OpenVPN brocken

[wf54]

Using PrivateVPN and having problems with DNS leaks. Mint 18.3 / Cinamon 3.6.7 / Kernel 4.10.0-38 generic / 64bit.
They took over my computer and fixed it in a fashion, No leaks but unable to change servers/country..
Also Sky are still blocking their blacklisted pages but that was no surprise.

After I informed the help assistant that servers weren’t changing they replied with;
[Seems like Network Manager's OpenVPN plugin is totally broken. You should try upgrading or updating your OS. It is not disconnecting only and hence the VPN shows the 1st VPN connection only.]

I’ve looked on here and I’m unable to find an answer that fits.
Would this work, if I un-install OpenVPN via the software manager and then reinstall it.
Then do a fresh install of PrivateVpn,


Apologise if I've missed an answer to this,

[sdibaja]

I would first try reinstall by following their basic install instructions: https://www.privateinternetaccess.com/i ... ller_linux

[DAMIEN1307]

i do not know if this has any bearing on your issue but i noticed that your using a 4.10 series kernel and to the best of my knowledge, this kernel series is no longer supported...even if this is not the problem, i would still change the kernel to something that is supported such as the latest 4.4 series kernel which is LTS or the latest in the 4.13 HWE kernel series...cant hurt to give this a try, but you do need to be in a supported kernel series...DAMIEN

[wf54]

i would still change the kernel to something that is supported such as the latest 4.4 series kernel which is LTS or the latest in the 4.13 HWE kernel series...cant hurt to give this a try, but you do need to be in a supported kernel series..

Damien
Wonder why support didn't look at that, would an updated Kernal have new drivers for OpenVPN?
Update manager has Kernal 4.13.0-39,44--16.04.1 with a red exclamation mark under 'Type' would this be OK to install, the red ! put me off updating it.

I would first try reinstall by following their basic install instructions:

sdibaja
The guys from PrivateVPN took over the Desktop and worked on it for a couple of hours undoing and redoing to solve the DNS, that appears to have been fixed but it's caused a problem changing servers.
Thought maybe deleting OpenVpn and installing it again, then re-installing PrivateVPN would have more chance of correcting it but really don't know.

[DAMIEN1307]

hi wf54...please copy and paste the following "command" into the "terminal" and then copy and paste the response here...this will give all of us something to work with in trying to help you with this situation as well as telling us most of what we need to know as to what your system can handle...DAMIEN

inxi -Fxz

[phd21]

Hi wf54,

I just read your post and the good replies to it. Here are my thoughts on this as well.

+1 for It would help to know more about your system setup. If you run "inxi -Fxzd" and "lsusb" from the console terminal prompt, highlight the results, copy and paste them back here, that should provide enough information.

It might also help to update the openvpn software using the instructions from the link below, see my reply and use the correct instructions for your version of Linux Mint. Just had an update to this today as well.

Is it possible to install the latest openvpn on 17.3 without breaking everything[SOLVED] - Linux Mint Forums
viewtopic.php?f=157&t=242583&hilit=openvpn

Hope this helps ...

[DAMIEN1307]

phd21...do not know if you noticed...the Op is NOT running 17.3 but 18.3...you stated..."Is it possible to install the latest openvpn on 17.3"...again the Op says..."Using PrivateVPN and having problems with DNS leaks. Mint 18.3 / Cinamon 3.6.7 / Kernel 4.10.0-38 generic / 64bit"...he is running 18.3...NOT 17.3...DAMIEN

[phd21]

Hi DAMIEN1307,

1.) Ignore the post title, there are instructions in that post for anyone using Linux Mint 17.x or 18.x to update the "openVPN" software.

To see what version of "openVPN" software is installed, open a console terminal prompt and type in the command below:

Code: Select all

openvpn --version

This is what my system just updated to last night or today.
OpenVPN 2.4.6

2.) A lot of VPN providers have DNS leaks which has been discussed many times in this forum. One easy way to make DSN leaks not matter is to simply change your local ISP's DNS entries to safe, secure, and anonymous DNS server IP addresses from a reliable DNS provider like "dns.watch", or the new "Cloudflare", "opennic", "OpenDNS", etc... Then even if a VPN is leaking DNS information, it will not be yours, but the anonymous DNS provider's DNS IP address, so you will be safe. Changing the local ISP DNS server IP addresses is just a smart thing to do whether you use a VPN or not.

Cloudflare launches 1.1.1.1 DNS service that will speed up your internet - The Verge
https://www.theverge.com/2018/4/1/17185 ... ce-1-1-1-1

How to change your local ISP DNS server IP addresses
Linux Mint/Cinnamon – OpenDNS
https://support.opendns.com/hc/en-us/ar ... t-Cinnamon

Hope this helps ...

[DAMIEN1307]

i agree but we must take into consideration that wf54 is a newbie and could possibly be confused when we who do know this naturally assume that its the same case in 17.3 or 18.3...we need to be more accurate and targeted in order not to cause confusion for a newbie...let us both now wait for the OP to post his "inxi -Fxz" so that we as a community might be better informed of his system and its capabilities...and by the way...i use 1.1.1.1, 1.0.0.1 in my configurations but we need to see what the OP has...DAMIEN

[wf54]

I updated from 17 to 18 but as far as the terminal is concerned, i'm hopeless, doesn't help reading characters back to front.
I believe this is the information you need, looks like the OpenVPN is out of date so I'll start with that.
Just one query,

Is it possible to install the latest openvpn on 17.3 without breaking everything[SOLVED] - Linux Mint Forums
viewtopic.php?f=157&t=242583&hilit=openvpn

I saw this and disregarded it due to reading that 18 packages were a major change to 17's,

thanks, the help is much appreciated, I have look on the forum but nothing, to me, seemed to quite fit what I needed, knowing what you need helps a little

wilf@wilf-System-Product-Name ~ $ command
wilf@wilf-System-Product-Name ~ $ command

wilf@wilf-System-Product-Name ~ $ inxi -Fxzd
System: Host: wilf-System-Product-Name Kernel: 4.10.0-38-generic x86_64 (64 bit gcc: 5.4.0)
Desktop: Cinnamon 3.6.7 (Gtk 3.18.9-1ubuntu3.3)
Distro: Linux Mint 18.3 Sylvia
Machine: Mobo: ASUSTeK model: H110M-PLUS v: Rev X.0x
Bios: American Megatrends v: 3401 date: 03/16/2017
CPU: Dual core Intel Core i3-7100 (-HT-MCP-) cache: 3072 KB
flags: (lm nx sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx) bmips: 15648
clock speeds: max: 3900 MHz 1: 837 MHz 2: 800 MHz 3: 799 MHz
4: 799 MHz
Graphics: Card: Intel Device 5912 bus-ID: 00:02.0
Display Server: X.Org 1.18.4 drivers: intel (unloaded: fbdev,vesa)
Resolution: 1920x1080@60.00hz
GLX Renderer: Mesa DRI Intel Kabylake GT2
GLX Version: 3.0 Mesa 17.0.7 Direct Rendering: Yes
Audio: Card Intel Sunrise Point-H HD Audio
driver: snd_hda_intel bus-ID: 00:1f.3
Sound: Advanced Linux Sound Architecture v: k4.10.0-38-generic
Network: Card-1: Intel Device 24fd driver: iwlwifi bus-ID: 01:00.0
IF: wlp1s0 state: up speed: N/A duplex: N/A mac: <filter>
Card-2: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller
driver: r8169 v: 2.3LK-NAPI port: e000 bus-ID: 02:00.0
IF: enp2s0 state: down mac: <filter>
Drives: HDD Total Size: 1128.2GB (2.1% used)
ID-1: /dev/sda model: ADATA_SU800 size: 128.0GB
ID-2: /dev/sdb model: ST1000DM010 size: 1000.2GB
Optical: /dev/sr0 model: ASUS DRW-24D5MT
rev: 1.00 dev-links: cdrom,cdrw,dvd,dvdrw
Features: speed: 12x multisession: yes
audio: yes dvd: yes rw: cd-r,cd-rw,dvd-r,dvd-ram state: running
Partition: ID-1: / size: 110G used: 15G (14%) fs: ext4 dev: /dev/sda2
ID-2: swap-1 size: 8.45GB used: 0.00GB (0%) fs: swap dev: /dev/sda3
RAID: No RAID devices: /proc/mdstat, md_mod kernel module present
Sensors: System Temperatures: cpu: 30.0C mobo: 29.8C
Fan Speeds (in rpm): cpu: 0
Info: Processes: 208 Uptime: 8:15 Memory: 1348.3/7844.9MB
Init: systemd runlevel: 5 Gcc sys: 5.4.0
Client: Shell (bash 4.3.481) inxi: 2.2.35

wilf@wilf-System-Product-Name ~ $ lsusb
Bus 004 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 012: ID 058f:6364 Alcor Micro Corp. AU6477 Card Reader Controller
Bus 001 Device 003: ID 046d:c505 Logitech, Inc. Cordless Mouse+Keyboard Receiver
Bus 001 Device 002: ID 0461:4de2 Primax Electronics, Ltd
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

wilf@wilf-System-Product-Name ~ $ ^C
wilf@wilf-System-Product-Name ~ $ openvpn --version
OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08
Originally developed by James Yonan
Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
Compile time defines: enable_crypto=yes enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=yes enable_fragment=yes enable_http_proxy=yes enable_iproute2=yes enable_libtool_lock=yes enable_lzo=yes enable_lzo_stub=no enable_maintainer_mode=no enable_management=yes enable_multi=yes enable_multihome=yes enable_pam_dlopen=no enable_password_save=yes enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=no enable_small=no enable_socks=yes enable_ssl=yes enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_win32_dll=yes enable_x509_alt_username=yes with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_plugindir='${prefix}/lib/openvpn' with_sysroot=no
wilf@wilf-System-Product-Name ~ $

Entered to update OpenVPN
wilf@wilf-System-Product-Name ~ $ sudo -s
[sudo] password for wilf:
wilf-System-Product-Name ~ # wget -O - https://swupdate.openvpn.net/repos/repo ... pg|apt-key add -
--2018-04-25 00:48:33-- https://swupdate.openvpn.net/repos/repo-public.gpg
Resolving swupdate.openvpn.net (swupdate.openvpn.net)... 104.20.194.50, 104.20.195.50
Connecting to swupdate.openvpn.net (swupdate.openvpn.net)|104.20.194.50|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1806 (1.8K) [binary/octet-stream]
Saving to: ‘STDOUT’

- 100%[===================>] 1.76K --.-KB/s in 0s

2018-04-25 00:48:33 (5.95 MB/s) - written to stdout [1806/1806]

OK
wilf-System-Product-Name ~ # echo "deb http://build.openvpn.net/debian/openvpn/release/2.4 xenial main" > /etc/apt/sources.list.d/openvpn-aptrepo.list
wilf-System-Product-Name ~ # sudo apt-get update
Hit:1 http://archive.ubuntu.com/ubuntu xenial InRelease
Get:2 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Hit:3 http://archive.canonical.com/ubuntu xenial InRelease
Get:4 http://archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Hit:5 http://ppa.launchpad.net/inkscape.dev/stable/ubuntu xenial InRelease
Ign:6 http://www.mirrorservice.org/sites/pack ... m/packages sylvia InRelease
Hit:7 http://linux.teamviewer.com/deb stable InRelease
Hit:8 http://www.mirrorservice.org/sites/pack ... m/packages sylvia Release
Hit:9 http://linux.teamviewer.com/deb preview InRelease
Get:10 http://archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]
Get:12 http://security.ubuntu.com/ubuntu xenial-security/universe amd64 Packages [344 kB]
Ign:13 http://build.openvpn.net/debian/openvpn/release/2.4 xenial InRelease
Get:14 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages [765 kB]
Get:15 http://security.ubuntu.com/ubuntu xenial-security/universe i386 Packages [299 kB]
Get:16 http://build.openvpn.net/debian/openvpn/release/2.4 xenial Release [2,653 B]
Get:17 http://security.ubuntu.com/ubuntu xenial-security/universe Translation-en [129 kB]
Get:18 http://build.openvpn.net/debian/openvpn/release/2.4 xenial Release.gpg [512 B]
Get:19 http://archive.ubuntu.com/ubuntu xenial-updates/main i386 Packages [706 kB]
Get:20 http://archive.ubuntu.com/ubuntu xenial-updates/universe amd64 Packages [623 kB]
Get:21 http://build.openvpn.net/debian/openvpn/release/2.4 xenial/main amd64 Packages [1,453 B]
Get:22 http://archive.ubuntu.com/ubuntu xenial-updates/universe i386 Packages [575 kB]
Get:23 http://build.openvpn.net/debian/openvpn/release/2.4 xenial/main i386 Packages [1,450 B]
Get:24 http://archive.ubuntu.com/ubuntu xenial-updates/universe Translation-en [251 kB]
Fetched 4,003 kB in 1s (2,833 kB/s)
Reading package lists... Done
wilf-System-Product-Name ~ # sudo apt-get install openvpn
Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
easy-rsa
The following packages will be upgraded:
openvpn
1 to upgrade, 0 to newly install, 0 to remove and 26 not to upgrade.
Need to get 483 kB of archives.
After this operation, 126 kB of additional disk space will be used.
Get:1 http://build.openvpn.net/debian/openvpn/release/2.4 xenial/main amd64 openvpn amd64 2.4.6-xenial0 [483 kB]
Fetched 483 kB in 1s (263 kB/s)
Preconfiguring packages ...
(Reading database ... 230383 files and directories currently installed.)
Preparing to unpack .../openvpn_2.4.6-xenial0_amd64.deb ...
Unpacking openvpn (2.4.6-xenial0) over (2.3.10-1ubuntu2.1) ...
Processing triggers for libc-bin (2.23-0ubuntu10) ...
Processing triggers for systemd (229-4ubuntu21.1) ...
Processing triggers for ureadahead (0.100.0-19) ...
ureadahead will be reprofiled on next reboot
Processing triggers for man-db (2.7.5-1) ...
Setting up openvpn (2.4.6-xenial0) ...
* Restarting virtual private network daemon(s)... * No VPN is running.
Processing triggers for libc-bin (2.23-0ubuntu10) ...
wilf-System-Product-Name ~ # sudo apt-get install easy-rsa
Reading package lists... Done
Building dependency tree
Reading state information... Done
Recommended packages:
opensc
The following NEW packages will be installed
easy-rsa
0 to upgrade, 1 to newly install, 0 to remove and 26 not to upgrade.
Need to get 17.4 kB of archives.
After this operation, 95.2 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu xenial/universe amd64 easy-rsa all 2.2.2-2 [17.4 kB]
Fetched 17.4 kB in 0s (93.3 kB/s)
Selecting previously unselected package easy-rsa.
(Reading database ... 230392 files and directories currently installed.)
Preparing to unpack .../easy-rsa_2.2.2-2_all.deb ...
Unpacking easy-rsa (2.2.2-2) ...
Processing triggers for man-db (2.7.5-1) ...
Setting up easy-rsa (2.2.2-2) ...

[DAMIEN1307]

ok...first off...your using an unsupported kernel...you need to install the 4.13 or 4.15 kernal...i use asustec on all my systems i use on a regular basis and yours are also asustec...try the 4.15 latest in the series...cant hurt...worse that can happen is to revert to previous kernel...right now your using an unsupported kernel 4.10 series...i want to see your system to supported specs so we can see where we are going...OK?...DAMIEN

[DAMIEN1307]

for a short while at least...im here in real time even though it does not here in forum showing me as "here:or "online"...thats because i like invisibility...lol...DAMIEN

[DAMIEN1307]

i also noticed this...from your stats..." 0 to upgrade, 1 to newly install, 0 to remove and 26 not to upgrade"...what have you decide not to newly install and what have you decided of 26 situations not to upgrade?......DAMIEN

[phd21]

Hi wf54,

1.a.) From what I just read, you did very well following my instructions for updating the "openVPN" software using the console terminal command, nicely done!

Setting up openvpn (2.4.6-xenial0) ...
* Restarting virtual private network daemon(s)... * No VPN is running.

1.b.) If you have not rebooted after making the "openVPN" changes, I would do that, and then report back if you can now access other VPN server locations, or if you still cannot access any other VPN servers.

2.) If you have not already done so, I would still highly recommend changing your local ISP's DNS server IP addresses to secure anonymous ones from a reliable DNS provider which would also help with DNS leaks among other things. The instructions are in the links I provided in the repy to "DAMIEN1307".

3.) I also recommend updating the Linux Kernel through your Mint Update Manager to a newer one in the 4.13.xx series or higher for security reasons, this always requires rebooting as well.


Hope this helps ...

[wf54]

After update of Open VPN. didn't help. Changing VPN was hit and miss and ended up with VPN failed, shown below
going to update to kernel 14.13.0-39.44 and see what happens
Updated Kernel, no change.

i also noticed this...from your stats..." 0 to upgrade, 1 to newly install, 0 to remove and 26 not to upgrade"...what have you decide not to newly install and what have you decided of 26 situations not to upgrade?......DAMIEN

I didn't and haven't Damien, the service team took over and must have done it.
I only install green 'safe' updates, read that the orange updates should be left alone if you don't know what you are doing, classic case of ignorance is bliss.

Changing VPN was hit and miss and ended up with VPN failed, shown below
Started with Oslo, changed Server did DNS check still Oslo.

Disconected VPN, closed wireless, changed server to Brussels, DNS page Belgium, DNS check Netherlands.

Changed server to Netherlands, closed browser , opened browser DNS page Brussels, DNS check Netherlands.

Changed server to Paris with browser still open, DNS page Belgium check Netherlands,

Closed wireless and VPN, used BleachBit, opened wireless, changed VPN to Atlanta, opened browser DNS page showed Buffalo, check showed USA.

Changed VPN to Manchester with browser still open on home page, DNS showed Newcastle, check showed UK.

Browser back to home page, changed VPN to Oslo, check showed Norway.

Back to home page changed VPN to Paris, DNS showed Olso, check showed Norway.

Closed browser cleaned leaving wireless and VPN open on Paris, opened browser DNS page still showed Olso.

Closed browser and VPN, cleaned again, opened VPN on Paris, opened browser went to DNS page which showed Oslo.

Closed wireless and VPN, opened wireless, opened VPN on Paris again. DNS page Paris, check France.

Home page change VPN to Copenhagen DNS page on Paris then VPN failed.

[Rubin_Farr]

It sounds like a lot like an unfixed (over a year at least) bug with Ubuntu. I posted the fix/workaround here. This bug will cause your DNS to leak. I can't guarantee this is your problem, however.

Be sure to send your to send your love to Canonical.

In my mind, this bug should be at least stickied and if we had a 'security' forum it would go great there, but alas.

[wf54]

Rubin_Rarr
Now here’s the thing, the PrivateVPN team took over my desktop, spent some time working on it and fixed the leak.
They then informed me that it was a problem due to my OpenVPN been broken.
I don’t know how they fixed the leak, they could have actually used you fix.
That leaves me with two concerns.
First the DNS site will say there’s no leaks but Sky can still block their banned sites, how?.
Second is that I’m unable to change servers, DNS site doesn’t show the change.

I had leaks with IPVanish but changing the server was never an issue, maybe if I’d getting them to fix the leak, like PrivateVPN maybe I wouldn’t have been able to change the server on IPVanish also.
I haven’t a clue but could it be one or all of;
OpenVPN is cream crackered,
VPN software is cream crackered.
Some files code from IPVanish that wasn’t deleted is causing problems.
So many changes have caused problems with Mint.
Does this make sense?

How to change your local ISP DNS server IP addresses
Linux Mint/Cinnamon – OpenDNS
https://support.opendns.com/hc/en-us/ar ... t-Cinnamon

Phd21
Tried the link but got cold feet when in IPv4, DNS the server address remained red.
While entering the server No. 208.67.222.222.208.67.220.220 the box kept changing from red to white. I assumed that white was a recognised address and red was unrecognised, so when the box remained highlighted in red I thought it may no longer be correct so I bailed out and cancelled.
Also I didn’t have the Method option of Automatic (DHCP) addresses only, just Automatic (DHCOP)

[phd21]

HI wf54,

Regarding changing the DNS server IP adresses:

Tried the link but got cold feet when in IPv4, DNS the server address remained red.
While entering the server No. 208.67.222.222.208.67.220.220 the box kept changing from red to white. I assumed that white was a recognised address and red was unrecognised, so when the box remained highlighted in red I thought it may no longer be correct so I bailed out and cancelled. Also I didn’t have the Method option of Automatic (DHCP) addresses only, just Automatic (DHCOP)

Automatic DHCP is correct for your Linux Mint edition and version. Different versions of Linux Mint are slightly different in their Network Managers interface, just click the automatic button to "off" in the upper right of DNS servers, otherwise you would select "Automatic (DHCP) addresses only".

You got the red highlight, because your DNS IP addresses were not properly formatted, they must have a comma between them, or enter in one DNS IP address, click the plus sign to add another. FYI: the new Cloudflare DNS is supposed to be really fast and even more secure; I have been using their DNS server IP addresses recently without problems but I also like "dns.watch" and others.

Code: Select all

208.67.222.222,208.67.220.220

Cloudflare IPv4 DNS entries

Code: Select all

1.1.1.1,1.0.0.1

Cloudflare IPv6 DNS entries

Code: Select all

2606:4700:4700::1111,2606:4700:4700::1001

Restart afterward.

You can always try another VPN provider like the free "vpnbook" to make sure your system is working and handling VPN servers correctly.

As for the VPN leaks, I am not sure that is totally related to each VPN provider, or the way Linux Mint (Linux Ubuntu) is handling the vpn, or a combination of both? But as I already stated, if you change the DNS servers to a DNS provider, then it really will not matter, you will be safe and anonymous.

FYI: A lot of people may have better connections by using IPv4 only and disabling (ignoring) IPv6, but you can use both, see screenshots. I usually disable IPv6.

Disable IPv6 if its not supported
http://www.blackmoreops.com/2015/08/04/ ... -in-linux/



Hope this helps ...

Phil
phd21

Changing_DNS_Server_IP_Addresses_KDE_IPv4-1.jpg

.

Changing_DNS_Server_IP_Addresses_KDE_IPv6-2.jpg

.

Changing_DNS_Server_IP_Addresses_KDE_IPv6-1.jpg

[Rubin_Farr]

Now here’s the thing, the PrivateVPN team took over my desktop, spent some time working on it and fixed the leak.
They then informed me that it was a problem due to my OpenVPN been broken.
I don’t know how they fixed the leak, they could have actually used you fix.
That leaves me with two concerns.
First the DNS site will say there’s no leaks but Sky can still block their banned sites, how?.
Second is that I’m unable to change servers, DNS site doesn’t show the change.

I had leaks with IPVanish but changing the server was never an issue, maybe if I’d getting them to fix the leak, like PrivateVPN maybe I wouldn’t have been able to change the server on IPVanish also.
I haven’t a clue but could it be one or all of;
OpenVPN is cream crackered,
VPN software is cream crackered.
Some files code from IPVanish that wasn’t deleted is causing problems.
So many changes have caused problems with Mint.
Does this make sense?

If a third party took over your OS and made changes, who knows what they did? It would be hard to troubleshoot that. I'm going to assume you don't have Timeshift backup from before and cannot restore to defaults. If so, you could restore to a time before the changes and try my posted fix. There could still be a way to more easily repair what PrivateVPN did but I personally don't know how.

If it were me, and I'm not telling you to do this necessarily but -if it were me- I would reinstall Mint and see if the fix I posted helped because what they did to your system is unknown and from what I'm gleaning, it still isn't working right for you because you can't change servers. I would also find a VPN that doesn't make you install additional app to make it work. I would also avoid PIA vpn if that was in your mind somewhere.

Also, never let a 3rd party support human remotely access/alter your OS.

[wf54]

You got the red highlight, because your DNS IP addresses were not properly formatted,

Tried again, even copied and pasted you code but still the red highlight.

Irritatingly I just really needed the VPN for Kodi with the TV's and could do without it on the computer.
Then I've found out that the app on Amazon isn't compatible to the stick but their App on Google is.
Work that one out, not having both apps on Amazon and Google