ubuntu-phone team mailing list archive

Thread
Date

Re: Ubuntu Phone and Private Internet Access?

To: Leonardo Donelli <learts92@xxxxxxxxx>
From: Seth Ciango <seth.ciango@xxxxxxxxx>
Date: Tue, 15 Nov 2016 20:20:17 -0500
Cc: Ubuntu Touch <ubuntu-phone@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CADMExDHww8yS47d3NrxhGraL5Mjfnh2hJuiv7A=nFLikmPWcmQ@mail.gmail.com>

Well, at least we're getting an error. Let's search */var/log/syslog* from
the terminal with *grep*. We want to look for things like "*vpn* and
*cipher*." If that doesn't give us what we need, we can also search for
more things like "*nm-*, *Network*, *tun0, *and *failed*." We want to
ignore case sensitivity so we'll use the "*-i*" argument with *grep*.
I'm sure there's an easier way to find this information, but let's just
hunt it down and export the information to a new log file in your Documents
folder.  From the terminal, type:

*grep -i 'vpn\|cipher' /var/log/syslog > ~/Documents/VPNError.log*

Or, if you don't want to export it to a file, just do this:

*grep -i 'vpn\|cipher' /var/log/syslog*

That will display the results in the terminal window without creating a
file.






On Tue, Nov 15, 2016 at 2:59 PM, Leonardo Donelli <learts92@xxxxxxxxx>
wrote:

> Thank you for your help,
>
> Seth, I followed your instructions to the letter but I still
> immediately get the same error: "The VPN connection failed because
> there were no valid VP..."
>
> On 15 November 2016 at 07:05, Seth Ciango <seth.ciango@xxxxxxxxx> wrote:
> > Francisco,
> >
> > Try switching to TCP 443 to sidestep hotels and other providers that
> block
> > VPN. I've had more success with that.
> >
> >
> > Leonardo,
> >
> > You will want to create two VPN connections through the Network dropdown
> via
> > VPN Settings. The first uses weaker encryption but will allow a
> connection
> > over a common unrestricted port. This is useful in hotels and coffee
> shops
> > that filter traffic. The second connection will be more secure and
> should be
> > used exclusively whenever possible.
> > Download both of these certificates to your phablet/Documents folder:
> >
> > http://www.privateinternetaccess.com/openvpn/ca.crt
> > http://www.privateinternetaccess.com/openvpn/ca.rsa.4096.crt
> >
> >
> >
> > Connection 1: This will use the BF-CBC cipher over port 443 and work
> > anywhere.
> > Server: italy.privateinternetaccess.com
> > Use Custom Gateway Port: Checked
> > Port: 443
> > All network connections: Checked
> > Type: OpenVPN
> > Protocol: TCP
> > Authentication Type: Password
> > Username and Password for your PIA account
> > CA Certificate: ca.crt (Browse to the file that you downloaded)
> > Cipher: default
> > Compress data: checked
> >
> >
> > Connection 2: For normal AES-256-CBC
> > Everything is the same except:
> >
> > Port: 501
> > CA Certificate: ca.rsa.4096.crt  (Browse to the file that you downloaded)
> > Cipher: AES-256-CBC
> >
> >
> > After you are connected to PIA, make sure that you're using the correct
> > cipher. Open the terminal and run:
> > grep -i cipher /var/log/syslog
> >
> > Something is configured incorrectly if you see: "WARNING: 'cipher' is
> used
> > inconsistently, local='cipher AES-256-CBC', remote='cipher BF-CBC'"
> >
> > If nothing shows up in the syslog when connecting with Connection 2, you
> > have connected successfully with AES-256-CBC
> > Connection 1 will negotiate to use BF-CBC and that will show up as a
> WARNING
> > in the syslog. That is to be expected.
> >
> >
> > For more information on the different certificates and ports:
> > https://helpdesk.privateinternetaccess.com/hc/en-us/articles/225274288-
> Which-encryption-auth-settings-should-I-use-for-ports-on-your-gateways-
> >
> >
> >
> > On Mon, Nov 14, 2016 at 5:54 PM, Francisco Pina Martins
> > <f.pinamartins@xxxxxxxxx> wrote:
> >>
> >> I have my OpenVPN connection working on my BQ Aquaris E4.5 OTA13.
> >>
> >> I can use it both as a local connection (which only gets used for
> >> resources on my VNP network), or as a fully tunnelled connection,
> >> effectively hiding my traffic from whatever operator I'm connected to.
> >>
> >> I have, altough, noticed that on some operators (eg. some hotel wifi
> >> connections) if I use the tunnel, the connection gets dropped almost
> >> immediately.
> >>
> >> The issue you are experiencing, though seems to be a missing "secret".
> You
> >> can try to edit the file with your VPN connection name in the directory:
> >>
> >> /etc/NetworkManager/system-connections/
> >>
> >>
> >> That should give you some more options to deal with.
> >>
> >>
> >> Best,
> >>
> >>
> >> Francisco
> >>
> >>
> >>
> >>
> >> On 14-11-2016 21:45, Leonardo Donelli wrote:
> >>>
> >>> Hey guys,
> >>> Did anyone manage to setup Private Internet Access VPN with Ubuntu
> >>> Touch? (OTA-13)
> >>>
> >>> I've tried various ways that I've found online but no lack, the vpn
> >>> connections fails immediately with a notification: "The VPN Connection
> >>> <> failed because there were no valid VP.." (truncated)
> >>>
> >>
> >>
> >> --
> >> Mailing list: https://launchpad.net/~ubuntu-phone
> >> Post to     : ubuntu-phone@xxxxxxxxxxxxxxxxxxx
> >> Unsubscribe : https://launchpad.net/~ubuntu-phone
> >> More help   : https://help.launchpad.net/ListHelp
> >
> >
> >
> > --
> > Mailing list: https://launchpad.net/~ubuntu-phone
> > Post to     : ubuntu-phone@xxxxxxxxxxxxxxxxxxx
> > Unsubscribe : https://launchpad.net/~ubuntu-phone
> > More help   : https://help.launchpad.net/ListHelp
> >
>

References

Ubuntu Phone and Private Internet Access?
From: Leonardo Donelli, 2016-11-14
Re: Ubuntu Phone and Private Internet Access?
From: Francisco Pina Martins, 2016-11-14
Re: Ubuntu Phone and Private Internet Access?
From: Seth Ciango, 2016-11-15
Re: Ubuntu Phone and Private Internet Access?
From: Leonardo Donelli, 2016-11-15