You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have setup split-vpn on my udm pro, on VLAN 69, and all traffic on that vlan does indeed go through that VLAN, qbittorrent is setup listening on TCP/UDP port 54913, but the port is not showing as open:
VPN side port forwarding:
split-vpn config:
root@Enterprise:/data/split-vpn/nexthop/torguard# cat vpn.conf
### SPLIT VPN OPTIONS ###
# Enter multiple entries separated by spaces.
# Do not enter square brackets around the entries.
# Force these sources through the VPN.
# Format: [brX] for interface. [IP/nn] for IP. [xx:xx:xx:xx:xx:xx] for mac.
FORCED_SOURCE_INTERFACE="br69"
# Exempt these destinations from the VPN.
# Format: [IP/nn]
EXEMPT_DESTINATIONS_IPV4="192.168.0.0/16"
EXEMPT_DESTINATIONS_IPV6=""
# VPN port forwards.
# Format: [tcp/udp/both]-[VPN Port]-[Forward IP]-[Forward Port]
PORT_FORWARDS_IPV4="both-54913-192.168.69.2-54913"
PORT_FORWARDS_IPV6=""
# Enabling kill switch drops VPN-destined traffic that doesn't go through the VPN.
KILLSWITCH=1
# Enable this only if you are testing or you don't care about your real IP leaking
# when the vpn client restarts or exits.
REMOVE_KILLSWITCH_ON_EXIT=0
# Enable this if you added blackhole routes in the Unifi Settings to prevent Internet
# access at system startup before the VPN script runs. This option removes the blackhole
# routes to restore Internet access after the killswitch has been enabled.
# If you do not set this to 1, openvpn will not be able to connect at startup, and your
# Internet access will never be enabled until you manually remove the blackhole routes.
# Set this to 0 only if you did not add any blackhole routes.
REMOVE_STARTUP_BLACKHOLES=1
# Set the VPN provider.
# "openvpn" for OpenVPN (default), "openconnect" for OpenConnect, "external" for wireguard,
# or "nexthop" for an external VPN client.
VPN_PROVIDER="nexthop"
# If using "external" for VPN_PROVIDER, set this to the VPN endpoint IP so that the
# gateway route can be automatically added for the VPN endpoint.
# OpenVPN passes the VPN endpoint IP to the script and will override these values.
# These must be defined if using VPN_PROVIDER="nexthop".
VPN_ENDPOINT_IPV4="192.168.3.69"
VPN_ENDPOINT_IPV6=""
# Set this to the route table that contains the gateway route, "auto", or "disabled".
# The Ubiquiti route table is "201" if you're using Ethernet, "202" for SFP+, and
# "203" for U-LTE.
# Default is "auto" which works with WAN failover and automatically changes the endpoint
# via gateway route when the WAN or gateway routes changes.
# Set to "disabled" if you are using the nexthop option to connect to a VPN on your LAN.
GATEWAY_TABLE="disabled"
# Set this to the timer to use for the rule watcher (in seconds).
# The script will wake up every N seconds to re-add rules if they're deleted by
# the system, or change gateway routes if they changed. Default is 1 second.
WATCHER_TIMER=1
# Options for custom table and chains.
# These options need to be unique for each instance of openvpn if running multiple.
ROUTE_TABLE=101
MARK=0x169
PREFIX="VPN_"
PREF=99
DEV=br3
traceroute on the container in question (qbittorrent):
root@12ad3c96eb22:/# traceroute 1.1.1.1
traceroute to 1.1.1.1 (1.1.1.1), 30 hops max, 46 byte packets
1 192.168.69.1 (192.168.69.1) 0.286 ms 0.222 ms 0.168 ms
2 192.168.3.69 (192.168.3.69) 0.273 ms 0.253 ms 0.247 ms
3 10.13.0.1 (10.13.0.1) 12.270 ms 11.907 ms 12.357 ms
4 93.115.35.97 (93.115.35.97) 12.735 ms 12.731 ms 12.994 ms
5 217.138.223.132 (217.138.223.132) 49.086 ms 26.600 ms 29.825 ms
6 gr-4-0-0-0.core1.fra2.de.m247.com (193.27.15.90) 13.219 ms 217.138.223.72 (217.138.223.72) 12.948 ms 12.860 ms
7 13335.syd.equinix.com (45.127.172.154) 13.607 ms 193.27.15.88 (193.27.15.88) 13.010 ms 13335.syd.equinix.com (45.127.172.154) 24.167 ms
8 13335.syd.equinix.com (45.127.172.154) 22.980 ms 13.540 ms 172.69.60.3 (172.69.60.3) 13.599 ms
9 one.one.one.one (1.1.1.1) 12.394 ms 12.683 ms 12.666 ms
everything appears to be setup correctly, and the port were open when i was using another solution with the same wireguard config.
any ideas?
The text was updated successfully, but these errors were encountered:
I have setup split-vpn on my udm pro, on VLAN 69, and all traffic on that vlan does indeed go through that VLAN, qbittorrent is setup listening on TCP/UDP port
54913, but the port is not showing as open:VPN side port forwarding:
split-vpn config:
traceroute on the container in question (qbittorrent):
everything appears to be setup correctly, and the port were open when i was using another solution with the same wireguard config.
any ideas?
The text was updated successfully, but these errors were encountered: