Hi everyone!
I previously contacted NordVPN support regarding this issue with no assistance, so I was hoping someone out there would be able to help.
I had my RPi4 running for over a year now with Nordvpn set to autoconnect to an obfuscated server (via Wi-Fi connection from a router) whenever the RPi was powered on, and share connection via ethernet to whatever device/devices I had connected on the other end. This setup was pretty difficult for me to figure out in the first place, but it was the only thing that worked for me.
i used the following single command saved in my /etc/rc.local file:
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
and that seemed to work perfectly.
Until this evening, when NordVPN wasn’t connecting anymore and I had to update it - following the instructions on the official NordVPN page, I updated the version and I had issues logging in. I now needed to log in using a token, which I found different, but I got on with it and managed to log in.
However, I needed to manually change some settings in order to access the obfuscated servers - again no issue.
However, now I can’t seem to get the ‘sharing’ of the connection working.
I noticed that the network interface related to nordvpn was no longer tun0 but is now called “nordtun” - so i tried replace tun0 to nordtun in my iptables bit, but still nothing. I can see the Pi is connected to the obfuscated server, and I can ping 8.8.8.8 , but I just can’t for the life of me figure out what else changed to break my ‘internet sharing’.
Any advice, or experience would be greatly appreciated!
Sounds like I have a similar setup to you, although I needed a lot of help to get mine setup. I think I had this a while ago and I just changed tun0 to nordtun and it worked…
Have you ever managed to get the nordlynx connections working? I can connect fine through open vpn on the app but nordlynx never outputs any Internet for me.
I did switch it from tun0 to nordtun and still nothing for me unfortunately.
I haven’t tried with nordlynx since I think I need to use OpenVPN for connections to obfuscated servers.
I wish I checked what version of nordvpn i was on before the update.
But it seemed like it wasnt allowing me to connect to any nordvpn servers anymore so i thought maybe that version was depreciated or something.
It was definitely a version earlier than 3.15.5 since that was the last version that allowed username and password log-in through the terminal.
so in order to pass the vpn ‘nordtun’ connection through to ethernet, i should run nordvpn allowlist remove all? - I don’t mind ssh access since I will normally connect a keyboard and mouse if any changes need to be made
If you don’t find a solution then message me in a few weeks and I can try and check my settings. I’m on holidays currently so have no access to my box
thanks mate - I’m going to spend the day trying to figure it out and if i still can’t I’ll let you know.
I’m not entirely sure what you mean here.
I just tested by running nordvpn allowlist remove all and there was no change to the devices connected to my raspberrypi.
The raspberrypi itself is connected to the correct nordvpn server and I can ping 8.8.8.8 however, I can’t manage to get the RPi to share it with my devices via ethernet.
I downgraded to 3.15.5 and still can’t get it to work. Not sure what changed that is causing this issue for me at the moment.
Apologies if I’m missing something - I’m very much a beginner.
thanks! any help is super appreciated! I’ll try rolling back even further to 3.14.2 to test.
Just on my phone at the mo, but can take a look at a few more settings when at my laptop layer to help.
I remember having a similar issue caused by a change in NordVPN changing the way network connection sharing worked when they brought in LAN Discovery.
Here are the settings that work for me (grabbed from a quick ssh from my phone). Your iptables may need modifying too, as you mention regards your tun vs nordvpntun. BTW, if you’re connecting via NordLynx rather than OpenVPN, your tunnel will be nordlynx not nordtun:
Technology: NORDLYNX
Firewall: enabled
Firewall Mark: 0xe1f1
Routing: enabled
Analytics: disabled
Kill Switch: disabled
Threat Protection Lite: disabled
Notify: enabled
Auto-connect: disabled
IPv6: disabled
Meshnet: disabled
DNS: disabled
LAN Discovery: enabled
Allowlisted ports:
22 (UDP|TCP)
445 (UDP|TCP)
The port allow list is for me to use DNS and SMB locally.
I have a few things disabled like killswitch and threat protection as I manage that via other means in my setup.
I think the main thing is you want LAN discovery enabled to allow connected devices to share the connection. I’ll try and dig out the threads I was discussing similar issues previously. I’m now running the latest version of NordVPN with no issues.
Thanks to u/pennyhoard20 for helping get my issue solved 
Here is my thread dealing with a similar issue
https://www.reddit.com/r/nordvpn/s/2iY2p2ZFav
THANK YOU SO MUCH MANAGED TO GET IT TO WORK FINALLY -
Whitelisting the subnet (LAN Discovery) was the issue.
Thank you u/pennyhoard20 and u/MouseboyFPGA!
Glad you got it sorted, credit to u/pennyhoard20, I just documented thr findings 
Umm. The two changes I made were, I ended up whitelisting the subnet and changing the iptables.
nordvpn whitelist add subnet 192.168.4.0/24
This finally allowed the devices to access the internet.
My iptables had to change from tun0 to nordtun
Happy new year mate!
It’s on 3.15.5 since I rolled back.
Yep- My devices have the VPN IP!
