ConnMan VPN support in OSMC

1: yes, connman should stop taking initiatives
2: the setup is ok that way, you may need to setup /etc/resolv.conf unless you define your vpn server through its IP. What I’m not sure of is if ifupdown must be installed or not,as I installed it before starting experimenting
3: at this point everything needed to start vpn is set up. I never used pptp client but if it messes up with default routing too you may define eth0 without gateway and with a single host routing to your vpn server through your gw.

Theoretically there are no drawbacks. If connmand keeps its hand off the interface it will remain configured even if the link goes down. If not, just rename connmand :slight_smile:

Hi Sam,

you keep saying that it is easy to configure vpn under connman by just editing a text file. Unfortunately I can’t seem to be figuring out which text file I’d need to edit. Especially as you mentioned earlier that the debian packages don’t necessarily work with your builds.
Can you kindly tell us which files need to be changed in order to have a pptp connection with the osmc connman?

Thanks a lot!

Bjoern

Google ConnMan VPN config and click the first link :wink:

You will need an agent though which is not configured yet. I’m surprised at the lengths people go to (/etc/network/interfaces) etc but won’t look up how to set it up properly in Connman

Thanks Sam,
that link was already open in my browser and I have a config which should be working :wink:
(even tried one which I copied from an old OE setup which had worked there).

I tried again with a clean install as I thought maybe the debian connman-vpn packages which I had installed previously messed your connman build up (had gotten the same logs as @sew got in post 9 and 8).
However, even on the clean install I’m not getting anywhere.

How could I configure that agent without install of the debian connman-vpn packages? I tried enabling vpn agent in connmanctl but just got an error saying the name net.connman.vpn was not provided by any service file.

Thanks again!

You need a connman-vpn.service file, I believe it’s in the same repo as the docs.

We do plan to add VPN support via ConnMan in the future version of My OSMC, but for now this is low on our list of things to get done.

Sam

Hi, i´m looking for a solution to get openvpn server with bridged network running on osmc. NBo luck yet. are there any plans to support bridged openvpn server with connman, or is it besster to do that with static interfaces file?

Wouldn’t the connman developers be a better source for the answer to such a question?

Hej Sam,

i just read a few hours how to configure connman-vpn on osmc, because you write upper posts that you build connman with VPN Support. You write, that people just have to edit it via editor and that they need get the agent (i think you mean connman-vpnd?!) to run. For that, people may be can use the connman-vpn.service file from the repo of aldebaran
But the both service files there connman-vpn.service.in and net.connman.vpn.service.in link to an executeable called connman-vpnd, which is anywhere on my osmc (Version 2017.03-1).
I think i missunderstand something. Can you please tell me how can i get to the vpn support, that you have build with connman? How is the excuteable called, that i need to run by the service file?

Looking forward to your answer :slight_smile:

Best Regards,

Jomas

Has anyone managed to get a VPN working with OSMC? I am tearing my hair out.

I have an OpenVPN client installed and working, all tests from the CLI work 100%. But Kodi does not. I have read above about “connman-vpn” and am totally confused. Do I install this or does OSMC come pre-packing with VPN support. If so, why doesn’t it fully realise that an OpenVPN client is running?
If connman has to be used, it seems it needs a config file, but the only guidance is “Do a google and take the first result”. I did that, not much help (https://www.mankier.com/8/connman-vpn).

Can anyone, please, show me to a guide or something that helps me get OSMC stable on a VPN. Thanks in advance.

Did you search the forum instead of Google? There’s a HowTo on the forum that works very well.

I’m not being obtuse: but I am currently mobile so it is more tricky for me to send you the resource. Let me know if not found.

Sam

Yes, I have searched all over OSMC including the Wiki. All I have found are very old links to OpenVPN, some random add-ons and guides which seems to be half-baked (e.g. suggesting manual edits of “/etc/resolve.conf”).

I have been trying to craft a config file for connman and I might have a working one created based on this in “/var/lib/connman-vpn” but whenever I run “connmanctl vpnconnection” all I get is the error “Error: The name net.connman.vpn was not provided by any .service files”.

I will admit to being completely confused now.

There’s a VPN add-on that easy to use. Works well

Thanks, but I actually want to avoid having to rely on an addon for a number of reasons, I’d prefer it to connect to the VPN after the network has come up, hence why I was trying with OpenVPN and a systemd service.
And whilst that does work for some things, Kodi does not seem to realise that a VPN is running (which I find rather odd). Hence why I am now trying with connman (assuming that to be the “correct way”).

If this is the “How to”, it no longer works (errors when I try to import the working OpenVPN config file as it tries to access a folder that does not exist):
Error Contents: [Errno 2] No such file or directory: '/home/osmc/.kodi/userdata/addon_data/script.openvpn/MyVPN.ovpn'

I will keep looking for instructions on how to make connman behave, or I’ll have to find some way to force Kodi to user the tun0 created by OpenVPN when I use that.

Now following this that I found here and I am now back at the stage where everything from the command line works, but nothing in Kodi seems to.

I am just so confused.

Is there a guide anywhere to getting connman to manage the VPN client on OSMC?

(And apologies for the spam)

To the best of my knowledge, connman is currently unable to manage the VPN client (specifically OpenVPN) on OSMC. Sam has said that he will get around to doing it but that it is a relatively low priority.

AFAICT, it seems you have successfully installed and configured OpenVPN via the command line but that you are having some issues with Kodi using the VPN tunnel. Perhaps you could clarify what those issues are, since, if the tunnel is up and running, all traffic should automatically be routed via the VPN.

The guide you link to at https://www.backtrails.net/2017/04/30/openvpn-setup-for-private-internet-access-pia-vpn-raspberry-pi-3-osmc/ requires you to install network manager, which is unsupported in OSMC and very likely to cause problems.

I spotted the network-manager bit and ignore that (I’ve made mistakes like that in the past!), I was more trying to check the OpenVPN set-up.

When I test my WAN IP before and after starting the OpenVPN client, I can see it change and the exit IP matches what I expect.
When I do ifconfig, I can see that tun0 is “10.1.2.3” or something like that.
But when I go into Kodi and check the IP there, it’s still “192.168.x.y” and I just don’t understand why. I can’t seem to find any option to say “Use tun0”.
My guess is that as connman does not know about OpenVPN, then Kodi does not know either.

It looks like the VPN is working.

Your Pi will always have its own IP address, such as 192.168.x.y, and that isn’t changed by running a VPN. What changes is that the routing table is modified so that external (ie non-LAN) traffic doesn’t go straight to your default gateway but is instead redirected to the VPN tunnel (tun0, 10.1.2.3).

So as far as Kodi is concerned, it’s still running on a box with an IP address of 192.168.x.y but the routing table, which it doesn’t show, has been modified behind the scenes.

Given the current situation with OpenVPN on OSMC, there are two issues that you need to work around right now:

  • DNS leaks; and
  • updating /etc/resolv.conf.

Both of these issues can be addressed by installing the openresolv package from openresolv | Roy's Projects I believe it’s not officially supported but, AFAIK, it’s the only thing that currently works. NB: You should not install the Debian resolvconf package, which is incompatible with OSMC.

Many VPN services have their own DNS resolvers and, if pushed by the VPN server, the openresolv package will automatically update /etc/resolv.conf. In the rare cases where the VPN server does not push a DNS resolver, a different DNS resolver IP address from the one usually used should be manually added to the VPN configuration file in the format:

dhcp-option DNS 208.67.222.222
dhcp-option DNS 208.67.220.220

(The above IP addresses are for OpenDNS but they must differ from your usual DNS resolver or a DNS leak will occur.)

1 Like

Try [HOWTO] OSMC/Rasp Pi as OpenVPN client

So, i now spent several days as non native english speaker searching for Sams configuration. As bjoernr mentioned above, he tells in every thread, that there is an easy way, but there is none.

Yes people are going with /etc/network/interfaces because its a working solution and not only meaningless words. I dont know why he do this and leaves everyone searching for things that doesnt exist. Is this a Joke? i cant laugh anymore, sorry.

People using OSMC are streaming things, and there are plenty reasons why they have to use a Proxy.
Using OpenVPN is ok, because its more encryptet than PPTP but if you want to see streams in a really good quality OpenVPN doesnt give you the Bandwith you need. Even tho, full encrypted Streams are not required in most cases, and PPTP is fast enough.

I dont understand why you are not working on that topic, as most people will get Problems in the Future with High Quality Streaming over OpenVPN.