this post was submitted on 14 Jun 2023
1 points (100.0% liked)

Synology

972 readers
1 users here now

Synology

This is a place for all topics regarding Synology hard- and software - especially (but not limited to) their NAS devices.

Just one thing: Let’s please be pleasant to each other and respect that people have different experience levels. Some are pros, some are noobs, yet everybody may have good ideas or interesting questions to ask and comments to make, and all of these shall be heard and appreciated. ❤️

And since we know from TV that all IT nerds 🤓 are h4xx0rs and wear hoodies all the time (if not even ski masks) in front of their computers, I chose an appropriate banner image (image credit).

founded 1 year ago
MODERATORS
bubu@feddit.de
1
Issues with external VPN as network interface (feddit.de)
submitted 1 year ago by sasquash471@feddit.de to c/synology@feddit.de
6 comments fedilink hide all child comments
 

Do you experience similar connectivity issues when using a VPN provider for torrenting? I have tried different servers (which allow torrenting), both udp/tcp protocol, and the recommended dns settings, yet it remains quite buggy. Somtimes, it works well and remains stable for a few days or even weeks. But eventuelly it loses connection, although it says it's still connected. Have any of you encountered the same problems? I am using: DSM 6.2.4-25556 Update 7 and Proton as VPN Provider.

you are viewing a single comment's thread
view the rest of the comments
[–] sasquash471@feddit.de 0 points 1 year ago* (last edited 1 year ago) (1 children)

Yes, this is exactly what happens to my connection. If you still have your script around feel free to share it. I will have a look at it since I don't have any experience with dockers. Thx very much.

[–] seemebreakthis@lemm.ee 0 points 1 year ago (1 children)

My script writing skills are pretty bad. So while this has worked for me, if you are up for it feel free to modify it any way you want.

First save this script somewhere in your home folder (or any folder of your choice). Name it vpn_watchdog.sh:

#!/bin/sh

LOGFILE="/volume1/homes/xxxxx/VPN_watchdog.log"
CURRENT_IP=`timeout -k 1 -s 0 5 curl icanhazip.com`
WATCHTIME=30
ALTERNATE_VPN=1

vpn_restart () {

        LAST=`ifconfig | grep "tun0"`

        while [ ! -z "$LAST" ]; do

                echo $(date)" - tun0 exists, killing vpn client..." >> $LOGFILE
                synovpnc kill_client
                sleep 5
                LAST=`ifconfig | grep "tun0"`

        done

        if [[ $ALTERNATE_VPN -eq 1 ]];then

#       2022-07-02 confined to one VPN only for now

#               ALTERNATE_VPN=2
                ALTERNATE_VPN=1

                cat >/usr/syno/etc/synovpnclient/vpnc_connecting <<END
conf_id=o1663422808
conf_name=Surfshark_HK
proto=openvpn
END


                echo $(date)" - Establishing VPN connection..." >> $LOGFILE

                synovpnc connect --id=o1663422808

        elif [[ $ALTERNATE_VPN -eq 2 ]];then

#       2022-07-02 confined to one VPN only for now

#               ALTERNATE_VPN=1

                cat >/usr/syno/etc/synovpnclient/vpnc_connecting <<END
conf_id=o1642598846
conf_name=Surfshark_TW
proto=openvpn
END

                echo $(date)" - Establishing alternate VPN connection..." >> $LOGFILE

                synovpnc connect --id=o1642598846

        fi

        sleep 20

        CONNECTION_TEST=`cat /usr/syno/etc/synovpnclient/vpnc_last_connect | grep server_ip0 | awk -F= 'NF==2 {print $2}'`
        CURRENT_IP=`timeout -k 1 -s 0 5 curl icanhazip.com`
        echo $(date)" - Completed command to start VPN.  IP used for connection test = "$CONNECTION_TEST", current IP = "$CURRENT_IP >> $LOGFILE

}

case $1 in

        start)

                echo $(date)" - Started, IP used for connection test = "$CONNECTION_TEST", current IP = "$CURRENT_IP >> $LOGFILE

                while true; do

                        sleep 30

                        LAST=`ping -I tun0 -c 5 -W 2 -q "$CONNECTION_TEST"`
                        OUTCOME=$?
                        LAST=`echo $LAST | grep "0 received"`

                        if [[ ! -z "$LAST" || $OUTCOME -eq 2 ]];then

                                echo $(date)" - Ping to "$CONNECTION_TEST" via TUN0 failed" >> $LOGFILE
                                vpn_restart

                        fi

                        LAST=`ping -c 5 -W 2 -q "$CONNECTION_TEST"`
                        OUTCOME=$?
                        LAST=`echo $LAST | grep "0 received"`

                        if [[ ! -z "$LAST" || $OUTCOME -eq 2 ]];then

                                echo $(date)" - Ping to "$CONNECTION_TEST" via general connection failed" >> $LOGFILE
                                vpn_restart

                        fi

                        LAST=`ifconfig | grep "tun0"`

                        if [ -z "$LAST" ];then

                                echo $(date)" - TUN0 down" >> $LOGFILE
                                vpn_restart

                        fi

                done
                ;;

        stop)

                echo $(date)" - Shutting down" >> $LOGFILE
                pkill -9 -f vpn_watchdog
                ;;

esac

You will then need to change something in the script:

  1. LOGFILE -> change the 'xxxxx' to your home folder
  2. o1663422808 and Surfshark_HK -> change according to the following instructions (info sourced from https://blog.benoitblanchon.fr/synology-auto-connect-vpn-at-startup/ ):

Quoting the relevant info from this site: The DSM comes with a command line tool to manage the VPN connection. As you’ll see the ergonomy is debatable, but it allows to initiate the connection from the shell. This tool is synovpnc, but before we can use it, we need the following file: /usr/syno/etc/synovpnclient/vpnc_connecting This is a temporary file that lives only a few seconds after you click “Connect” in the VPN configuration GUI. Your mission is to click on “Connect” and cat this file so you can see the configuration. It should be something among those lines: conf_id=o1481981647 conf_name=MyVpnConnection proto=openvpn The conf_id and conf_name is what we are after.

Once found, just change o1663422808 and Surfshark_HK with the names you found following the above instructions.

(Edit: Note - there are multiple occurrences of o1663422808 (and possibly Surfshark_HK) in the script, so change all occurrences) Now that we have created the script, 2 additional steps are needed:

  1. Uncheck the 'Reconnect when the VPN connection is lost' checkbox. This script takes over the monitoring / restarting.
  2. We need a way to run the script at system startup. Either you can figure out how to utilize 'task scheduler' to do this, or do what I did:

cd to /usr/local/etc/rc.d , then create a 'startup.sh' with the following content:

#!/bin/sh

# Start everything up in background.
# My experience shows Synology may start these process one by one, and only if one has finished will it start the next one.
# So for script with forever loops, it potentially will block other scripts from running
# Therefore I need to use one single script to start other scripts in the background.

case $1 in

        start)

               /bin/sh /volume1/homes/xxxxx/vpn_watchdog.sh stop

               /bin/sh /volume1/homes/xxxxx/vpn_watchdog.sh start &

                ;;

        stop)

               /bin/sh /volume1/homes/xxxxx/vpn_watchdog.sh stop &

                ;;

esac

Again, change xxxxx with your home folder (or whatever folder you placed the watchdog script in).

Also, remember to 'chmod +x' the scripts so they become executable.

That's all I can think of. Good luck !

[–] sasquash471@feddit.de 0 points 1 year ago

Thx very much, will have a look at it on the weekend ;)