Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
jakkuh_t

DIY VPN Pritunl Setup Tutorial

Recommended Posts

On 1/3/2020 at 6:27 AM, captain_to_fire said:

Pft. @wkdpaul's VPN server is simpler imo

 

 

OpenVPN has a lot of issues and it's a really bloated VPN compared to other better solutions.. Like Wireguard. Also, OpenVPN requires a lot more setup under the hood than what ppl realize. 

Link to post
Share on other sites

Thanks for this How Too !

I was waiting for it for a long time.

I have at home a Open Media Vault server, is there a way to use Pritunl on this machine ?

Link to post
Share on other sites

I've installed CentOS 7 on a vm, I can ping the IP of the server, and connect to it usisng ssh, but i can't open the web UI in the browser, to access the Pritunl. I have no idea what to do.  

Link to post
Share on other sites
On 1/14/2020 at 12:38 PM, LePygargueATeteBlanche said:

Both can do the trick (with maybe a bit of adaptation from the tutorial).

In this case I believe CentOS is recommended as it this pretty lightweight and will not cause higher bills on the VPS.

I tried both and noticed that on Debian 9 I would run out of RAM on a 512MB instance, where as on CentOS it would run fine.

Link to post
Share on other sites
On 1/15/2020 at 6:24 AM, Venty said:

Just gone through it myself, using Nginx though.

Well, you can set it up using this guide.

I went ahead and used port 88 (with ssl disabled in pritunl) and setup up a reverse proxy in Nginx (so it uses the proper certificate I already have set-up).

Also, you might have to also set the Host header, not just the X-Forward ones.

Thank you so much. This was very helpful and exactly what I was looking for :D

Link to post
Share on other sites
On 1/13/2020 at 5:26 PM, Mqxi said:

Getting a 404 error when I try to run the command:


sudo yum -y install pritunl

 I've simply copy-pasted all the above commands shown in the documentation. Here's the full error:

 


[quark@vultr ~]$ sudo yum -y install pritunl
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
epel/x86_64/metalink                                                                 |  29 kB  00:00:00
 * base: mirror.prolocation.net
 * epel: mirror.nl.leaseweb.net
 * extras: ams.edge.kernel.org
 * updates: mirror.1000mbps.com
base                                                                                 | 3.6 kB  00:00:00
extras                                                                               | 2.9 kB  00:00:00
mongodb-org-4.0                                                                      | 2.5 kB  00:00:00
pritunl                                                                              | 2.9 kB  00:00:00
updates                                                                              | 2.9 kB  00:00:00
pritunl/primary_db             FAILED
https://repo.pritunl.com/stable/yum/centos/7/repodata/e2a8a9331d3d1a2e1fe3b783de655f8703ca88318d0d279b5f5a7fa8cf46352d-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found
Trying other mirror.
To address this issue please refer to the below wiki article

https://wiki.centos.org/yum-errors

If above article doesn't help to resolve this issue please use https://bugs.centos.org/.

pritunl/primary_db             FAILED
https://repo.pritunl.com/stable/yum/centos/7/repodata/e2a8a9331d3d1a2e1fe3b783de655f8703ca88318d0d279b5f5a7fa8cf46352d-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found
Trying other mirror.
https://repo.pritunl.com/stable/yum/centos/7/repodata/e2a8a9331d3d1a2e1fe3b783de655f8703ca88318d0d279b5f5a7fa8cf46352d-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found
Trying other mirror.


 One of the configured repositories failed (Pritunl Repository),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:

     1. Contact the upstream for the repository and get them to fix the problem.

     2. Reconfigure the baseurl/etc. for the repository, to point to a working
        upstream. This is most often useful if you are using a newer
        distribution release than is supported by the repository (and the
        packages for the previous distribution release still work).

     3. Run the command with the repository temporarily disabled
            yum --disablerepo=pritunl ...

     4. Disable the repository permanently, so yum won't use it by default. Yum
        will then just ignore the repository until you permanently enable it
        again or use --enablerepo for temporary usage:

            yum-config-manager --disable pritunl
        or
            subscription-manager repos --disable=pritunl

     5. Configure the failing repository to be skipped, if it is unavailable.
        Note that yum will try to contact the repo. when it runs most commands,
        so will have to try and fail each time (and thus. yum will be be much
        slower). If it is a very temporary problem though, this is often a nice
        compromise:

            yum-config-manager --save --setopt=pritunl.skip_if_unavailable=true

failure: repodata/e2a8a9331d3d1a2e1fe3b783de655f8703ca88318d0d279b5f5a7fa8cf46352d-primary.sqlite.bz2 from pritunl: [Errno 256] No more mirrors to try.
https://repo.pritunl.com/stable/yum/centos/7/repodata/e2a8a9331d3d1a2e1fe3b783de655f8703ca88318d0d279b5f5a7fa8cf46352d-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found

Thanks!

same problem here

do you solved?

 

Link to post
Share on other sites

I had issues with connecting with OpenVPN client on android. 

 

The workaround is to use TCP port instead of UDP port. 

 

  • On the Vultr's Firewall group > change UDP port 1337 to TCP port 1337
  • On the Pritunl console > delete the existing server and create another with the same configs except change the protocol to 'tcp' instead of udp

You will have to download the profile again, and it works flawlessly !

 

Awesome guide btw !! 

Link to post
Share on other sites

Hey Linus !! 

So I setup the VPN with Pritunl on a VPS with Vultr.com. All went well, no issues  🙂 Testing at the moment..streaming , downloading browsing... so far so good . Im so glad to get away from PIA  🙂

Yup...awesome guide !!

Peace to you

B.

shredah.net  

Link to post
Share on other sites
On 1/13/2020 at 8:26 PM, Mqxi said:

Getting a 404 error when I try to run the command:


sudo yum -y install pritunl

 I've simply copy-pasted all the above commands shown in the documentation. Here's the full error:

 


[quark@vultr ~]$ sudo yum -y install pritunl
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
epel/x86_64/metalink                                                                 |  29 kB  00:00:00
 * base: mirror.prolocation.net
 * epel: mirror.nl.leaseweb.net
 * extras: ams.edge.kernel.org
 * updates: mirror.1000mbps.com
base                                                                                 | 3.6 kB  00:00:00
extras                                                                               | 2.9 kB  00:00:00
mongodb-org-4.0                                                                      | 2.5 kB  00:00:00
pritunl                                                                              | 2.9 kB  00:00:00
updates                                                                              | 2.9 kB  00:00:00
pritunl/primary_db             FAILED
https://repo.pritunl.com/stable/yum/centos/7/repodata/e2a8a9331d3d1a2e1fe3b783de655f8703ca88318d0d279b5f5a7fa8cf46352d-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found
Trying other mirror.
To address this issue please refer to the below wiki article

https://wiki.centos.org/yum-errors

If above article doesn't help to resolve this issue please use https://bugs.centos.org/.

pritunl/primary_db             FAILED
https://repo.pritunl.com/stable/yum/centos/7/repodata/e2a8a9331d3d1a2e1fe3b783de655f8703ca88318d0d279b5f5a7fa8cf46352d-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found
Trying other mirror.
https://repo.pritunl.com/stable/yum/centos/7/repodata/e2a8a9331d3d1a2e1fe3b783de655f8703ca88318d0d279b5f5a7fa8cf46352d-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found
Trying other mirror.


 One of the configured repositories failed (Pritunl Repository),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:

     1. Contact the upstream for the repository and get them to fix the problem.

     2. Reconfigure the baseurl/etc. for the repository, to point to a working
        upstream. This is most often useful if you are using a newer
        distribution release than is supported by the repository (and the
        packages for the previous distribution release still work).

     3. Run the command with the repository temporarily disabled
            yum --disablerepo=pritunl ...

     4. Disable the repository permanently, so yum won't use it by default. Yum
        will then just ignore the repository until you permanently enable it
        again or use --enablerepo for temporary usage:

            yum-config-manager --disable pritunl
        or
            subscription-manager repos --disable=pritunl

     5. Configure the failing repository to be skipped, if it is unavailable.
        Note that yum will try to contact the repo. when it runs most commands,
        so will have to try and fail each time (and thus. yum will be be much
        slower). If it is a very temporary problem though, this is often a nice
        compromise:

            yum-config-manager --save --setopt=pritunl.skip_if_unavailable=true

failure: repodata/e2a8a9331d3d1a2e1fe3b783de655f8703ca88318d0d279b5f5a7fa8cf46352d-primary.sqlite.bz2 from pritunl: [Errno 256] No more mirrors to try.
https://repo.pritunl.com/stable/yum/centos/7/repodata/e2a8a9331d3d1a2e1fe3b783de655f8703ca88318d0d279b5f5a7fa8cf46352d-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found

Thanks!

I am getting the same error. I thought I did something wrong.

Link to post
Share on other sites
On 1/3/2020 at 9:37 AM, brconn said:

I'm having issues connecting to my VPN. I am using it to connect to my local network. I followed the tutorial other than for the firewall which I used webmin to setup as it was my local machine (Note: I tried to disable the firewall to see if that was the issue and it did not help). My output when starting the server in Pritunl appears to match that of the video other than one line (and the local IP which it choose 192.168.248.0) which reads:

 

"[thriving-waters-4299] Thu Jan  2 17:31:03 2020 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x.  Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet."

 

When I try and connect my logs on the client appear as follows:

"Thu Jan  2 17:36:01 2020 DEPRECATED OPTION: --max-routes option ignored.The number of routes is unlimited as of OpenVPN 2.4. This option will be removed in a future version, please remove it from your configuration.
Thu Jan  2 17:36:01 2020 OpenVPN 2.4.6 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Nov 14 2018
Thu Jan  2 17:36:01 2020 library versions: OpenSSL 1.0.2p  14 Aug 2018, LZO 2.10
Thu Jan  2 17:36:01 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Jan  2 17:36:01 2020 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jan  2 17:36:01 2020 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jan  2 17:36:01 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]108.183.41.1:1337
Thu Jan  2 17:36:01 2020 UDP link local: (not bound)
Thu Jan  2 17:36:05 2020 Server poll timeout, restarting
Thu Jan  2 17:36:05 2020 SIGUSR1[soft,server_poll] received, process restarting"

 

Any suggestions would be great.

Was having same problem. Realised I'd accidentally spun up a CentOS 8 server. If you go to your server instance > Settings > Change OS and set it to CentOS 7 x64 the problem will disappear.

Link to post
Share on other sites
On 1/2/2020 at 4:37 PM, brconn said:

I'm having issues connecting to my VPN. I am using it to connect to my local network. I followed the tutorial other than for the firewall which I used webmin to setup as it was my local machine (Note: I tried to disable the firewall to see if that was the issue and it did not help). My output when starting the server in Pritunl appears to match that of the video other than one line (and the local IP which it choose 192.168.248.0) which reads:

 

"[thriving-waters-4299] Thu Jan  2 17:31:03 2020 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x.  Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet."

 

When I try and connect my logs on the client appear as follows:

"Thu Jan  2 17:36:01 2020 DEPRECATED OPTION: --max-routes option ignored.The number of routes is unlimited as of OpenVPN 2.4. This option will be removed in a future version, please remove it from your configuration.
Thu Jan  2 17:36:01 2020 OpenVPN 2.4.6 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Nov 14 2018
Thu Jan  2 17:36:01 2020 library versions: OpenSSL 1.0.2p  14 Aug 2018, LZO 2.10
Thu Jan  2 17:36:01 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Jan  2 17:36:01 2020 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jan  2 17:36:01 2020 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jan  2 17:36:01 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]108.183.41.1:1337
Thu Jan  2 17:36:01 2020 UDP link local: (not bound)
Thu Jan  2 17:36:05 2020 Server poll timeout, restarting
Thu Jan  2 17:36:05 2020 SIGUSR1[soft,server_poll] received, process restarting"

 

Any suggestions would be great.

The IP address assigned to your VPN server is part of your internal network. This will not be reachable from outside your local network. This is why the connection is timing out. It will never find that internal IP address to connect to.

 

In order to make it work you will need to open your router's configuration and forward the desired port to your server. Then when connecting, point your outside device to your public IP address (the one assigned by your ISP). The router should then (if all goes well) forward the traffic to the port you specified and connect to the VPN server.

Link to post
Share on other sites
On 1/2/2020 at 9:26 PM, PrankishTrac said:

Yeah it works fine on both my desktop and Surface with the Pritunl software, however I also wanna use it on my phone, Pritunl recommends using OpenVPN to login and they say they support it. When I put my profile into OpenVPN it reads it fine but then when I try to actually import the profile it takes forever then says "Connection Timed Out" maybe I'm entering in the wrong login or I need to enable something?

Is your server using an internal IP address? (192.168.x.x) If so you will be able to connect locally, but outside connections will not reach it.

 

In order to reach it from the outside you will need to configure your router to forward the VPN port to the internal server IP. Then, when connecting from outside (i.e. your phone) you point it at your external IP address (the one provided by your ISP) and the router should direct the traffic to the internal address.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×