My YunoHost server
Hardware: Raspberry Pi at home
YunoHost version: 3.6.5.3
I have access to my server : Through SSH | through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : No
Description of my issue
Hello la communauté
J’ai installé Yunohost sur un Raspberry 3 qui fonctionne très bien avec un domaine OVH et DynDns mais je souhaitais faire utiliser un VPN pour masquer l’IP de ma box.
J’ai un VPN chez PIA (Private Internet Access) et j’ai réussi à créer un fichier .cube qui fonctionne avec l’application VPN Client.
Dès que j’active le client VPN et que DynDns fait son boulot, je perds l’accès au site.
Si je coupe le VPN, tout fonctionne Ă nouveau.
Hello community
I installed Yunohost on a Raspberry 3 that works perfeclty with a OVH domain and DynDns but I wanted to add a VPN to mask my router IP.
I have one at PIA (Private Internet Access) and I managed to create a .cube file that works with the VPN Client app.
As soon as I activated the VPN Client app and after DynDns is updated, I loose the connection to the website (from outside of my home).
When I stop it, everything is back to normal.
VPN infos:
"server_name": "france.privateinternetaccess.com",
"server_port": "1198",
"server_proto": "udp"
VPN client log
[INFO] Preparing openvpn configuration...
[INFO] Now actually starting OpenVPN client...
[INFO] OpenVPN client started ... waiting for tun0 interface to show up
[ OK ] tun0 interface is up!
[INFO] Enforcing custom DNS resolvers from vpnclient
[INFO] Adding vpnclient custom rules to the firewall
[INFO] Restarting yunohost firewall...
[ OK ] Firewall restarted!
[INFO] Saving settings...
[ OK ] YunoHost VPN client started!
Quand j’essaye de faire un curl, j’ai l’erreur suivante :
Testing with a curl command:
~# curl -v https://toto.com
* Rebuilt URL to: https://toto.com/
* Trying XXX.XXX.XXX.XXX...
* TCP_NODELAY set
* Connected to toto.com (XXX.XXX.XXX.XXX) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* Unknown SSL protocol error in connection to toto.com:443
* Curl_http_done: called premature == 1
* stopped the pause stream!
* Closing connection 0
curl: (35) Unknown SSL protocol error in connection to toto.com:443
Face à cette erreur, je ne sais pas de quel côté me diriger, certificat ? nginx ? firewall ?
J’ai essayé avec un certificat auto-signé et un certificat let’s encrypt, c’est le même résultat.
Niveau pare-feu, j’ai bien une règle sur le port 1198 qui est créée
Est-ce que j’essaye de faire est-il tout de même possible ? Ou dois-je basculer vers un VPN avec IP fixe ?
Merci Ă tous par avance pour votre aide.
With this error, I don’t know where to look. Is it the certificate ? Nginx ? Firewall ?
I tried with a self-signed certificate and with a let’s encrypt certificate but it’s the same result.
In the firewall, I do have a rule created on the port 1198.
Does what I am triyng to do is even possible ? Or should I switch to a static IP VPN provider ?
Thank you all in advance for your help.