[PIA Tunnel] A Virtual Machine VPN tunnel
PIA-Tunnel is a virtual machine that may act as the default gateway for any device on your network.
It supports two separate LAN segments, one for your private LAN and a second one to completely isolated all network traffic.
The image below illustrates the current network setup supported by the VM.
PIA-Tunnel VM is designed to be simple to use so even if the diagram above looks a bit complicated. Using the VM usually only requires that you start it and initiate a VPN connection.
Features
Latest Image: http://www.kaisersoft.net/r/?PIAIMG
Contact Support: http://www.kaisersoft.net/r/?HELPME
I don't check this thread regularly so using the contact form is usually the best way to get in touch with me.
Please note that this is the official "PIA Tunnel PHP-GUI" release. Any previous VMs where development builds and will not be upgraded. Please download http://www.kaisersoft.net/r/?PIAIMG to get the current version which will be maintained and upgraded from here on out.
It supports two separate LAN segments, one for your private LAN and a second one to completely isolated all network traffic.
The image below illustrates the current network setup supported by the VM.
PIA-Tunnel VM is designed to be simple to use so even if the diagram above looks a bit complicated. Using the VM usually only requires that you start it and initiate a VPN connection.
Features
- Open by design. Script based, so no binaries with hidden features, and you may roll your own VM by following the Clean Installation Steps.txt
- Complete network isolation with private VM LAN segment (leak protection)
- Simple Web-interface (Screenshots)
- Port forwarding to 1 IP on your LAN or private VM LAN
- Runs on existing hardware, your Computer
- Requires 1 CPU core, 92MB RAM and less then 2GB free drive space
Latest Image: http://www.kaisersoft.net/r/?PIAIMG
Contact Support: http://www.kaisersoft.net/r/?HELPME
I don't check this thread regularly so using the contact form is usually the best way to get in touch with me.
Please note that this is the official "PIA Tunnel PHP-GUI" release. Any previous VMs where development builds and will not be upgraded. Please download http://www.kaisersoft.net/r/?PIAIMG to get the current version which will be maintained and upgraded from here on out.
Comments
I'll check out the scripts later.
I have tested the VM on a few different system and networks already and am pleased to "announce" that it has been working as it should
I did notice an issue causing the VM to sometime locked up after the Grub screen. This appears to be caused by an issue with LVM and only having 80MB RAM. I increased the RAM to 92MB to get around this issue until I have time to reroll a VM without LVN.
If anybody downloaded the older 2013-07-21 release then you need to run "pia-update" followed by "pia-setup" to get everything updated. After that "pia-update" will automatically call "pia-setup" after each run.
I run a separate VM to handle my torrents and I wanted to ensure that the VM will disconnect the VPN AND Internet connection if something goes wrong.
So I wrote pia-daemon, a little shell script that will continuously monitor the VPN,
If it goes down then forwarding is automatically disabled until the VPN connection is reestablished.
pia-daemon will also monitor your Internet connection and will lock everything down until Internet + VPN is back up.
Here is a screenshot of pia-daemon in action
First I create a connection to Sweden with "pia-start Sweden". Once connected I proceed to start "pia-daemon" to keep monitoring the VPN connection.
I disconnected the network cable (simulates DSL going down) and pia-daemon responded by closing everything for a few minutes.
This feature is still highly experimental but appears to work well
BTW, this VM should work with any VPN service that supports openvpn!
This is the "make it pretty" update
This VM is running on my ESXi Server and I am using pia-daemon to initiate the first VPN connection. pia-daemon was not indented to be used this way but the code can handle it ..... and I am lazy
thanks for the offer. The scripts are now "stable" and the daemon will loop in the background constantly testing the VPN connection. I have tested this any way I can think of and the daemon will recover the VPN connection every time.
Major changes:
+ all settings have been moved to /pia/settings.conf. this is not tracked by git so modifying that file will not break my update script (pia-update)
+ pia-update works well, run it every now and then to keep the scripts up to date
+ There are a few ReadMe*.txt files located in /pia.
I have setup this VM on multiple computers running Windows or Linux and have not experienced a single issue.
Special thanks goes to an anonymous donor. He or She decided to support this project with a 2 BTC donation to 157Gh2dTCkrip8hqj3TKqzWiezHXTPqNrV !THANK YOU!
EDIT: Updated first post with new information and added a pretty picture
If you could provide a tutorial how to install it from start to finish on a Windows PC, I would like to give it a try. :-)
Anyway. the VM is currently for "advanced users" as it will only bridge a virtual network. So it requires that you are already familiar with virtual machines.
That said, I have been thinking about expanding the VM by adding a third
network interface as a bridge to your LAN. This would allow you to use
the VM as a default gateway for any machine on your LAN. Once it can do that it could be used as "the" Private Internet Access VPN Client for all your LAN computers.
This is when the VM will be ready for anybody and I'll write some simple step by step instructions.
I want to add the following features as soon as I can find some free time
+ write deamon to allow a remote computer to query for the currently forwarded port .... might be possible to allow PCs to register themselves for port forwarding .... we'll see
+ add VPN bridge to LAN
The first feature would be nice for servers, things like torrent clients. Someone could write a monitoring client/script to start the server with the port settings provided by the PIA VM.
The second option would be nice to get around crap like country IP blocks. Say you hit a "Video not available" on YouTube. Then you would set the PIA VM's IP as the default gateway of your current computer and route all your traffic through the VPN.
Changing the gateway only takes a few clicks and since the PIA VM holds a connection you will be able to use the VPN as soon as you click "OK".
I had a serious "talk" with myself and came to the conclusion that my remote socket daemon is just too complicated for most users.
Too bad because it would have been interesting for people like myself - RIP.
* Introducing PIA Tunnel VM with web GUI *
I wrote a web GUI to mange the Virtual Machine and VPN connection. This is still in in development but works quite well.
So give a try and please let me know if you run into any problems.
* Overview Screen
* Network Config
* VPN account settings
Major changes to previous Versions
* now comes with configuration GUI
* can now act as a Gateway for your LAN and private vLAN segment
Please note that this is a separate branch right now so this will not work with the previous PIA VM.
You may find the latest guide and download location here:
https://raw.github.com/KaiserSoft/PIA-Tunnel/php-gui/docs/Getting%20Startet%20with%20web%20GUI.txt
thanks for the info about the network driver. I have been focusing on getting everything working so things may not be properly optimized yet.
I have access to a synchronous gigabit Internet connection and I'll be running some test on it soon to see how the VM handles the traffic. It will saturate my home connection with 1.1MB/s down while running on one of my Laptop CPU cores (i5-3317U).
I released a new GUI versions a few minutes ago. Once you run "pia-update" you will have access to all new features.
The settings should now store properly and the "tools" page has been populated with the first scripts. The VPN should be able to act as a network gateway for the entire LAN by setting "VPN Gateway for public LAN" to yes.
I think I found the correct route for this project and I am exited to implement a few more ideas.
Next up will be a Setup Wizard to avoid any command line interactions
I just had the same experience and came here to post the solution.
Login as root and run
cd /pia
git reset --hard php-gui
git pull origin
pia-update
that should be it and it should work from now on.
Sorry about that
@VPN_Dude:
You a on a right path to the hearts of VPN Regular Users :-) Keep up the great job!
I just applied my pia-daemon changes to the php-gui so VPN fallback is now supported by the php-gui as well. I'll merge the changes back into the main release once I have the new "Setup Wizard" done.
Changes:
"Network Config" => "PIA Daemon Settings" => "Enable pia-daemon"
Setting this option to "yes" will autostart the daemon after a connection has been established using the "Connect VPN" button. Please keep in mind that this will initiate a VPN connection with the location you selected and not with your "Failover 0" setting, unless they happen to be the same.
The better way to use the pia-daemon is to start with a disconnect VPN, then simply hit the "Start pia-daemon" button.
The daemon will connect to "Failover 0", periodically check for a good connection and switch to "Failover n" if the PIA VPN Service goes down at that location.
/Shameless plug
BTW, if anybody needs a very simple "Internet Uptime Checker" for Windows. I wrote a tool yesterday that will download a website, look for one or more words on that site and either report "OK" or "ERROR" in a grid view. I am only posting this here because it is somewhat related to my work above and it is 100% free and open source.
Internet Uptime Monitor.exe
I will not go into this, as the MAC system being spoofed can be interpreted as a means to commit a crime. Search engines will tell you what you want to know about how this works though.
I have been busing testing the my latest changes and writing a proper manual so I'll update the first post with the new instructions. The port number is a problem but I am not sure if this can be done. My torrent client needs to know the outside port to work properly so even if the private (LAN) port is static then the torrent client will never know about the current public port.
I wanted to solve this by providing a script that will check if the port has changed and restart/reconfigure your server software to use the new port. This will only work with selected software but I'll double check my options before I get started.
Now that the UI is working I'll focus on that. Not in the GUI yet but I'll get on it. Take a look at /etc/dhcp/dhcpd.conf
There is a static host example at the very bottom of the file. This may have to wait until I get around to adding javascript to certain elements but it will come. Sure can, please check the first post in about an hour. It will come with step by step instructions and a GUI to get everything up and running.
EDIT: or a bit longer since the PIA website is having issues right now
Also, please see the first post to get the "official release" since the various development builds will not be maintained.
Please goto "Tools" => "Start pia-update" to get the latest changes.
P.S. @nipsy I looked into "dynamic port allocation" to setup port forwarding and I don't think that this is possible. The way port forwarding works with PIA is the opposite of a "home internet service". At home you select the port you want to use but with PIA "the port selects you"
Which torrent client are you running?