Hello,
I just bought ProtonVPN because I want to use a VPN that supports port forwarding.
However, I’ve noticed that whenever I reconnect to the same server, a new port is assigned. So, do I need to update the port in qBittorrent every time I start my computer, since ProtonVPN assigns a new port each time?
I’m also wondering if I need to add this port to my router as well. It seems a bit inconvenient to copy the port, paste it into qBittorrent, log in to my router, and open this port every time I start my computer.
Yes, the port changes every time you connect to the VPN, so you need to make that change in qBittorent. On Linux, and probably OSX, it’s not too difficult to make an automatic solution that reads the forwarded port and sets the listening port in qBittorrent. I have no idea how it works on Windows.
Pretty sure you don’t need to touch your router, but I would test that, just to be sure. For example by using https://canyouseeme.org
How can I see the forwarded port? I use Linux and OpenVPN and I have no idea how I would find this.
I ask because qBittorrent with ProtonVPN on Manjaro Linux is not working for me at all. I have been trying a server that is marked with the P2P symbol. I configured qBittorrent to connect solely to the VPN tunnel. I just get the no incoming connections warning.
Version 1.5 of Quantum is quite stable, I haven’t found any bugs in it yet.
As for the UPnP you should turn this off in qBittorrent if you are using a VPN, I don’t think it will cause an issue if you leave it on, but VPNs don’t support UPnP so that’s why I’m suggesting it should be disabled.
And remember to bind your VPN to qBittorrent, a quick google search will show you how to do this.
I pasted my own personal script below as inspiration, but you have to change it to your needs. I’m only forwarding the TCP port and storing the port number in the file /home/p2p/.forwarded_port. You should most likely change this. The iptables lines are for opening a port in my firewall and requires the VPN interface to be called proton. They’re not necessary if you don’t run a firewall.
#!/bin/bash
while true
do
tcp_port=$(natpmpc -a 1 0 tcp 60 -g 10.2.0.1 | grep "Mapped public" | awk '{print $4}')
echo "${tcp_port}" > /home/p2p/.forwarded_port
if ! iptables --check INPUT -i proton -p tcp --dport "${tcp_port}" -j ACCEPT
then
iptables -A INPUT -i proton -p tcp --dport "${tcp_port}" -j ACCEPT
fi
sleep 45
done
You can then write a simple script that launches qbittorrent with the port number, provided it can set the port number with a command line argument, which I think it can
It should work if that command line option exists, but I don’t use qbittorrent.
Ideally you want the port forwarding to be launched automatically when you start the VPN. I have code for that, but it’s written for a system running OpenRC.
!/bin/bash
set -x
while true
do
date
natpmpc -a $$$$$ $$$$$ udp 60 -g #.#.#.#
natpmpc -a $$$$$ $$$$$ tcp 60 -g #.#.#.#
sleep 45
done
For the above, the #.#.#.# is the gateway being used by natpmpc, which as I’ve found doesn’t change.
Just enter into the console: natpmpc
The second line will be:
using gateway : #.#.#.#
Just put whatever it says the gateway is into the script above in both places.
For the four $$$$$, this is the port you want to bind. So say if you’re using a torrent client, and you want to listen on port 12345, just put 12345 in all 4 places. Yes it’s the same for all 4. For instance in my example the first line would be:
natpmpc -a 12345 12345 udp 60 -g 10.1.0.0
Once both files are in place, do the following:
sudo systemctl daemon-reload
sudo systemctl enable (((NAME OF SERVICE))).service
sudo systemctl start (((NAME OF SERVICE))).service
Then just confirm it’s running ok with: sudo systemctl status (((NAME OF SERVICE))).service
mate, this post is gold and I’ll be using your scripts for inspiration for sure.
question for you - how often do you find that the port number changes? I assume basically any time the connection drops/reconnects? I’m with AirVPN atm and it has static port config so I’ve never had to worry about this, but with proton I’m going to need to automate the updating of the port in both iptables and in qbittorrent.
It only changes on reboot, as far as I’ve seen. I run the VPN on my home server which is up 24/7, and even after months of uptime I haven’t seen the port number change while the server was running.
I’ve finally got around to writing my scripts, and I’ve essentially created a secondary shell script to grab the port from .forwarded_port, grab the qbittorrent port via API pull, compare the 2, and set the new port in qbittorrent via API if it’s changed (and also update my iptables rules).
I opted to schedule this script hourly in cron rather than making it part of the 45 second loop. worst case, my qbit instance has the wrong forwarded port for an hour - and I’m okay with that.
dude that’s great to hear - because that’s exactly what I was expecting, and I’m running a similar setup. VPN running 24/7 in a proxmox LXC, and I have my torrent client connect via that LXC as its gateway. So my downtime will be minimal, and restarts only once every few months.
Thanks for your help mate, I’ll be using your scripts for sure. But because my torrent client runs on a separate LXC to the VPN, I’ll need to see if I can change the port via API but I’ll figure it out when I have some time to sit down and play with it - but good to know that I shouldn’t really expect the port to change unexpectedly in the short term.