Windscribe

[NewGround45]

Hello, could any of you please assist me with getting TransmissionOpenVPN set up with wind-scribe. I am a little bit lost as to what has gone wrong. I logged into portainer and added the username and password from the link . I believe I need to add the wind-scribe config file but I can't seem to find where transmission is mounted on my Pi.

Fri Aug 12 19:41:05 2022 Validating certificate extended key usage
Fri Aug 12 19:41:05 2022 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Fri Aug 12 19:41:05 2022 VERIFY EKU OK
Fri Aug 12 19:41:05 2022 VERIFY X509NAME OK: C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=adl-354.windscribe.com
Fri Aug 12 19:41:05 2022 VERIFY OK: depth=0, C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=adl-354.windscribe.com
Fri Aug 12 19:41:06 2022 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA
Fri Aug 12 19:41:06 2022 [adl-354.windscribe.com] Peer Connection Initiated with [AF_INET]103.108.92.83:1194
Fri Aug 12 19:41:07 2022 SENT CONTROL [adl-354.windscribe.com]: 'PUSH_REQUEST' (status=1)
Fri Aug 12 19:41:07 2022 AUTH: Received control message: AUTH_FAILED
Fri Aug 12 19:41:07 2022 SIGTERM[soft,auth-failure] received, process exiting
Starting container with revision: 901c0d2
Creating TUN device /dev/net/tun
mknod: /dev/net/tun: File exists
Using OpenVPN provider: WINDSCRIBE
Running with VPN_CONFIG_SOURCE auto
No bundled config script found for WINDSCRIBE. Defaulting to external config
Downloading configs from https://github.com/haugene/vpn-configs-contrib/archive/main.zip into /tmp/tmp.a2fS172EhK
Extracting configs to /tmp/tmp.ASIVRmUA3V
Found configs for WINDSCRIBE in /tmp/tmp.ASIVRmUA3V/vpn-configs-contrib-main/openvpn/windscribe, will replace current content in /etc/openvpn/windscribe
Cleanup: deleting /tmp/tmp.a2fS172EhK and /tmp/tmp.ASIVRmUA3V
No VPN configuration provided. Using default.
Modifying /etc/openvpn/windscribe/default.ovpn for best behaviour in this container
Modification: Point auth-user-pass option to the username/password file
Modification: Change ca certificate path
Modification: Change ping options
Modification: Update/set resolv-retry to 15 seconds
Modification: Change tls-crypt keyfile path
Modification: Set output verbosity to 3
Modification: Remap SIGUSR1 signal to SIGTERM, avoid OpenVPN restart loop
Setting OpenVPN credentials...
adding route to local network 192.168.1.0/24 via 172.17.0.1 dev eth0
Fri Aug 12 19:41:20 2022 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 22 2022
Fri Aug 12 19:41:20 2022 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Fri Aug 12 19:41:20 2022 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Aug 12 19:41:20 2022 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Fri Aug 12 19:41:20 2022 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Fri Aug 12 19:41:20 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]103.108.92.83:1194
Fri Aug 12 19:41:20 2022 Socket Buffers: R=[180224->180224] S=[180224->180224]
Fri Aug 12 19:41:20 2022 UDP link local: (not bound)
Fri Aug 12 19:41:20 2022 UDP link remote: [AF_INET]103.108.92.83:1194
Fri Aug 12 19:41:20 2022 TLS: Initial packet from [AF_INET]103.108.92.83:1194, sid=ff7cf4af b35f53e8
Fri Aug 12 19:41:20 2022 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Aug 12 19:41:20 2022 VERIFY OK: depth=2, C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X1
Fri Aug 12 19:41:20 2022 VERIFY OK: depth=1, C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X2
Fri Aug 12 19:41:20 2022 VERIFY KU OK
Fri Aug 12 19:41:20 2022 Validating certificate extended key usage
Fri Aug 12 19:41:20 2022 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Fri Aug 12 19:41:20 2022 VERIFY EKU OK
Fri Aug 12 19:41:20 2022 VERIFY X509NAME OK: C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=adl-354.windscribe.com
Fri Aug 12 19:41:20 2022 VERIFY OK: depth=0, C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=adl-354.windscribe.com
Fri Aug 12 19:41:21 2022 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA
Fri Aug 12 19:41:21 2022 [adl-354.windscribe.com] Peer Connection Initiated with [AF_INET]103.108.92.83:1194
Fri Aug 12 19:41:22 2022 SENT CONTROL [adl-354.windscribe.com]: 'PUSH_REQUEST' (status=1)
Fri Aug 12 19:41:22 2022 AUTH: Received control message: AUTH_FAILED
Fri Aug 12 19:41:22 2022 SIGTERM[soft,auth-failure] received, process exiting
Starting container with revision: 901c0d2
Creating TUN device /dev/net/tun
mknod: /dev/net/tun: File exists
Using OpenVPN provider: WINDSCRIBE
Running with VPN_CONFIG_SOURCE auto
No bundled config script found for WINDSCRIBE. Defaulting to external config
Downloading configs from https://github.com/haugene/vpn-configs-contrib/archive/main.zip into /tmp/tmp.y0TkjdZ8c0
Extracting configs to /tmp/tmp.Vk06fo4rsv
Found configs for WINDSCRIBE in /tmp/tmp.Vk06fo4rsv/vpn-configs-contrib-main/openvpn/windscribe, will replace current content in /etc/openvpn/windscribe
Cleanup: deleting /tmp/tmp.y0TkjdZ8c0 and /tmp/tmp.Vk06fo4rsv
No VPN configuration provided. Using default.
Modifying /etc/openvpn/windscribe/default.ovpn for best behaviour in this container
Modification: Point auth-user-pass option to the username/password file
Modification: Change ca certificate path
Modification: Change ping options
Modification: Update/set resolv-retry to 15 seconds
Modification: Change tls-crypt keyfile path
Modification: Set output verbosity to 3
Modification: Remap SIGUSR1 signal to SIGTERM, avoid OpenVPN restart loop
Setting OpenVPN credentials...
adding route to local network 192.168.1.0/24 via 172.17.0.1 dev eth0
Fri Aug 12 19:41:41 2022 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 22 2022
Fri Aug 12 19:41:41 2022 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Fri Aug 12 19:41:41 2022 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Aug 12 19:41:41 2022 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Fri Aug 12 19:41:41 2022 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Fri Aug 12 19:41:41 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]103.108.92.83:1194
Fri Aug 12 19:41:41 2022 Socket Buffers: R=[180224->180224] S=[180224->180224]
Fri Aug 12 19:41:41 2022 UDP link local: (not bound)
Fri Aug 12 19:41:41 2022 UDP link remote: [AF_INET]103.108.92.83:1194
Fri Aug 12 19:41:41 2022 TLS: Initial packet from [AF_INET]103.108.92.83:1194, sid=c2eb870a e6e2520c
Fri Aug 12 19:41:41 2022 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Aug 12 19:41:41 2022 VERIFY OK: depth=2, C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X1
Fri Aug 12 19:41:41 2022 VERIFY OK: depth=1, C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X2
Fri Aug 12 19:41:41 2022 VERIFY KU OK
Fri Aug 12 19:41:41 2022 Validating certificate extended key usage
Fri Aug 12 19:41:41 2022 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Fri Aug 12 19:41:41 2022 VERIFY EKU OK
Fri Aug 12 19:41:41 2022 VERIFY X509NAME OK: C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=adl-354.windscribe.com
Fri Aug 12 19:41:41 2022 VERIFY OK: depth=0, C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=adl-354.windscribe.com
Fri Aug 12 19:41:42 2022 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA
Fri Aug 12 19:41:42 2022 [adl-354.windscribe.com] Peer Connection Initiated with [AF_INET]103.108.92.83:1194
Fri Aug 12 19:41:43 2022 SENT CONTROL [adl-354.windscribe.com]: 'PUSH_REQUEST' (status=1)
Fri Aug 12 19:41:43 2022 AUTH: Received control message: AUTH_FAILED
Fri Aug 12 19:41:43 2022 SIGTERM[soft,auth-failure] received, process exiting

[MrYann]

Hi all :)
Maybe I should start a new conversation since I am not responding to original post, but I thought it would be convenient to group all windscribe related questions.

Transmission can connect to vpn by using the openvpn credentials found here : https://windscribe.com/getconfig/openvpn
(Only step 2 is needed, step 1 is done by the container)

Also, the environnement value of openvpn_config can be chosen in the list show in step 1 of the previous link.

Then activate ephemeral port forwarding here : https://windscribe.com/myaccount#porteph
(Following the guide found here : https://www.reddit.com/r/Windscribe/comments/f4xi5h/port_forwarding_for_torrenting_how_to_become/)

Lastly, at the time of writing you have 2 options :

• either you let the docker environment variable ENABLE_UFW to false (the default) : then you can write the ephemeral port in the transmission configuration through the web-ui (settings/network/listening port)
• or you want -e ENABLE_UFW=true, but this firewall seems to be unaware of transmission configuration : so you have to specify the ephemeral port through -e TRANSMISSION_PEER_PORT=xxx