Long shot, but Gluetun with Hotspot Shield VPN?

VPN
1

Given I’ve tried googling this question and can’t find anything very meaningful, this is a long shot - but has anyone got Hotspot Shield VPN working with Gluetun? It’s not one of Gluetun’s listed providers which is surprising as it’s fairly widely-used.

I have a free Hotspot premium account that I got as part of Dashlane premium, but I’m also paying for Mullvad just to use with Gluetun, which seems like an unecessary expense given I already have one that works fine.

Any pointers or knowledge on how to make it work? There’s only been a single conversation about it on the Gluetun GH and it seems to be a bit tricky to make work for some reason.

2

So I managed to do it for me, you need to create a new router password and username in your Hotspot Shield VPN (you’ll find it in the web account access not in the app) and it will give you a OpenVPN file configuration.
Then if I remember correctly if just a custom VPN configuration in Gluetun.

3

hello

Did anyone have any luck with this? I’m also at a road block with hotspot on gluetun. :frowning:

4

What part of this is self hosted?

5

Seems like you already know got to configure it. It’s just a broken implementation on either gluetun or HS

6

I’ll try to find the details !

7

I think that any provider works with gluetun as long as you have a .ovpn config file, username and password.

8

Have you ever figured it out? I am struggling with a “certificate verify failed” error on the way

9

oh amazing, thanks! if you get a chance to dig out the details i’d hugely appreciate it

10

well, gluetun is self-hosted, and i want to try and make this work for use on my other self-hosted services

11

oh that GH thread isn’t me, i just found it and didn’t really understand most of it

12

i haven’t tried it yet but i will when i get a chance

13

You can use this page on the wiki to help you : https://github.com/qdm12/gluetun-wiki/blob/main/setup/openvpn-configuration-file.md

After some digging on my install I may have given you a bad info you don’t need to remove anything in the conf file (I removed it on the original post).

14

It’s a dockerized VPN CLIENT, right?

15

In case you’re also coming here from search, these worked for me:

vpn.ovpn - OpenVPN config file: (replace $host_ip with the IP of the hostname there to avoid DNS resolution tries)

client
dev tun
proto udp
remote $host_ip 8041
resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
remote-cert-tls server
auth sha256
verb 3
pull-filter ignore "connection-reset"
pull-filter ignore "route-ipv6"
pull-filter ignore "ifconfig-ipv6"
pull-filter ignore "ping"
pull-filter ignore "ping-restart"
pull-filter ignore "ping-exit"
auth-user-pass

(rest of the certification data follows)

config.toml - Gluetun Auth file (in my config dir under the directory gluetun/auth):

[[roles]]
name = "admin"
routes = ["GET /v1/openvpn/status", "PUT /v1/openvpn/status", "GET /v1/openvpn/portforwarded", "GET /v1/publicip/ip"]
auth = "none"

Docker compose: (replace $username, $password and dns_servers with yours - I have my own DNS as you see below)

services:
  gluetun:
    container_name: gluetun
    image: qmcgaw/gluetun:latest
    restart: unless-stopped
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    volumes:
      - ${CONFIGDIR}/vpn.ovpn:/gluetun/custom.conf:ro
      - ${CONFIGDIR}/gluetun/auth:/gluetun/auth:ro
    environment:
      - VPN_SERVICE_PROVIDER=custom
      - VPN_TYPE=openvpn
      - OPENVPN_CUSTOM_CONFIG=/gluetun/custom.conf
      - OPENVPN_USER=$username
      - OPENVPN_PASSWORD=$password
      - OPENVPN_CUSTOM_ARGUMENTS=--pull-filter ignore connection-reset --pull-filter ignore route-ipv6 --pull-filter ignore ifconfig-ipv6 --auth-nocache
      - DOT=off
      - DNS_SERVERS=192.168.100.105,192.168.100.205
      - FIREWALL=on
      - FIREWALL_DEBUG=off
      - FIREWALL_VPN_INPUT_PORTS=8041
      - FIREWALL_OUTBOUND_SUBNETS=192.168.100.0/24
      - HEALTH_TARGET_ADDRESS=192.168.100.105:53
      - HEALTH_VPN_WAIT_DURATION=60s
      - HTTP_CONTROL_SERVER_LOG=on
    ports:
      - "8000:8000"

After this, I can go to http://hostname:8000/v1/publicip/ip and verify that I got a valid public IP. Thanks for everyone in the threads of this post and Claude AI for debugging help. Hope these will help someone else too in the future.