Joined: Sat May 19, 2012 12:16 pm

Re: OpenVPN Vs. PIA Applicaton Setup

Post by sammiev » Sun Feb 04, 2018 4:26 pm

corcaigher wrote:I made the poor decision of enabling VPN kill switch only to have it permanently disable internet when PIA is not running and connected. Can anyone help me remove this service? I disabled the switch setting in the PIA client, but nothing has changed; if PIA client is not running, there is no internet connection.

In addition, a senior technician at PIA has advised me that Linux Mint users are not supposed to be using their client. He sent instructions to install and enable openVPN settings, but those instructions did not work.

Running on 64bit Rosa, kde Platform Version 4.14.2
If you are trying to use Openvpn to connect, you need to change to lines in their .opvn file.

The text below is the "CA Montreal.opvn" file modified.

Code: Select all

client
dev tun
proto udp
remote ca.privateinternetaccess.com 1198
resolv-retry infinite
nobind
persist-key
persist-tun
cipher AES-128-CBC
auth SHA1
tls-client
remote-cert-tls server
auth-user-pass pass.txt
comp-lzo
verb 1
reneg-sec 0
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt
disable-oc
Note: lines 9 and 10 have been changed from
cipher aes-128-cbc to cipher AES-128-CBC
auth sha1 to auth SHA1

You can make the changes to your opvn files your self or copy and paste the above.

corcaigher
Level 1
Level 1
Posts: 41
Joined: Thu Mar 03, 2011 11:18 am

Re: OpenVPN Vs. PIA Applicaton Setup

Post by corcaigher » Mon Feb 05, 2018 2:09 am

I have no access to the internet when the PIA client is disabled or removed. In order to even read any responses posted to my request for assistance, the PIA client must be installed, active and running. The PIA client is constantly disconnecting my computer from their vpn servers leaving me with no internet access. When the client is disconnected I am reconnected to my network-manager default access point but without access to the internet. Something happened to my system when I turned the kill switch in the PIA client to the on position. That was when this happened. Turning off the kill switch had no effect. Whatever changes the PIA client made have remained a permanent setting to my network setup. I am not using a firewall. Somewhere there are settings which need to be corrected or removed before I can even consider installing openVPN.
Desktop: Rosa 17.3 Linux 4.4.0-111-generic, KDE Platform Version 4.14.2, AMD A6-3420M APU with Radeon(tm) HD Graphics, 10GiB Memory,

User avatar
sammiev
Level 4
Level 4
Posts: 369
Joined: Sat May 19, 2012 12:16 pm

Re: OpenVPN Vs. PIA Applicaton Setup

Post by sammiev » Mon Feb 05, 2018 12:17 pm

corcaigher wrote:I have no access to the internet when the PIA client is disabled or removed. In order to even read any responses posted to my request for assistance, the PIA client must be installed, active and running. The PIA client is constantly disconnecting my computer from their vpn servers leaving me with no internet access. When the client is disconnected I am reconnected to my network-manager default access point but without access to the internet. Something happened to my system when I turned the kill switch in the PIA client to the on position. That was when this happened. Turning off the kill switch had no effect. Whatever changes the PIA client made have remained a permanent setting to my network setup. I am not using a firewall. Somewhere there are settings which need to be corrected or removed before I can even consider installing openVPN.
I setup my test laptop much the same as you did and closed the lid. When lid was open I had no Internet connection no matter what was done. ( like you )
Rebooted computer and everything was back to normal.
Tried for hours to see if I could get myself into the same boat as you without any luck. :(
Hopefully someone else can add to this thread.

corcaigher
Level 1
Level 1
Posts: 41
Joined: Thu Mar 03, 2011 11:18 am

Re: OpenVPN Vs. PIA Applicaton Setup

Post by corcaigher » Mon Feb 05, 2018 7:34 pm

I did a complete shutdown and restart. Still must have the PIA client running for internet access. PIA tech support is not responding at all.
Desktop: Rosa 17.3 Linux 4.4.0-111-generic, KDE Platform Version 4.14.2, AMD A6-3420M APU with Radeon(tm) HD Graphics, 10GiB Memory,

corcaigher
Level 1
Level 1
Posts: 41
Joined: Thu Mar 03, 2011 11:18 am

Re: OpenVPN Vs. PIA Applicaton Setup [Solved]

Post by corcaigher » Thu Feb 08, 2018 12:43 am

Here is the solution from PIA which worked for my situation. In a terminal I was instructed to enter the following:

apt-get remove --purge resolvconf && apt-get install resolvconf

apt-get update --fix-missing


...obviously, these commands need to be run with root privileges, so be sure to type sudo before each command then supply the administrator password. I had some security keys which were out of date, but the steps to correct this are presented to you in the terminal session. Simply follow the instructions and make the appropriate entries. After correcting the security keys and completing the PIA commands I rebooted my PC and internet access was once again available without the PIA client running.

I was also informed that the next update to the PIA client will address this problem and Linux Mint will once again be supported along with Ubuntu.
Desktop: Rosa 17.3 Linux 4.4.0-111-generic, KDE Platform Version 4.14.2, AMD A6-3420M APU with Radeon(tm) HD Graphics, 10GiB Memory,

Post Reply

Return to “Other networking topics”