If Status doesn't show as "up", click the circular arrow icon under Actions to restart the service. Navigate to System > Advanced > Miscellaneous, scroll down to Cryptographic & Thermal Hardware and select AES-NI and BSD Crypto Device (aesni, cryptodev) Navigate to System > General Setup and set DNS Servers to PIA's DNS: 209.222.18.222 and 209.222.18.218Ģ1.) If your CPU features AES-NI and you did enable the BSD cryptodev engine, follow these steps: Repeat the last two steps for all remaining rules shown under Mappings, until every rule has a duplicate for OpenVPN.Ģ0.) Use PIA DNS servers to prevent DNS Leak: Under the Mappings section, click the duplicate (dual-page) icon on the right for the first rule shown in the list. Set the Mode under General Logging Options to "Manual Outbound NAT rule generation (AON)", and click Save. Hardware Crypto: If your CPU features AES-NI it is advised to select the BSD cryptodev engine.ġ6.) Compression: Omit Preference (Use OpenVPN default)ġ7.) Custom Options: Add these parameters:ġ9.) Navigate to Firewall -> NAT -> Outbound Remove AES-128-GCM and AES-256-GCM by clicking on them in the darkened box in NCP AlgorithmsĪdd AES-128-CBC and AES-256-CBC by clicking on them in the left hand list. (Example: Descriptive name PIA-4096)ĥ.) Paste the certificate text into the box at Certificate data and click Save.Ħ.) Navigate to VPN > OpenVPN > Clients and click +Addħ.) Input the server address you chose from the link above at Server host or address.Ĩ.) Enter the Port number based on the Certificate you selected:ĩ.) Description: choose a description that reflects the server region you chose.ġ0.) User Authentication Settings: Enter your PIA Username and Passwordġ1.) TLS Configuration: Uncheck Use TLS Keyġ2.) Peer Certificate Authority: Select the PIA Certificate you created if it is not already selected.ġ3.) Encryption Algorithm: (Note: Setting this to a more secure setting utilizes more CPU processing power.) Manager > CAs and click +AddĤ.) Name your cert according to the name of the cert your downloaded.
#PIA VPN CLIENT ARM DOWNLOAD#
(ca., nl.privateinternetaccess.(In the coming days I will format this to make it looks nice and neat)ġ.) Download one of these three certificates (listed below) to your computer. Head -n 100 /dev/urandom | md5sum | tr -d " -" Here is one way to generate a PIA_CLIENT. The PIA_CLIENT is optional, but if you generate one yourself port mappings will be preserved between cold starts. The host subnet needs to be in CIDR notation. The NET_ADMIN capability is needed to create the TUN device If you leave the DNS out, your local dns servers will be used.
If you want it to restart on reboot, add -restart=always
You must map a torrents directory, no torrents inside container If you need access from the outside, either VPN or SSH/Port forward in. Policy based routing is what led me to this solution, I'm not going down that road again. The deluge web will only work on your local subnet. Specify the UID/GID that corresponds to the HOST UID/GID you want to own the downloads, config and movies directories. Docker run -d -p 8112:8112 -p 1080:1080 \Ĭhange directory mappings as appropriate (delugeconfig, torrents) notesĭELUGE_UID and DELUGE_GID are optional, but will default to 500/500.
0 kommentar(er)
