OpenVPN Client Issue with VPN.S (VPNSecure.me) after upgrading 2.6 -> 2.7
-
I did find the vpnsecure app running on my ipad and see the same problem. Can not receive server list. So vpnsecure has a big problem and communicate nothing about it. It seems they are still selling accounts while there infrastructure is not working!
-
@walternet said in OpenVPN Client Issue with VPN.S (VPNSecure.me) after upgrading 2.6 -> 2.7:
but I cannot get the server list in the app, because I cannont open it ...
Does the app work? If that was the case, then yeah that would point to they changed maybe the domain so maybe its now at2.newdomain.tld which might be working??
If the app works, unless its doing something like doh or dot or something, it would be easy enough to get the fqdn they are connecting to.. Or maybe their app only uses hard coded IPs now?
What I can say for sure - is that domain your trying to resolve in your vpn log, the error is spot on because that does not resolve.. And I tried many of their other location names, like they have us1, 2 and 3 and many more all over the place.. but using that domain vpnsecure.me and all of the names they have on the other nodes, none of the ones I tried resolved.
-
I connect to my private area on the vpnsecure website
I find in servers item following informations, for example : proxy-at1.vpnsecure.me
each server has for prefix "proxy-" with port 8080 but ... nothing else better in results !! :'-)
I maybe have to read some docs before have some ideas ...
to be continued ...
W.
-
@walternet said in OpenVPN Client Issue with VPN.S (VPNSecure.me) after upgrading 2.6 -> 2.7:
proxy-at1.vpnsecure.me
that doesn't resolve either, and that is not what the log says it was trying to connect too.. So if their plan is to move to naming scheme like that - its isn't currently working..
-
that doesn't resolve either, and that is not what the log says it was trying to connect too.. So if their plan is to move to naming scheme like that - its isn't currently working..
I saw that, yes ... :'-(
-
J johnpoz referenced this topic on
-
Some one any news on this problem?
grt
Pierre
-
-
Still nothing found?
-
@heuvep I still do not show them resolving..
Contact the company - sure hope you didn't pay for a year in advance..
-
I did install the app on my phone and then the vpn did work. So there is something wrong in the settings icw pfsense. Does anyone has the right serverlist?
grt
Pierre
-
@heuvep said in OpenVPN Client Issue with VPN.S (VPNSecure.me) after upgrading 2.6 -> 2.7:
here is something wrong in the settings icw pfsense
Maybe the app uses a hard coded IP? What I can tell you is the names they list on their sites for the end points do not resolve on the public internet. That is just fact..
Its quite possible maybe they changed them - what I would be really concerned with is zero answer to support request.. If they changed their fqdn they use for their end points, they clearly should list them or let their clients know etc..
Per their own instructions says to use a list from here.
https://www.vpnsecure.me/vpn-locations//
None of those resolve..
$ dig us1.vpnsecure.me ; <<>> DiG 9.16.44 <<>> us1.vpnsecure.me ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55199 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;us1.vpnsecure.me. IN A ;; AUTHORITY SECTION: vpnsecure.me. 3600 IN SOA darwin.ns.cloudflare.com. dns.cloudflare.com. 2321840821 10000 2400 604800 1800 ;; Query time: 42 msec ;; SERVER: 192.168.3.10#53(192.168.3.10) ;; WHEN: Mon Oct 09 14:35:39 Central Daylight Time 2023 ;; MSG SIZE rcvd: 109So no it would not be possible for pfsense to connect to some fqdn that does not resolve on the public internet. That is not something wrong with pfsense.
-
I did find out that they not use dns anymore but hard ip adres. I did regenerate a new config zip file and then you get a email with the config files and then you see it uses ip adres and not dns.
client
proto udp
dev tun
remote 212.83.133.203 1281
cipher AES-128-CBC
verb 3
mute 20
keepalive 10 120
comp-lzo
float
persist-key
persist-tun
resolv-retry infinite
nobind
auth-nocache
remote-cert-tls server -
@heuvep well that would explain the problem - so nice of them to let their users know ;)
So you should update your config on pfsense to use IP vs fqdn (that doesn't resolve) and you should be good to go then.
-
Thats correct, if you login with your account ont there portal and generate a new config for your self it uses ip adres instead of fqdn. it will be update in the back in the app but they have not communicate at all. Yesterday i did receive a mail and that triggert me. I will test today to see if it works.
So if you do not use the app you need the new ip adresses and hope they do no change all the time! -
Yes it works now. So you need to use the ipadres.
-
@heuvep & all
Hi guys !
Thanx for this tip / generation of new config
I tested with success with remote 212.83.133.203 1281 => I have connexion, but a very bad rate ... :-(Of course, I asked a new config server, but I just receive .. nothing !
So, can we share a list of IP adresses please ? Besides 212.83.133.203, do we know another IP adresses ?
Can we also share location for each IP ?Have a nice day !
Regards
W.
-
When you login the portal you can generate the config file your self. You then get a zip file with lot of ovpn files from diffrent country's. You can find the ipadres in that file
-
usa -> 216.105.168.250
-
I did receive a anwser from helpdesk :
========= RESPOND ABOVE THIS LINE =========
Yes this is normal, DNS is not working at the moment.
Please go there:
https://www.vpnsecure.me/members/index.php?do=profile
And click "Generate Server Configs", you'll receive them by email.
Best Regards,
Adrian. -
Hi @heuvep
I finally received an answer by mail last friday (with
however, after revisiting my pfSense configuration with following params (see below), OpenVpn Tunnel is up, but none traffic can be routed inside ... :-(
of course, no modif in pfSense FW rules between old config (down) and new (up)client
proto udp
dev tun
ca ca.crt
dh dh2048.pem
cert m_nge.crt
key m_nge.key
remote 151.80.148.150 1281
cipher AES-128-CBC
verb 2
mute 20
keepalive 3 10
comp-lzo
persist-key
persist-tun
float
resolv-retry infinite
nobind
auth-nocache
remote-cert-tls serverDid I miss something ? Can you please confirm each field ?
Regards !!
W.