1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Port Forward with PIA vpn service

Discussion in 'Asuswrt-Merlin' started by Noremacyug, Jan 31, 2014.

  1. Noremacyug

    Noremacyug Regular Contributor

    Joined:
    Sep 9, 2013
    Messages:
    59
    So I've searched this out over the past few months and I think I even may have started a thread here or elsewhere on the net about it. Regardless, I've never found a method that works. I reached out to PIA and asked them if I had any options for enabling a port or two to be forwarded. The response I received was less than helpful to me as I don't know enough about scripting, etc to make any use of the response. Here is the link they gave me regarding the matter.

    https://www.privateinternetaccess.c...arding-without-the-application-advanced-users

    I didn't know if anyone out there could help me implement this or if it's even possible to do so on the openvpn client on a ac66u.

    Thanks


    Sent from my iPhone
     
  2. balcy24

    balcy24 Occasional Visitor

    Joined:
    Aug 21, 2013
    Messages:
    19
    Location:
    St. Louis, MO
    I am not sure what you are trying to accomplish but I was having trouble getting uTorrent and port forwarding to work with PIA. After doing a ton of research I came across a tip that worked for me. Using the PIA advanced interface, enter a remote port number (I used 9201) and check port forwarding. In your router under LAN, create a rule for forwarding port 9201 to your client and it should work. Like I said I am not sure what you are trying to do but this allows port forwarding from inside PIA. The key was making sure the router forwarded the same port PIA requires.
     
  3. Noremacyug

    Noremacyug Regular Contributor

    Joined:
    Sep 9, 2013
    Messages:
    59

    What pia interface are you referring to? The program installed on your pc?


    Sent from my iPhone
     
  4. balcy24

    balcy24 Occasional Visitor

    Joined:
    Aug 21, 2013
    Messages:
    19
    Location:
    St. Louis, MO
    Yes from the program, under advanced.
     
  5. Noremacyug

    Noremacyug Regular Contributor

    Joined:
    Sep 9, 2013
    Messages:
    59
    That's what I figured. Unfortunately that won't do anything for me and my setup. My router is the actual openvpn client that connects to pia and everything behind it is encrypted/anonomized. Be it my computer, cell phone, game systems, etc it's all protected. I need to have the router request a port forward for a application or two and it's not be an easy task so far. Just hoping a more advanced user on here could help me out.


    Sent from my iPhone
     
  6. nairn62

    nairn62 Occasional Visitor

    Joined:
    Dec 18, 2013
    Messages:
    24
    Location:
    UK
    Opening a PIA Port using OpenVPN and a Shell Script

    Hi,

    here's a quick&dirty shell file: PIA_Port.sh that I run inside the openvpn-event file that's located in the /jffs/scripts folder e.g. I run:

    #Don't forget the & at the end
    /jffs/scripts/PIA_Port.sh &

    It works for me. Just fill in your PIA Username and Password. I now can download torrents using Transmission via an open PIA port. After loading up OpenVPN, the file: /tmp/PIA_PORT contains the port that is used for port forwarding.

    Regards

    Nairn62

    #!/bin/sh
    if [ `ps | grep -v grep | grep vpnclient1 | wc -l` -ne 0 ]; then
    pingCOUNT=5
    INTERFACE=tun11
    BIND_ADDR="`/sbin/ifconfig $INTERFACE | /usr/bin/awk '$1 == \"inet\" {print $2}' | /usr/bin/awk -F: '{print $2}'`"
    echo $BIND_ADDR > /tmp/PIA_ADDR
    /bin/ping -c 1 $BIND_ADDR > /dev/null
    pingCOUNT2=$(/bin/ping -c $pingCOUNT $BIND_ADDR | grep 'received' | awk -F',' '{ print $2 }' | awk '{ print $1 }')
    if [ $pingCOUNT -eq $pingCOUNT2 ]; then
    if [ `ps | grep -v grep | grep transmission-daemon | wc -l` -eq 0 ]; then
    /usr/bin/head -n 100 /dev/urandom | /usr/bin/md5sum | /usr/bin/tr -d " -" > /tmp/.pia_client_id
    /opt/bin/curl -k -d "user=MY_PIA_USERNAME&pass=MY_PIA_PASSWORD&client_id=$(/bin/cat /tmp/.pia_client_id)&local_ip=$BIND_ADDR" https://www.privateinternetaccess.c...ll|/bin/grep -oE "[0-9]+" | tee /tmp/PIA_PORT
    /opt/bin/transmission-daemon --peerport=$(/bin/cat /tmp/PIA_PORT) --bind-address-ipv4 $BIND_ADDR --rpc-bind-address 0.0.0.0 --config-dir /opt/etc/transmission-daemon
    fi
    fi
    fi
     
  7. Noremacyug

    Noremacyug Regular Contributor

    Joined:
    Sep 9, 2013
    Messages:
    59
    where does it output what port PIA assigns to you so you know what port to use in your torrent clients? I've also, switched over to ddwrt to give it a try, but i'm assuming i could somehow utilize this script.

    lastly, do you have any issues with PIA disconnecting randomly but on a frequent basis. I'm not 100% sure it's there service and not my router causing the disconnect. just wondering how it's been working for you.

    (edit) - after looking back over your post.... are you using the transmission client on the router? if so, that won't do anything for me as i need to open port(s) to clients on my network, not the router itself.
     
    Last edited: Feb 9, 2014
  8. Noremacyug

    Noremacyug Regular Contributor

    Joined:
    Sep 9, 2013
    Messages:
    59
    Anyone? Would love to be able to do this if it's possible.


    Sent from my iPhone
     
  9. Titaantje

    Titaantje New Around Here

    Joined:
    Sep 28, 2016
    Messages:
    4
    Thread seems outdated but it covers my question exactly. Didn't find any solution anywhere else yet.

    If anybody who got this (asuswrt (merlin) port forwarding through PIA) to work, please let us know :)
     
  10. Kevin O

    Kevin O New Around Here

    Joined:
    Jul 10, 2015
    Messages:
    3
    the script that @narin62 would be effective but it somehow got truncated by the forum web-link grabber. it converted a line of the script into a link which warped it into the code just after the link. would it be possible for this script to be reposted? I would be quite pleased. The fact that it uses merlins openvpn-event makes it VERY appropriate for merlin users, and far superior to other scripts I've found which often rely on cron jobs.
     
  11. Martineau

    Martineau Very Senior Member

    Joined:
    Jul 8, 2012
    Messages:
    1,931
    Location:
    UK
    Simply right click the 'warped' URL, then click 'Inspect Element' and then you can copy the true code!

    Code:
    https://www.privateinternetaccess.c...ll|/bin/grep -oE "[0-9]+" | tee /tmp/PIA_PORT
    
    becomes
    
    https://www.privateinternetaccess.com/vpninfo/port_forward_assignment 2>/dev/null | /bin/grep -oE "[0-9]+" | tee /tmp/PIA_PORT
     
    rotorbudd likes this.
  12. Kevin O

    Kevin O New Around Here

    Joined:
    Jul 10, 2015
    Messages:
    3
    Many thanks! Ive scoured the web for a functional script and this is the only one I've come across. Again, thank you.
     
  13. kman

    kman Occasional Visitor

    Joined:
    Sep 5, 2014
    Messages:
    37
    I am able to retrieve the port however, when setting it up in Transmission and testing it using the GUI, I am getting Incoming Port is closed. Check your firewall settings.

    Does this need to be enabled in the IPTABLES as well? Any insight will be appreciated.
     
  14. kman

    kman Occasional Visitor

    Joined:
    Sep 5, 2014
    Messages:
    37
    Also, PIA has introduced a new API that is much simpler and the existing method mentioned in post #6 will be deprecated. See post here.

    Key differences:
    • Require a 256-bit ID in Base36 format key. I am not sure how this can be generated within the script, so it may be worthwhile to generate that using a 256-bit calculator as per PIA-Comment_45712
    • The script has to run with 2-minutes of obtaining VPN connection
    Code:
    #!/bin/sh
    if [ `ps | grep -v grep | grep vpnclient1 | wc -l` -ne 0 ]; then
      pingCOUNT=5
      INTERFACE=tun11
      BIND_ADDR="`/sbin/ifconfig $INTERFACE | /usr/bin/awk '$1 == \"inet\" {print $2}' | /usr/bin/awk -F: '{print $2}'`"
      echo $BIND_ADDR > /tmp/PIA_ADDR
      /bin/ping -c 1 $BIND_ADDR > /dev/null
      pingCOUNT2=$(/bin/ping -c $pingCOUNT $BIND_ADDR | grep 'received' | awk -F',' '{ print $2 }' | awk '{ print $1 }')
      if [ $pingCOUNT -eq $pingCOUNT2 ]; then
        if [ `ps | grep -v grep | grep transmission-daemon | wc -l` -eq 0 ]; then
          curl --interface tun11 -k -d "client_id=SHA256KEY" http://209.222.18.222:2000 2>/dev/null | /bin/grep -oE "[0-9]+" | tee /tmp/PIA_PORT
          /opt/bin/transmission-daemon --peerport=$(cat /tmp/PIA_PORT) --bind-address-ipv4 $BIND_ADDR --rpc-bind-address 0.0.0.0 --config-dir /opt/etc/transmission-daemon
        fi
      fi
    fi
    
    However, still unable to successfully use the port in Transmission. I think I am missing some IPTABLES command.
     
    Last edited: Oct 5, 2017
  15. kman

    kman Occasional Visitor

    Joined:
    Sep 5, 2014
    Messages:
    37
    Anyone able to help me on this? @Martineau

    Thanks.
     
  16. robahearts

    robahearts Regular Contributor

    Joined:
    Sep 14, 2015
    Messages:
    50
    Is this script still working? I'm trying to get it to work