PIA OVPN broke need help with new setup (NextGen)

Help and Support Vero 4K / Vero 4K +
61

sudo iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -o eth0 -p icmp -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1197 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 22 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 123 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 53 -j ACCEPT
-A OUTPUT -o eth0 -j DROP
osmc@osmc:~$ sudo netfilter-persistent save
run-parts: executing /usr/share/netfilter-persistent/plugins.d/15-ip4tables save
run-parts: executing /usr/share/netfilter-persistent/plugins.d/25-ip6tables save

Well, for some reason both sudo nano /etc/systemd/system/openvpn-watchdog.timer are empty, idk what happened, I just did it on 2 devices to not go overboard but they’re both empty now if I nano them lol, so weird!

I’ll recreate one on my pi right now (don’t use it that much) just to check if it works.

I created that file on both all devices, let me just give 2 but the one on my 4k seems to be empty now.
On my pi it says

Added on my Pi

smc@osmct:~$ sudo nano /etc/systemd/system/openvpn-watchdog.timer
osmc@osmcrt:~$ sudo nano /etc/systemd/system/openvpn-watchdog.timer
osmc@osmct:~$ sudo systemctl start openvpn-watchdog.timer
osmc@osmc:~$ sudo systemctl enable openvpn-watchdog.timer
Created symlink /etc/systemd/system/timers.target.wants/openvpn-watchdog.timer → /etc/systemd/system/openvpn-watchdog.timer.

and the timer file I created contains

[Unit]
Description=OpenVPN Watchdog timer

[Timer]
OnCalendar=*:0/15

[Install]
WantedBy=timers.target

Dit this on both devices, seems to be ok. Didn’t restart yet.

Also, ist there a way to speedtest with vero’s? just so I have an average (5mbit is literally enough lol)

62

Hi,

Speedtest:

curl -s https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py | python -

Thanks Tom.

63

restarted the pi, works just fine, curl shows different ip.

lol look at the speed test

curl https://ipinfo.io/ip
185.123.xxx.xxx
osmc@osmc-:~$ curl -s https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py | python -
Retrieving speedtest.net configuration…
Testing from M247 Ltd (185.123.xxx.xxx)…
Retrieving speedtest.net server list…
Selecting best server based on ping…
Hosted by Nu-Ip.Ro (Ramnicu Valcea) [110.77 km]: 89.098 ms
Testing download speed…
Download: 6.90 Mbit/s
Testing upload speed…
Upload: 20.57 Mbit/s

When you upload faster then you download ahahaha.

Just to double check, the watchdog file on my pi still contains

[Unit]
Description=OpenVPN Watchdog timer

[Timer]
OnCalendar=*:0/15

[Install]
WantedBy=timers.target

ip is cloaked as shown above,

iptables are

sudo iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -o eth0 -p icmp -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1197 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 22 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 123 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 53 -j ACCEPT
-A OUTPUT -o eth0 -j DROP

and I added your local resolve thing to my configs as well (it was in the guide, security 2, up down, whatever).

This is on my pi but it looks good… I think!

64

Hi,

All looks good to me. I don’t think there is a lot you you do about the download speed (could try a different server) other than trying a config with a weaker encryption.

Thanks Tom.

65

I’m used to it honestly, PIA went to NextGen, More protection, More speed. Well, I went from a 33MB/s download to a 2-3MB;/s download haha. It’s the same on every server, just have to wait and see what happens with them because it’s clearly a server problem (sometimes it spikes and I get 22MB/s but that’s just sometimes).

I don’t really need a fast DL on these boxes, all they need to do is check TVDB, TMDB, XEM and update trakt, so it’s pretty fast enough for that I think?

1 Like