-
Notifications
You must be signed in to change notification settings - Fork 80
09. User Defined VPNs
If the provider you want to use is not listed (and it supports openvpn!) then you may be able to use it with the User Defined provider setting. To do this, navigate to the VPN configuration tab in the settings menu and select 'User Defined' as the VPN provider.
You now need to supply the OpenVPN files that are provided by your VPN provider. These will be .ovpn files (one per VPN location), and optionally some other supporting files referenced within the .ovpn files. You can either do this using the User Defined import wizard (also on the VPN configuration tab), or by copying the files manually to the correct location.
To make the files available to the add-on, you'll need to put them on a source that's accessible. This can be a network drive or a USB attached device. You may need to add the the source to Kodi using the file manager before the device can be seen by the add-on. You can google for instructions on how to do this.
The User Defined import wizard will allow you to upload all of the files you need to connect to a VPN, and will attempt to make the right set of modifications and settings. It will over write any existing User Defined files.
You can upload a directory full of files (zip files and nested directory structures are not supported), or you can upload multiple files. Kodi 16 currently has some pretty special/difficult behaviour regarding the multiple file dialog and where a keyboard is not available, this option should probably be avoided until this is fixed.
You must upload all required files at the same time otherwise the import wizard will not work.
The import wizard asks you if you want to modify the .ovpn files. It is recommended that you do this. It will look for references to all of the non-.ovpn files you've supplied and update the reference with the correct path. It will also analyse the contents of the .ovpn files and determine how user names, passwords and user keys and certificates are managed and update the settings appropriately.
If you do not select to modify the .ovpn files then the files will be uploaded to the correct directory, but will still need to be edited manually.
The results of the import will be displayed, along with anything found that might be cause for concern. It is up to the user to determine whether they want to fix the problem (either in the User Defined directory directly, or in their local files and run the import wizard process again) or whether the problem can be ignored.
The import wizard will not detect where you've not supplied a file, or where the contents of the .ovpn are wrong. Additionally, you may have to make additional modifications before the connection works.
Once the import wizard has run, you can attempt to validate a connection. If the connection fails, then look at the VPN log and debug the problems.
If you don't want to use the import wizard (maybe you're trying to do something clever like switch between different providers) then you can set up User Defined manually.
The first step is to upload all of the files to the User Defined directory. You then need to edit the .ovpn files to ensure that any file references are resolved correctly. An example might be a ca.crt reference. In the .ovpn provided by your VPN provider, it might look like this :
ca ca.crt
The ca.crt file will now need to be qualified to resolve to the User Defined directory. You can do this either by appending the full path, or by using the #PATH tag, which will do this resolution for you. After updating it should look like this :
ca #PATH/ca.crt
For Windows, you'll need to use a backslash, but escaped with a backslash so this line would look like this :
ca #PATH\\ca.crt
When you try and connect, the .ovpn will be copied to the /storage/.kodi/addons/service.vpn.manager/UserDefined directory (assuming LibreELEC) and updated to this :
ca /storage/.kodi/addons/service.vpn.manager/UserDefined/ca.crt
If you get this wrong you'll typically see an error out of openvpn complaining that it can't find a file.
Once you've finished editing all of the files, then you can attempt to validate a connection. If it fails, this will give you a VPN log you can use to debug any problems.
This option is available on the VPN configuration tab in the settings menu and will be set automatically by the import wizard. If selected it will ask you to enter your username and password before trying to connect. If you have already uploaded a file containing your username and password (usually called pass.txt), or your VPN provider does not require you to supply them then you can unselect this option.
This option is available on the VPN configuration tab in the settings menu and will be set automatically by the import wizard. If 'Single' it will ask you to upload your user key and cert before trying to connect and use that key and cert for all connections. If 'Multiple' it will ask you to upload your user key and cert for each connection before trying to connect. If you have already uploaded the right set of keys and certs (or they're already embedded in the .ovpn files), or your VPN provider does not require you to supply them then you can set this option to 'None'
The User Defined directory (within the userdata path) is located in different places depending on the Kodi build you're using. For LibreELEC, it's in /storage/.kodi/userdata/addon_data/service.vpn.manager/UserDefined/. To determine where it is on your platform you can view the import wizard log and it will be shown on the first few lines.
Under this top level directory, you'll need to create sub directories for each of the different VPN providers you want to modify. You can see the sub directories in the add-on directory (/storage/.kodi/addons/service.vpn.manager/ for LibreELEC), and any directories in the user data directory will need to be named exactly the same. However, unless you're doing something with up/down scripts, it's most likely that you need to create one for User Defined VPNs called UserDefined. You should place all of your files in this directory and they will be picked up and copied to the right place. They will also persist across upgrades as well.