Jump to content
TorGuard

Leaderboard

  1. Support

    Support

    Administrators


    • Points

      5

    • Content Count

      2,549


  2. 19807409

    19807409

    Members


    • Points

      4

    • Content Count

      392


  3. Brainbleach

    Brainbleach

    Members


    • Points

      2

    • Content Count

      24


  4. Redback813

    Redback813

    Members


    • Points

      2

    • Content Count

      17



Popular Content

Showing content with the highest reputation since 09/27/2020 in all areas

  1. 1 point
    I decided to write a simple guide and share it with most before preparing this guide properly and uploading everything to github. This guide will be updated and scripts uploaded to github, after that you will have just to download and run the latest available. Current one is just a scratch and var names as maybe some formatting is not optimal, but this is how I install and use TorGuard Shared, dedicated etc.. (all torguards ips where wireguard is available). I described already in this post how it is done. Enjoy Repository/Project homepage: https://torguard.github.io/openwrt-scripts/ Wiki/FAQ: https://github.com/TorGuard/openwrt-scripts/wiki openwrt-scrtipts on GitHub. 📝 please keep in mind that latest updates and information about the script and its usage is always on github 📝 currently preinstalled wget on release images has some issues, I will update when those are resolved, until then please install curl ⚒️ Guide Requirements: OS: OpenWRT with or without Luci web interface (stable/snapshot) Requirements: wget or curl with SSL support, works with wget without SSL support If neither wget or curl are installed, script will automaticaly attempt to install curl how to install curl: opkg update && opkg install curl Additionally installed and updating packages by tginstall script: kmod-wireguard wireguard-tools ipset Short description all commands can be copy pasted from codeboxes This script will create default interface wg0 which is configured with /etc/config/torguard After first run, script runs unattended Optional: If you want to configure/edit interface created by script in Web Interface, install luci-app-wireguard with: opkg update && opkg install luci-app-wireguard Method 1: 🧾 recommended ssh to your router: ssh [email protected] Download tginstall script and run it you can copy and paste full codebox below in one command with wget: wget -O /usr/bin/tginstall https://raw.githubusercontent.com/TorGuard/openwrt-scripts/master/usr/bin/tginstall chmod +x /usr/bin/tginstall && tginstall or with curl: curl -o /usr/bin/tginstall https://raw.githubusercontent.com/TorGuard/openwrt-scripts/master/usr/bin/tginstall chmod +x /usr/bin/tginstall && tginstall Finished, you should be connected now Optional: Configure timeoutfix If you use configs/server which has expiration of 15 minutes, you can enable other solutions like crontab, default tginstall is using /etc/init.d/tgapi as service. By default, timeoutfix is enabled, here is how you can enable/disable timeoutfix: FAQ How to config timeoutfix ℹ️ - If timeoutfix is enabled by /etc/config/torguard, then tgapi will be enable on boot and will be started automatically. - valid values - for enabled: 1/y/Y - for disabled: 0/n/N how to disable timeoutfix uci set [email protected]_tg0[0].timeoutfix='0' uci commit torguard how to enable timeoutfix uci set [email protected]_tg0[0].timeoutfix='1' uci commit torguard How can I upgrade my scripts? with curl curl -o /usr/bin/tginstall https://raw.githubusercontent.com/TorGuard/openwrt-scripts/master/usr/bin/tginstall curl -o /usr/bin/tginit https://raw.githubusercontent.com/TorGuard/openwrt-scripts/master/usr/bin/tginit curl -o /usr/bin/tginit-uci-basic https://raw.githubusercontent.com/TorGuard/openwrt-scripts/master/usr/bin/tginit-uci-basic with wget wget --no-check-certificate -O /usr/bin/tginstall https://raw.githubusercontent.com/TorGuard/openwrt-scripts/master/usr/bin/tginstall wget --no-check-certificate -O /usr/bin/tginit https://raw.githubusercontent.com/TorGuard/openwrt-scripts/master/usr/bin/tginit wget --no-check-certificate -O /usr/bin/tginit-uci-basic https://raw.githubusercontent.com/TorGuard/openwrt-scripts/master/usr/bin/tginit-uci-basic ensure that scripts are executable: chmod +x /usr/bin/tginit /usr/bin/tginit-uci-basic /usr/bin/tginstall How can I change my torguard server ip? After script finishes and you entered your credentials you should be connected. If you want to change server IP to some other (like dedicated), run: # set your torguard server IP in this example to 173.244.200.119 uci set [email protected]_tg0[0].endpoint_host='173.244.200.119' # commit and save changes uci commit torguard Rerunning tginstall will connect to changed IP as well as on each run it will use new fresh created keypairs as well as it would update wireguard to latest version if available: tginstall Wireguard will stay connected as long as your ISP connection is not dropped or torguard makes some mistake. tginstall can be used with crontab as is configurabe, for more info please check github page. How to configure existing torguard configuration # How to show your configs - Show full torguard config: uci show torguard - Show only default server: uci show [email protected]_tg0[0] # How to set your configs - Set/edit/change server: uci set [email protected]_tg0[0].endpoint_host='173.244.200.119' - Set/edit/change description: uci set [email protected]_tg0[0].description='wg0 (TorGuard)' - Set/edit/change allowed ips: uci set [email protected]_tg0[0].allowed_ips='0.0.0.0/0' - Set/edit/change endpoint port: uci set [email protected]_tg0[0].endpoint_port='1443' - Set/edit/change keepalive: uci set [email protected]_tg0[0].persistent_keepalive='25' - Set/edit/change route allowed ip's: uci set [email protected]_tg0[0].route_allowed_ips='1' - Remove allowed ips list entry: uci del_list [email protected]_tg0[0].allowed_ips='0.0.0.0/0' - Add additional allowed ips: uci add_list [email protected]_tg0[0].allowed_ips='0.0.0.0/0' # After changing value with uci, you have to commit changes - Commit changes: uci commit torguard How to reset/recreate config by removing or renaming /etc/config/torguard to anything else will cause tginstall to run initial setup and ask for credentials and torguards's whitlabeld private key # rename torguard config file mv -f /etc/config/torguard /etc/config/torguard.bkp # then rerun tginstall tginstall How to get around 15 Min. timeout Method A: keep it valid manually - script will run in an endless loop waiting by default for 300 seconds (5 minutes) which will keep your connection valid. - If it expired due to your ISP being offline (you know it if your handshake is present but internet does not work), then you can run same script from any pc or any device as well as you can open the URL in that script in a browser which would immediately activate expired connection without any wg or network restart. - you can use any PC/Device to activate it, regardless in which in network, it only has to be able to have access to the internet. tgapitest ℹ️ - you do not have to run tgapitest from device on which you connect, this can be any device which is connected to the internet Method B: activate a service, run automatically on a router /etc/init.d/tgapi is created by tginit script and is very simple script just starting tgapitest as a service. Please extend service file to your needs, it has only start part which is enough at current point. /etc/init.d/tgapi enable /etc/init.d/tgapi start Method C: use some other apps on openwrt like luci-app-ddns Other tools used on any other device or your current router could be used to run command from tgapi. If you decide to use as example luci-app-ddns which you can configure how when and over which interface it runs, then you simply have set url for dynamic check of the IP to your API call url from script. How to run a service on boot which will keep my config valid Enable and start service with: /etc/init.d/tgapi enable /etc/init.d/tgapi start How to test my api which was created by tginstall: tgapitest You could add tginstall to run every 15 minutes too, but to get around 15 min timeout it is sufficient to edit current interface before api expired and apply new settings by network restart. This is for now just workaround until torguard clarifies usage/expiration, it does not make a lot sense to code on this if torguard changes it suddenly without announcements. Sources Clone latest development version # get sources git clone https://github.com/TorGuard/openwrt-scripts.git Update already existing sources # cd into directory of your sources cd openwrt-scripts # fetch and download latest release, use git -f to enforce overwrite git fetch git pull Download zip/tar.gz (tags/releases) with your browser
  2. 1 point
    Auto-connect: always connection type: openVPN , tcp, 1912 (sha256) Hope this work for you. Have you tried other VPN locations?
  3. 1 point
  4. 1 point
  5. 1 point
  6. 1 point
    G'day 19807409 I thought I give openwrt try today it very simple to to navigate around and etc , so I followed your instruction on installing wireguard but the ssh which I love, and oh well let say I'm stuck or stump on a questionnaire? Here is my issue. Issue's 1) tginstall issue is caused by the author for not stating that user first install either curl or wget or both before proceeding on in a freshly install/reset Openwrt installation, an innocent over site to which the author can help explain to noobs [email protected]:~# wget -O /usr/bin/tginstall https://github.com/TorGuard/openwrt-scripts/raw/master/usr/bin/tginstall && chmod +x /usr/bin/tginstall && tginstall wget: SSL support not available, please install one of the libustream-.*[ssl|tls] packages as well as the ca-bundle and ca-certificates packages. [email protected]:~# wget -O /usr/bin/tginstall https://github.com/TorGuard/openwrt-scripts/raw/master/usr/bin/tginstall && chmod +x /usr/bin/tginstall && tginstall wget: SSL support not available, please install one of the libustream-.*[ssl|tls] packages as well as the ca-bundle and ca-certificates packages. [email protected]:~# wget -O /usr/bin/tginstall https://github.com/TorGuard/openwrt-scripts/raw/master/usr/bin/tginstall && chmod +x /usr/bin/tginstall && tginstall Downloading 'https://github.com/TorGuard/openwrt-scripts/raw/master/usr/bin/tginstall' Connecting to xxxxxxx:443 Connection error: Invalid SSL certificate [email protected]:~# wget -O /usr/bin/tginstall https://github.com/TorGuard/openwrt-scripts/raw/master/usr/bin/tginstall && chmod +x /usr/bin/tginstall && tginstall Downloading 'https://github.com/TorGuard/openwrt-scripts/raw/master/usr/bin/tginstall' Connecting to xxxxxxx:443 Connection error: Invalid SSL certificate [email protected]:~# wget --no-check-certificate /usr/bin/tginstall https://raw.githubusercontent.com/TorGuard/openwrt-scripts/master/usr/bin/tginstall && chmod +x /usr/bin/tginstall && tginstall 2) Issue Questionnaire without knowing the answer , so user press enter key for default, "invalid" meaning what the answer? Please set your torguard credentials which are require for API usage Set Username: XXXXXXXXXX Set Password: XXXXXXXXXX Continue (y/n)?y Per default New York server is preset, do you want to set your residential/streaming/...? invalid [email protected]:~# Cheers
  7. 1 point
    Thank you for posting your iperf tests, I forgot also to ask you which speed your ISP offers, according to htop which clearly shows that your cpu has more than enough power in reserve by reaching ~180Mbits/sec, I would assume that your ISP does not give you more than 200 Mbits/sec: [SUM] 0.00-10.09 sec 216 MBytes 179 Mbits/sec 759 sender [SUM] 0.00-10.00 sec 207 MBytes 173 Mbits/sec receiver According to the kernel, you are not using snapshot, however, I dont have the router so I am unaware which one works properly for you, snapshot is without gui/luci, in case you try out snapshot and still want to have webif, you can install one simply by running: opkg install luci On a router which I tested, wireguard performed better with kernel 5, meaning that if you do not reach your max. speed (like cpu is on 100%), then you might want to try snapshot, however, if your cpu is really only 17%, then I guess that kernel 5 will show no difference. 17% means also you clearly can have 3-4 wireguard connections, assuming one is your local to which you connect when you need to connect home. Actually it is good that you deleted previous file to ensure that new one with wget is downloaded, that was not a mistake. I also looked now more close to your log from previous try, where it did not work, because your openwrt release includes only wget without SSL support and api requires it, by that script was not able to download from torguard's server api and that is why no api info is visible. You can see if you look up at your screenshot: wget SSL support not available ... It would have worked with step 2 also if you would have wget with SSL support or curl.
  8. 1 point
    Excellent. I was able to change it. Previously, I was just deleting the files in /usr/bin but it didn't ask for the new IP, so your solution was very welcome! thank you! Here are the result from iperf3 and here is a screenshot of htop Also, here is my version. I'm using a stable release for WRT3200ACM rather than a development release.
  9. 1 point
    glad it worked, you are welcome Actually yes, simply rerunning tginstall, as your credentials and so on are saved in /etc/config/torguard, just change before that server ip which is saved in /etc/config/torguard You can list your settings with: uci show torguard To set it , uci set ... The script from post 2 created interface tgwg0, you can delete that one in web interface or with uci delete, So, to change your server IP with uci, run simply: uci set [email protected]_tg0[0].endpoint_host='123.123.123.2' uci commit torguard (or edit with nano or any text editor) then rerun tginstall. Of course you do not need to run the script at all, you could wget/curl api manually and set them with uci, I added config file for uci which can be used to change/add servers, as well as you can add also other interfaces letting your router have several wg connections to several torguard IP's where you control which one is used simply by allowed ip's, of course you could use also something like multiwan. If you can, please install also htop with: opkg install htop and open in one ssh session htop which will show you cpu usage, then in another terminal run iperf3 with closest server to you. I am interested of how good your router performs and if it goes on its limits which you can see in htop. EDIT: by the way, do you use snapshot or stable? If snapshot, which kernel? Command to check kernel is forbidden by this forum soft, meaning, reply XX with un: XXame -a here is a screenshot:
  10. 1 point
    Uptime: 9 days Load average: 2.50, 1.72, 1.13 I disabled daily reboot to see if it ever disconnects, last time I let it run for 30 days and had no issues. yes probably you could read it, there same questions were replied. It doesn't. Assuming it is openwrt which you run on it, then you probably should read this guide or readme and adapt it to your needs.
  11. 1 point
    Wow! I love TorGuard. I sent the logs and SysAdmin fixed the issue on their servers. Now the Client Works like a charm. Thank you so much guys. We Love you. Great job. Way to go my friends.
  12. 1 point
    We already had the subscription part planned - this will be with us in a near future release. Regards
  13. 1 point
    Running into the same issue. Eventually I'll find an IP that works if I keep reconnecting but it would be great if TorGuard could work with Amazon to avoid this, otherwise it is probably going to continue to get more difficult to find working IPs.
  14. 1 point
    Is there a plan to offer WireGuard capability for those of us who currently have cogent IPs? I have tried to generate configs and I get a message that I do not have the option for my IP. Is this something that is being worked on?
  15. 1 point
    @Gladonel Cogent. I was getting around 60Mbps download max. in the past using OpenVPN on a DD-WRT router. FTTH 500/250 connection. I have just set up Torguard WireGuard on my GL-iNet router and I am maxing out the 280Mbps download WireGuard capability of the unit. Brume GL-MV1000 Edge Computing Gateway-OpenWrt. 1. You have a high ping. Are you in the UK? 2. Contact support-they are very helpful.
  16. 1 point
    Actually the fact that many users are using the same IP address gives you increased security since any actions taken by a single user could never be pinpointed since many people use that server.
  17. 1 point
    Guys you can now generate wireguard configs using the generator https://torguard.net/tgconf.php?action=vpn-openvpnconfig For the time being we increased the handshake to 15 minutes, keep in mind until we fully implement a solution if there is no handshake after 15 minutes you will need to regenerate a new config. Regards
  18. 1 point
    It could very well be someone is using the service to post fake reviews or spammy reviews and therefore Amazon is blocking them, we will look into it. Regards
  19. 1 point
    Just checked again - and as soon as I am connected to VPN, the reviews are gone. I am talking about the written reviews, not the star rating at the top. I already contacted Amazon about it and they promised to escalate the issue. Will post again when I have updates, even though I am having a foot out of the door here due to the issues with the iOS client.
  20. 1 point
    Release torguard-v4.1.2, 2020-09-24 =================================== - Windows: solve problems related to the missing "ComponentId" key in registry --This resolved the "outside DNS blocker" error - Windows: adapter cleanup improved in some Windows builds =================================== Downloads
  21. 1 point
    On a a Mac Catalina system Instead of "sudo /usr/bin/wg show torguard-wg dump" since wg" WG does not exist by default in the /usr/bin folder, nor in the /local/bin either, so try instead, "/Applications/TorGuard.app/Contents/Helpers/wg" For this to work it seem you need to start up torguard app, hope this helps. Usage: /Applications/TorGuard.app/Contents/Helpers/wg <cmd> [<args>] Available subcommands: show: Shows the current configuration and device information showconf: Shows the current configuration of a given WireGuard interface, for use with `setconf' set: Change the current configuration, add peers, remove peers, or change peers setconf: Applies a configuration file to a WireGuard interface addconf: Appends a configuration file to a WireGuard interface syncconf: Synchronizes a configuration file to a WireGuard interface genkey: Generates a new private key and writes it to stdout genpsk: Generates a new preshared key and writes it to stdout pubkey: Reads a private key from stdin and writes a public key to stdout
  22. 1 point
    Thanks, 19807409! I just followed that API link and used it to set up Wireguard in the iOS Wireguard app. There's no need to wait for TorGuard to release their update now.
×
×
  • Create New...