[solved] Lubuntu PIA client doesn't connect to VPN

p2985896

There are several threads reporting this problem without solutions. I've succeeded to get the Ubuntu PIA client to connect, with support, only for it to fail again later, especially after updates. I think the Ubuntu PIA client is unreliable and PIA really need to sort this issue out. In the meantime, here's a workaround using OpenVPN only:

(either) If you have already installed the PIA client, then remove it. It will have already installed OpenVPN (Replace [user_name] with your Ubuntu home directory name):

$ sudo rm -r /home/[user_name]/.pia_manager

(or) If you haven't installed the PIA client, then install OpenVPN only:

$ sudo apt-get install openvpn

Download the PIA configuration files, key, and certificate from: https://www.privateinternetaccess.com/pages/client-support/ubuntu-openvpn
Direct link: https://www.privateinternetaccess.com/openvpn/openvpn.zip

Unzip

Move the key and certificate files to OpenVPN directory:

$ sudo mv /home/[user_name]/Downloads/ca.rsa.2048.crt /etc/openvpn/ca.rsa.2048.crt

$ sudo mv /home/[user_name]/Downloads/crl.rsa.2048.pem /etc/openvpn/crl.rsa.2048.pem

Open the OpenVPN configuration file you want to use in a text editor, e.g. /home/[user_name]/Downloads/US East.ovpn:

client
dev tun
proto udp
remote us-east.privateinternetaccess.com 1198
resolv-retry infinite
nobind
persist-key
persist-tun
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server
auth-user-pass
comp-lzo
verb 1
reneg-sec 0
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt
disable-occ

Change the certificate & key paths to absolute paths (otherwise they will throw an error)
From:

crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt

To:

crl-verify /etc/openvpn/crl.rsa.2048.pem
ca /etc/openvpn/ca.rsa.2048.crt

So you don't have to enter your PIA account credentials each time you start OpenVPN, include them in the configuration file:
From:

auth-user-pass

To:

auth-user-pass user-pass.txt

Create the PIA user credentials file:

$ sudo nano /etc/openvpn/user-pass.txt

Enter your credentials on two lines, user, then password e.g.:

p1234567
AbCd3fGh1j

Write out (Ctrl + o), hit Enter, and close (Ctrl + x)

Move configuration file to OpenVPN dir:

$ sudo mv /home/[user_name]/Downloads/US East.ovpn /etc/openvpn/US East.ovpn

That's it! Now, to start OpenVPN, each time:

$ sudo openvpn --config /etc/openvpn/US East.ovpn

I hope this helps!

Max-P

To add to this, if you name the file in /etc/openvpn ending with .conf, it will be managed by systemd and will automatically start the VPN right on boot.

systemctl start [email protected]
systemctl enable [email protected]
systemctl stop [email protected]
systemctl disable [email protected]


You can also just run the script provided in the page you linked to have NetworkManager manager the VPN

jeff4892

This is only partly working for me. I can connect via PIA using the config file but when I run an IP Leak test it still shows my ISP. I'm using LUBUNTU 16.10 on a USB with persistence.

jeff4892

jeff4892 said:

This is only partly working for me. I can connect via PIA using the config file but when I run an IP Leak test it still shows my ISP. I'm using LUBUNTU 16.10 on a USB with persistence.

Also, when I go into Network Manager and try to add a new connection and select VPN there is no VPN option listed. In the past there has been. Don't understand all this communication stuff so don't know where to turn.

jeff4892

jeff4892 said:

jeff4892 said:

This is only partly working for me. I can connect via PIA using the config file but when I run an IP Leak test it still shows my ISP. I'm using LUBUNTU 16.10 on a USB with persistence.

Also, when I go into Network Manager and try to add a new connection and select VPN there is no VPN option listed. In the past there has been. Don't understand all this communication stuff so don't know where to turn.

I'll continue to update as I make progress (or think I am making progress). So I installed network-manager-openvpn-gnome and now when I start Network Manager there is an option to add a OpenVPN or import a configuration file. Off to search on what to do next.

jeff4892

OK so I've got things working but all very manual. Highlevel 1. Scrap PIA's configuration and install openvpn 2. Pick a config file to work with (this means this would have to be repeated for each location / config file you want to work. 20 config files, 20 edits) 3. Edit config file with text editor using sudo 4. Change 2 lines (found in one thread) 5. Add 3 new lines (found in a second thread) 6. Save config file 7. Use CLI to manually start OpenVPN 8. Run DNS Leak test to confirm it's working

tea_lady

Running Fedora 27 and am a little confused when trying to start the service as Fedora tells me it doesn't know the service.

[[email protected] openvpn]$ sudo systemctl start [email protected]
Failed to start [email protected]: Unit [email protected] not found.


I've tried symlinking the .conf file to my chosen .ovpn file as well as copying the .ovpn to a .conf file and same result.

I've tried using "PIA" as well as "pia" for naming conventions in case I'm forking up the case.

I'm a little confused as to where the service name comes from.


p.s. I can start and stop the VPN using the files I have and so I know I have something right but would like the VPN to come up at boot time.

 
<QUOTE>
To add to this, if you name the file in /etc/openvpn ending with .conf, it will be managed by systemd and will automatically start the VPN right on boot.

systemctl start [email protected]
systemctl enable [email protected]
systemctl stop [email protected]
systemctl disable [email protected]

</QUOTE>

Max-P

@tea_lady Newer versions of OpenVPN separated the clients and server services so they can start up at different times during the boot process.

You should have a /etc/openvpn/client folder on this version of Fedora, and the service changed to openvpn-client. The updated commands would be:

systemctl enable --now [email protected]
systemctl disable --now [email protected]