Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PIA Next Gen issue with 10.0.0.0/24 LAN_NETWORK config #15

Closed
doctarrwho opened this issue Sep 29, 2020 · 3 comments
Closed

PIA Next Gen issue with 10.0.0.0/24 LAN_NETWORK config #15

doctarrwho opened this issue Sep 29, 2020 · 3 comments

Comments

@doctarrwho
Copy link

My LAN network is 10.0.0.0/24, with the router as 10.0.0.1.
2020-09-29 17:53:10.640597 [info] LAN_NETWORK defined as '10.0.0.0/24'

It looks like we use the 10.0.0.1 IP to generate a token:

2020-09-29 18:10:31,032 DEBG 'start-script' stdout output:
[warn] Unable to successfully download PIA json to generate token from URL 'https://10.0.0.1/authv3/generateToken'
[info] 12 retries left
[info] Retrying in 10 secs...

As a workaround, i am able to open a shell in the docker, and route that IP thru the VPN, which fixes the issue:

sh-5.0# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.2.112.1      128.0.0.0       UG    0      0        0 tun0
0.0.0.0         172.17.0.1      0.0.0.0         UG    0      0        0 eth0
10.0.0.0        172.17.0.1      255.255.255.0   UG    0      0        0 eth0
10.0.0.1        10.2.112.1      255.255.255.255 UGH   0      0        0 tun0
10.2.112.0      0.0.0.0         255.255.255.0   U     0      0        0 tun0
128.0.0.0       10.2.112.1      128.0.0.0       UG    0      0        0 tun0
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 eth0
172.98.71.68    172.17.0.1      255.255.255.255 UGH   0      0        0 eth0

sh-5.0# route add 10.0.0.1 gw 10.2.112.1

After adding the route, its all working now. But I have to apply this workaround each time the docker restarts, as the VPN IP changes each time.
@binhex
Copy link
Owner

binhex commented Sep 30, 2020

i can see how that would be an issue, before i go ahead and implement the fix above could you try something for me:-

  1. docker exec into container
  2. nano /root/getvpnport.sh
  3. change this line:-
token_json_response=$(curl --silent --insecure -u "${VPN_USER}:${VPN_PASS}" "https://10.0.0.1/authv3/generateToken")

to

token_json_response=$(curl --interface "${VPN_DEVICE_TYPE}" --silent --insecure -u "${VPN_USER}:${VPN_PASS}" "https://10.0.0.1/authv3/generateToken")

im not 100% sure if this will work, but its my preferred approach, let me know.

@doctarrwho
Copy link
Author

Thanks for the fast response. I tested the recommended change, and it works. I didn't have to change anything after restarting docker to get the port.

@binhex
Copy link
Owner

binhex commented Sep 30, 2020

ok great!, i will put the code change in, expect a new image in the next few hours or so.

@binhex binhex closed this as completed Sep 30, 2020
@mcpowell87 mcpowell87 mentioned this issue Oct 7, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@binhex @doctarrwho