Discussions

Ask a Question

Pin

Hello, I'm using Pritunl for the first time and the app is asking me to insert a pin, but I have no pin... can you help out?

Failed to approve ssh key

I am getting the error "Failed to approve SSH Key" while authenticating using `pritunl-ssh`

Is it possible to turn off pritunl-web ?

Hello, as stated in name of topic, is it possible please ? And I mean completely disable, not only change bind_addr to localhost or something like that. We have multiple instances connecting to one central mongoDB and I would like to have it enabled only from specific instance. Thank you

pritunl available in egypt

is pritunl available in egypt?

User password instead of pin

Hi Is it possible to change the settings for user pins, so that you can use letters and not just numbers for at password?

Server stopped unexpectedly - several times a day

Hello, we have one mongo server to which multiple pritunl servers are connecting from different cloud providers. We see this issue comming only from Azure ( 2 different servers from different regions / tenants). Servers will stop unexpectedly several times a day. Only error message in logs I see is: [][2021-09-16 07:27:30,214][WARNING] Stopping duplicate instance, check date time sync [][2021-09-16 07:27:40,148][ERROR] Failed to update server ping If I check timedatectl: timedatectl Local time: Fri 2021-09-17 08:23:13 CEST Universal time: Fri 2021-09-17 06:23:13 UTC RTC time: Fri 2021-09-17 06:23:13 Time zone: Europe/Amsterdam (CEST, +0200) System clock synchronized: yes NTP service: inactive RTC in local TZ: no Versions: Debian GNU/Linux 10 pritunl v1.29.2664.67 I am not sure what issue pritunl can have with time sync. Did anyone experienced similar problem ? Or do yo know how to solve it ? Thank you

Google SSO updated documentation

I would love to know if there's an updated documentation to setup google single sign on. Since google G-Suite is now google workspace and the configuration is updated. It would be helpful if there's a step by step guide on how to setup SSO Pritunl for the updated Google workspace.

All works but U have an error when i would connect to the vpn

When i try to connect to the vpn I have an error and in the console i have : TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Please help me with this issiue

Google authentication failed

Hey, Our Pritunl instances are failing to authenticate with Google. Do you have any recommendations to try?

Port Usage Debacle and DNS problems

Dear all, I've been struggling for a while now, and I would really appreciate some help with the following. My setup: I want to host a pritunl VPN at location A. This single machine will run pritunl (on CentOS 8), and a collection of docker containers with services such as OwnCloud, PiHole, GitLab, ... Preferably I want the PiHole to be the DNS server for this VPN. Then I also want to connect a machine from location B to this VPN such that services on machine B are available to anyone connected to the VPN. I run into two problems: the port usage by pritunl and DNS server configuration (i think) Port usage: The machine running pritunl at location A is in itself located in a private network. This private network has a Fritz Box that connects it to the internet. I want to forward the specific ports that Pritunl uses to this machine, but when I forward ports 80/udp+tcp, 443/udp+tcp, 1194/udp+tcp, 17593/udp to this machine any client connection (Linux Pritunl Client, IOS OpenVPN client) times out. I added ports 80 and 443 to be able to access the webpanel (which I can access both connected and not connected to the VPN), and port 1194 because this should be the port used by the OpenVPN protocol. My Pritunl server runs on port 17593. When I fully expose this machine, any client can connect no problem. When digging into this further I also discoverd that there is a service listening on 9756/tcp, which I added, which did not help. Can anybody shed some light on this problem? DNS problems: When I use my VPN (with the machine at location A fully exposed) my DNS gives me problems. Programs such as curl, ping, and mtr will completely fail to resolve any domain name (but will find ip-adresses within the VPN), and firefox will load any webpage really (REALLY) slowly. My guess is that Firefox has some kind of fail safe DNS mechanism (but I am really unsure about this). This happens with all of the following DNS servers: 1.1.1.1, 8.8.8.8, 8.8.4.4, 127.0.0.1 (pihole) and the adress of the Fritz Box. Can anybody tell me what I am doing wrong? I am in a bit of a hurry when writing this, so I hope that my questions are clear. If there are log files or settings that I can share to improve the information for you, please let me know. Thanks in advance for any help. Kind regards, Lodewijk

This discussion forum is head: where do we get help at ?

This discussion forum is all but dead. Where is the official up to date support at? I'm paying for enterprise licensing monthly as well. I've tried the discussion forum, email from "contact support" and no responses.

Failed to get state in pritunl link

I am trying to get IPSEC setup between two AWS VPCs. I have a pritunl-link client running on ubuntu 16.04 xenial in each VPC. I have set them up in the pritunl console, yet when I get on and run journalctl -fu pritunl-link I get the following error over and over and over. Error : [2021-08-29 22:52:22][INFO] ▶ state: Failed to get state ◆ uri="pritunl:// [email protected]" state: Bad status %!n(int=404) code from server

Cannot access shared drive through Pritunl VPN

I have Pritunl set up on a Ubuntu server 20.04. Connecting to the remote network is no problem. I can ping all devices on the remote network. However, I cannot connect to the shared drives on one of the computers on the remote network. What could be the reason for that?

Connection Timeout - SIGINT[hard,init_instance] received, process exiting

Having issues with VPN, I am getting connection timeout Logs: 2021-08-24 20:33:42 DEPRECATED OPTION: --max-routes option ignored.The number of routes is unlimited as of OpenVPN 2.4. This option will be removed in a future version, please remove it from your configuration. 2021-08-24 20:33:42 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-128-CBC' to --data-ciphers or change --cipher 'AES-128-CBC' to --data-ciphers-fallback 'AES-128-CBC' to silence this warning. 2021-08-24 20:33:42 OpenVPN 2.5.3 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Aug 18 2021 2021-08-24 20:33:42 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10 2021-08-24 20:33:42 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2021-08-24 20:33:42 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-08-24 20:33:42 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-08-24 20:33:42 TCP/UDP: Preserving recently used remote address: [AF_INET]35.173.91.71:8080 2021-08-24 20:33:42 Attempting to establish TCP connection with [AF_INET]35.173.91.71:8080 [nonblock] 2021-08-24 20:33:46 TCP: connect to [AF_INET]35.173.91.71:8080 failed: Operation timed out 2021-08-24 20:33:46 SIGUSR1[connection failed(soft),init_instance] received, process restarting 2021-08-24 20:33:51 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2021-08-24 20:33:51 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-08-24 20:33:51 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-08-24 20:33:51 TCP/UDP: Preserving recently used remote address: [AF_INET]34.193.223.140:8080 2021-08-24 20:33:51 Attempting to establish TCP connection with [AF_INET]34.193.223.140:8080 [nonblock] 2021-08-24 20:33:55 TCP: connect to [AF_INET]34.193.223.140:8080 failed: Operation timed out 2021-08-24 20:33:55 SIGUSR1[connection failed(soft),init_instance] received, process restarting 2021-08-24 20:34:01 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2021-08-24 20:34:01 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-08-24 20:34:01 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-08-24 20:34:01 TCP/UDP: Preserving recently used remote address: [AF_INET]35.173.91.71:8080 2021-08-24 20:34:01 Attempting to establish TCP connection with [AF_INET]35.173.91.71:8080 [nonblock] 2021-08-24 20:34:05 TCP: connect to [AF_INET]35.173.91.71:8080 failed: Operation timed out 2021-08-24 20:34:05 SIGUSR1[connection failed(soft),init_instance] received, process restarting 2021-08-24 20:34:10 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2021-08-24 20:34:10 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-08-24 20:34:10 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-08-24 20:34:10 TCP/UDP: Preserving recently used remote address: [AF_INET]34.193.223.140:8080 2021-08-24 20:34:10 Attempting to establish TCP connection with [AF_INET]34.193.223.140:8080 [nonblock] 2021-08-24 20:34:14 TCP: connect to [AF_INET]34.193.223.140:8080 failed: Operation timed out 2021-08-24 20:34:14 SIGUSR1[connection failed(soft),init_instance] received, process restarting 2021-08-24 20:34:19 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2021-08-24 20:34:19 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-08-24 20:34:19 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-08-24 20:34:19 TCP/UDP: Preserving recently used remote address: [AF_INET]35.173.91.71:8080 2021-08-24 20:34:19 Attempting to establish TCP connection with [AF_INET]35.173.91.71:8080 [nonblock] 2021-08-24 20:34:24 TCP: connect to [AF_INET]35.173.91.71:8080 failed: Operation timed out 2021-08-24 20:34:24 SIGUSR1[connection failed(soft),init_instance] received, process restarting 2021-08-24 20:34:29 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2021-08-24 20:34:29 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-08-24 20:34:29 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-08-24 20:34:29 TCP/UDP: Preserving recently used remote address: [AF_INET]34.193.223.140:8080 2021-08-24 20:34:29 Attempting to establish TCP connection with [AF_INET]34.193.223.140:8080 [nonblock] 2021-08-24 20:34:33 TCP: connect to [AF_INET]34.193.223.140:8080 failed: Operation timed out 2021-08-24 20:34:33 SIGUSR1[connection failed(soft),init_instance] received, process restarting 2021-08-24 20:34:38 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2021-08-24 20:34:38 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-08-24 20:34:38 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication 2021-08-24 20:34:38 TCP/UDP: Preserving recently used remote address: [AF_INET]35.173.91.71:8080 2021-08-24 20:34:38 Attempting to establish TCP connection with [AF_INET]35.173.91.71:8080 [nonblock] 2021-08-24 20:34:42 SIGINT[hard,init_instance] received, process exiting

Unable to add profile

I've been trying to add a profile to my pritunl-client. I have it on an amazon linux machine in the cloud. Here is what I've been trying to solve. $ pritunl-client add pritunl://my.vpn.com/ku/123123123 panic: sprofile: Request failed Get "https://my.vpn.com/ku/123123123": context deadline exceeded (Client.Timeout exceeded while awaiting headers) ORIGINAL STACK TRACE: github.com/pritunl/pritunl-client-electron/cli/sprofile.ImportUri /go/src/github.com/pritunl/pritunl-client-electron/cli/sprofile/utils.go:486 +0x6cf525 github.com/pritunl/pritunl-client-electron/cli/cmd.glob..func1 /go/src/github.com/pritunl/pritunl-client-electron/cli/cmd/add.go:21 +0x75d484 github.com/spf13/cobra.(*Command).execute /go/src/github.com/spf13/cobra/command.go:860 +0x72a981 github.com/spf13/cobra.(*Command).ExecuteC /go/src/github.com/spf13/cobra/command.go:974 +0x72b754 github.com/spf13/cobra.(*Command).Execute /go/src/github.com/spf13/cobra/command.go:902 +0x75d010 github.com/pritunl/pritunl-client-electron/cli/cmd.Execute /go/src/github.com/pritunl/pritunl-client-electron/cli/cmd/root.go:24 +0x75d001 main.main /go/src/github.com/pritunl/pritunl-client-electron/cli/main.go:8 +0x75e024 runtime.main /usr/local/go/src/runtime/proc.go:225 +0x43a295 runtime.goexit /usr/local/go/src/runtime/asm_amd64.s:1371 +0x46d8c0 goroutine 1 [running]: github.com/pritunl/pritunl-client-electron/cli/cmd.glob..func1(0xa8fba0, 0xc0000931b0, 0x1, 0x1) /go/src/github.com/pritunl/pritunl-client-electron/cli/cmd/add.go:23 +0x78 github.com/spf13/cobra.(*Command).execute(0xa8fba0, 0xc000093180, 0x1, 0x1, 0xa8fba0, 0xc000093180) /go/src/github.com/spf13/cobra/command.go:860 +0x2c2 github.com/spf13/cobra.(*Command).ExecuteC(0xa905a0, 0x407ce5, 0xc000082058, 0x401230) /go/src/github.com/spf13/cobra/command.go:974 +0x375 github.com/spf13/cobra.(*Command).Execute(...) /go/src/github.com/spf13/cobra/command.go:902 github.com/pritunl/pritunl-client-electron/cli/cmd.Execute() /go/src/github.com/pritunl/pritunl-client-electron/cli/cmd/root.go:24 +0x31 main.main() /go/src/github.com/pritunl/pritunl-client-electron/cli/main.go:8 +0x25 What could be the issue here?

Config: Failed to sync issues

Hi, I have pritunl hosted on an ubuntu 20.0.4 server. It is fully patched, configured for pritunl, I have ufw running. I have listening ports open for 80,443, mongodb, python, and all udp ports for the vpn networks. I have port forwards from my any to my public ip for the udp ports to my pritunl server. I am using a windows pritunl client which is the latest one from the website download section and it connects just fine. I can get to all my networks inside the vpn tunnel. What I'm seeing in the systems logs is the config never syncs with my server. So, any server changes never get synced up. I have tried turning ufw off on my server, restarting pritunl service. I still have the same issues of no config sync. I tried adding port forwards for 80 and 443 traffic from any to my public ip which redirects to my pritunl server. The tests still conclude the config doesn't sync up to the pritunl server. What am I missing here? What port is needed to sync up config ? Is there additional configuration on the pritunl server I need to do? I tried

wireguard not starting

I have pritunl running on ubuntu 20.0.4 I setup one server with openvpn+wireguard. Wireguard service never connects from my client, I restart the pritunl service and it doesn't help. I have put in port forwards for the port I setup for it and it doesn't help. all pritunl udp ports for the openvpn work for port forwards in my firewall. Is there something I'm missing in my config? I'm beginning to think pritunl is just bugged for ubuntu.

Pritunl Support Plan

Hi, Please do let me know the support plan. Is there any costing for that. How to get or activate slack support group for us as we are using enterprise plan.

Pritunl-zero integration with Lemon Ldap

Hello Team, Is there a way to integrate the Pritunl-zero with Lemon Ldap solution..?

Failed to get state

I am trying to get IPSEC setup between two AWS VPCs. I have a pritunl-link client running on Centos 8 in each VPC. I have set them up in the pritunl console, yet when I get on and run journalctl -fu pritunl-link I get the following error over and over and over. state: Failed to get state ◆ uri="pritunl://token:[email protected]" Put "https://test.pritunl.com/link/state": dial tcp: lookup test.pritunl.com on xxx.xx.xx.xxx:53: no such host