hello, thanks, using ar-750s-ext, firmware 3.215.
i have an account with mullvad.
on my laptop, using openvpn, the .ovpn file has remote-random.
so each time start vpn, a different mullvad server is connected to.
not sure how to replicate that behavior on my router.
which file(s) should i look at, need to edit.
the router has a list of servers, as i can manually choose one.
but instead, i want random server chosen
i am willing to use openvpn, as it has that setting.
but if possible, prefer to connect to mullvad using wireguard.
thanks much,
david
from mullvad website, i downloaded their .ovpn file.
as per https://docs.gl-inet.com/en/3/tutorials/openvpn_client/#get-configuration-files-from-openvpn-service-providers
on the router, i add that .ovpn file and i start the connection.
but it does not seem to connect, as i would expect ipaddress and other such info to be displayed.
wifi clients of the router cannot access the internet.
note: mullvad vpn over wireguard does work on the router.
is there a way to specify a list of servers and have the route pick a random server and connect?
please advise, thanks, david
I use the remote-random on custom OVPN files too.
Just take an OVPN file and wrap the servers in <connection></connection> synatx and make your own configuration file with regionally located servers if one is not available for your VPN provider. On each reconnect/connect, it will randomly choose one of the four servers in the example below.
You’ll need to make 2 OVPN files if you use TCP and UDP servers.
Upload the custom OVPN file into the GL GUI like any other OpenVPN client configuration file and you’re golden.
<connection>
remote {vpn domain name} {port}
</connection>
<connection>
remote {vpn ip address} {port}
</connection>
<connection>
remote au-adl-001.relays.mullvad.net 1300
</connection>
<connection>
remote 89.36.78.114 1300
</connection>
remote-random
thanks,
i am not seeing an advantage from wrapping each remote inside <connection> as compared to the default .opvn file formatting?
<connection>
remote 89.36.78.114 1300
</connection>
versus
remote 89.36.78.114 1300
That’s the configuration file example I found for using remote-random where you can actually wrap custom configuration variables to each remote. If you omit `remote-random, it will try each connection in order, until a connection is successful. The manual explains it better.
And for one of my VPN providers, the OVPN files were too different, so I had to make separate OVPN files for UDP/TCP (contrasting variables), but mixing is apparently possible.
<connection>
Define a client connection profile. Client connection profiles are groups of OpenVPN options that describe how to connect to a given OpenVPN server. Client connection profiles are specified within an OpenVPN configuration file, and each profile is bracketed by <connection> and </connection>.An OpenVPN client will try each connection profile sequentially until it achieves a successful connection.
--remote-random can be used to initially "scramble" the connection list.
Here is an example of connection profile usage:
client
dev tun
<connection>
remote 198.19.34.56 1194 udp
</connection>
<connection>
remote 198.19.34.56 443 tcp
</connection>
<connection>
remote 198.19.34.56 443 tcp
http-proxy 192.168.0.8 8080
</connection>
<connection>
remote 198.19.36.99 443 tcp
http-proxy 192.168.0.8 8080
</connection>
persist-key
persist-tun
pkcs12 client.p12
remote-cert-tls server
verb 3
First we try to connect to a server at 198.19.34.56:1194 using UDP. If that fails, we then try to connect to 198.19.34.56:443 using TCP. If that also fails, then try connecting through an HTTP proxy at 192.168.0.8:8080 to 198.19.34.56:443 using TCP. Finally, try to connect through the same proxy to a server at 198.19.36.99:443 using TCP.
The following OpenVPN options may be used inside of a <connection> block:
bind, connect-retry, connect-retry-max, connect-timeout, explicit-exit-notify, float, fragment, http-proxy, http-proxy-option, link-mtu, local, lport, mssfix, mtu-disc, nobind, port, proto, remote, rport, socks-proxy, tun-mtu and tun-mtu-extra.
1 Like
ok, very interesting.
my simple needs, remote 89.36.78.114 1300 works fine.
Interesting topic, but is it possible to have different CA + TLS-AUTH each time in 1 config file?
create a for each combo of settings and use remote-random
https://openvpn.net/community-resources/reference-manual-for-openvpn-2-4/
for example,
<connection>
remote 198.19.34.56 443 tcp
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA
ca "/etc/openvpn/ovpn1/cert/202302165329-mullvad_ca.crt"
</connection>
There are limited options of what can be nested inside of <connection>.
The following OpenVPN options may be used inside of a <connection> block:
bind, connect-retry, connect-retry-max, connect-timeout, explicit-exit-notify,
float, fragment, http-proxy, http-proxy-option, link-mtu, local, lport, mssfix,
mtu-disc, nobind, port, proto, remote, rport, socks-proxy, tun-mtu
and tun-mtu-extra.
From what you mean, CA might not work?
My intension is to have different VPN provider to switch over.
Yeah. It doesn’t look like any authentication options are included in the ` dialogue.
I use it with a VPN provider that advertises 100’s of global servers, so it makes it easy to group by region rather than have dozens of single use OVPN profiles.
