Arch Linux User Repository

"Please, do not flag this package as out-of-date until there's the official release on Github page."

"Maybe the announcement is delayed, but wait for some other possible forward release, which is patching the previous one before the actual publishing."

Note from 3.19.1:

The repository's hierarchy has been updated and a slightly divergence comes with it. It was from:

/debian/pool/main

To now as:

/debian/pool/main/n/nordvpn

Any previous commits you may like to try in the future will need a manual mediation to replace old links in favor of the new ones.

Note from 3.19.0:

This version introduces new libraries being used by NordVPN. I have created symbolic links and committed a patch for it not interposing with already existing libraries (like sqlite3). Although this is not a big deal, If you, however, upgraded nordvpn-bin before the fix and noticed some library-related issue from sqlite lately, I suggest reinstalling the affected package.

Note from 3.17.4v:

The previous bug exposing DNS servers is fixed.

Note from 3.17.3v:

Caution! This version needs heed while using it and should be avoided. I strongly advice downgrading to 3.17.2 and wait for a new version or patching. Some big problems are:

• There's DNS leak present. Your original ISP servers can be exposed, as reported already on #343 issue.

• Unable to connect on nordvpn servers. Your journal might show the follow output: networker setting dns: setting dns with resolvectl: setting dns with resolvectl: Failed to set DNS configuration: Could not activate remote peer: activation request failed: unknown unit.: exit status 1

  After restarting resolve with systemctl restart systemd-resolved.service you may get it working again, enough for connecting normally, as reported, but not exclusively an ARM platform issue, on #342.

Also huge thanks for the community warnings in prior comments before I could've noticed all.

Note from 3.16.2v:

As the published note from the version above has mentioned on Github's page:

• Logging in with a username and password is no longer available in the terminal.

Please, consider using a token to logging in from now on.

Note from 3.16.0v:

The 'countries.dat' may differ between versions. Be aware to remove the file before upgrading the package.

If you're seeing the message "Daemon is unreachable, is systemd running?", then one of two things is probably happening.

The nordvpn daemon might not be started
Start it using:
sudo systemctl enable --now nordvpnd

You might not have been added to the nordvpn group
Add yourself:
sudo gpasswd -a USERNAME nordvpn
And then restart in order for the group to be created:
reboot

@ludaval - This package is not out of date. 3.6.0-3 is the most recent version in the nordvpn debian repo. I am also not seeing the error having just installed.

Is anybody facing random disconnections on an eduroam connection when auto connect is enabled in the settings ? Turning off auto connect completely eliminates the frequent disconnection. Anybody ?

*It behaves the same after the fresh install.

Edit: I found the reason for this issue while running strace on nordvpn client. I had a local proxy server configured on my Arch system using /etc/environment. The trace showed that the client was accessing this proxy server for even the 'login' command. I removed these variables from my environment file, restarted the OS and the client started working.

Hi, I tried the nordvpn-bin and I am getting the error message "Whoops! Cannot reach System Daemon.". I tried building different versions of the AUR package, but none of it works. I did a clean install, restarted, etc. Also, yes, I did start the systemd service. I tried the Linux CLI tool with Ubuntu and it worked without any issues.

Does anyone know what this is really about? I have my nordvpn service running and socket listening.

Hi metils. I have noticed some hickups with the last 2 updates. The previous update openvpn stopped working and wireguard did. However, with this update nordlynx (wireguard) has stopped working and openvpn does.

Note: that there was an update with the kernel linux and linux-lts and wireguard-arch and wireguard-lts. The problem could be there.

I am curious if you might know why? thanks

UPDATE: it works now. I just had to reinstall and remove the ./config/nordvpn file.

I still have problems with iptables and killswitch even with the latest version. To fix i disbled killswitch.

Hey metiis, let me know if you could use another co-maintainer. Updated PKGBUILD to 3.6.0_2 and updpkgsums. Updated on my local machine, tested, and new ver works well. Happy to help keep this AUR pkg up to date if you could use a hand.

Cheers, Jay.

@doctorcolossus my problem was that ther was no sysctl script for the binary.

So I downloaded the *.deb file extractet in a folder with

1. ar xv nordvpn_3.5.0-2_amd64.deb

now there should be a file named data.tar.xz that you have to extract with

1. tar -xvf data.tar.xz

the next step is got to the /etc/init.d folder of the extracted file and copy the file named nordvpn to your /etc/system.d/system folder

1. cd /etc/init.d
2. sudo cp nordvpn /etc/system.d/system/nordvpn.service
3. systemctl enable nordvpn.service
4. systemctl start nordvpn.service

Now should be able to login with nordvpn login.

Had the same problem as wassup but only on one machine. The difference is the killswitch setting. Enabling killswitch destroys existing iptables and sets the policies to DROP and only allows DNS traffic and traffic to their CDN. This squashes my other iptables settings (seriously, NordVPN?!) making killswitch not viable anymore.

Third option that worked for me other than manually setting the policy to ACCEPT or downgrading is disabling killswitch

I noticed that after loss/re-establish of network connection (or suspend/resume cycle) the DNS settings were NOT restored by nordvpnd, leading to a DNS leak to whatever DNS servers are configured/used in non-VPN state. I investigated, and found:

nordvpn set technology openvpn

If openresolv is being used on the machine, then DNS settings are NOT restored on auto-reconnect. It is necessary to do 'nordvpn disconnect' and 'nordvpn connect' again to restore them.

If systemd-resolved is enabled (see https://wiki.archlinux.org/index.php/Systemd-resolved) and configured to use the stub resolver (ln -s /run/systemd/resolve/stub-resolv.conf) then DNS settings are correctly restored. nordvpnd is aware of the network connection status and performs an automatic reconnect.

The reason for the above behaviour I guess is because the .deb file used is designed for/tested on Ubuntu, which uses systemd-resolved by default.

nordvpn set technology nordlynx

If the nordlynx/wiregard technology is used the DNS settings are NOT restored after suspend/resume or network disconnect/reconnect. In nordlynx mode, nordvpnd seems not aware of network status and does not perform a reconnect. This applies both on Arch and an Ubuntu VM I used for testing.

In short if using nordvpn-bin, best use openvpn and systemd-resolved, otherwise if you forget to manually disconnect/reconnect nordvpn (for example after a suspend/resume) all DNS queries will be leaked outside the tunnel.

The newest update (3.5.0-2) seems to mess up the iptables rules once the nordvpnd.service is enabled via systemctl. The default behaviour is changed to -P INPUT DROP and -P OUTPUT DROP, thus dropping all the IPv4 in and out traffic. Only IPv6 works as it should in this scenario.

There are two solutions to this problem:

1. Either automatically or manually execute the following:

# iptables -P INPUT ACCEPT
# iptables -P OUTPUT ACCEPT

2. Or, downgrade the nordvpn-bin package to version 3.4.0_1-1.