Bug: PIA OpenVPN UDP ports 1197/1198 no longer working – servers now require different ports (e.g. 8080) #3046
Description
Is this urgent?
Yes
Host OS
Arch Linux
CPU arch
x86_64
VPN service provider
Private Internet Access
What are you using to run the container
Kubernetes
What is the version of Gluetun
Running version latest built on 2025-11-26T13:47:08.821Z (commit c25c9f6)
What's the problem 🤔
Hello,
it appears that Private Internet Access (PIA) has changed or deprecated the previously documented OpenVPN ports,
particularly UDP/TCP 1197 and 1198, which are no longer working for many servers.
By inspecting the current PIA server metadata (server JSON), OpenVPN now seems to use the following ports instead:
{
"groups": {
"ovpntcp": [
{ "name": "openvpn_tcp", "ports": [80, 443, 853, 8443] }
],
"ovpnudp": [
{ "name": "openvpn_udp", "ports": [8080, 853, 123, 53] }
],
"meta": [
{ "name": "meta", "ports": [443, 8080] }
],
"wg": [
{ "name": "wireguard", "ports": [1337] }
],
"ikev2": [
{ "name": "ikev2", "ports": [500, 4500] }
],
"proxyss": [
{ "name": "shadowsocks", "ports": [443] }
],
"proxysocks": [
{ "name": "socks", "ports": [1080] }
]
}
}Observed behavior:
- OpenVPN UDP connections on port 1197 no longer work for many PIA servers.
- Connections fail or time out when using these legacy ports.
- Switching OpenVPN UDP to port 8080 (tested, DE Frankfurt) restores connectivity.
- This suggests that Gluetun may still be relying on outdated default ports for PIA OpenVPN.
Expected behavior:
Gluetun should:
- Use the ports provided by the current PIA server JSON metadata, or
- Update default OpenVPN port handling for PIA, especially for UDP connections.
Impact:
This currently causes OpenVPN connections to fail for multiple PIA regions unless a non-default port
(e.g. 8080/UDP) is manually configured.
Quick workaround:
As a temporary workaround, OpenVPN can be forced to use a working port by explicitly setting the endpoint port in Gluetun, for example:
OPENVPN_ENDPOINT_PORT=8080
Using UDP port 8080 restores connectivity for affected PIA servers where the legacy ports (1197/1198) no longer work.
Share your logs (at least 10 lines)
2025-12-12T21:08:41+01:00 INFO [dns] using plaintext DNS at address 1.1.1.1
2025-12-12T21:08:41+01:00 INFO [http server] http server listening on [::]:8001
2025-12-12T21:08:41+01:00 INFO [healthcheck] listening on 127.0.0.1:9999
2025-12-12T21:08:41+01:00 INFO [firewall] allowing VPN connection...
2025-12-12T21:08:41+01:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2025-12-12T21:08:41+01:00 INFO [openvpn] library versions: OpenSSL 3.3.5 30 Sep 2025, LZO 2.10
2025-12-12T21:08:41+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.233.216.135:1197
2025-12-12T21:08:41+01:00 INFO [openvpn] UDPv4 link local: (not bound)
2025-12-12T21:08:41+01:00 INFO [openvpn] UDPv4 link remote: [AF_INET]84.233.216.135:1197
2025-12-12T21:09:11+01:00 INFO [healthcheck] program has been unhealthy for 30s: restarting VPN (healthcheck error: dialing: dial tcp4: lookup cloudflare.com on 1.1.1.1:53: write udp 10.42.2.103:56846->1.1.1.1:53: write: operation not permitted)
2025-12-12T21:09:11+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2025-12-12T21:09:11+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2025-12-12T21:09:11+01:00 INFO [vpn] stopping
2025-12-12T21:09:11+01:00 INFO [vpn] starting
2025-12-12T21:09:11+01:00 INFO [firewall] allowing VPN connection...
2025-12-12T21:09:11+01:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2025-12-12T21:09:11+01:00 INFO [openvpn] library versions: OpenSSL 3.3.5 30 Sep 2025, LZO 2.10
2025-12-12T21:09:11+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.233.216.214:1197
2025-12-12T21:09:11+01:00 INFO [openvpn] UDPv4 link local: (not bound)
2025-12-12T21:09:11+01:00 INFO [openvpn] UDPv4 link remote: [AF_INET]84.233.216.214:1197
2025-12-12T21:09:46+01:00 INFO [healthcheck] program has been unhealthy for 35s: restarting VPN (healthcheck error: dialing: dial tcp4: lookup cloudflare.com on 1.1.1.1:53: write udp 10.42.2.103:52050->1.1.1.1:53: write: operation not permitted)
2025-12-12T21:09:46+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2025-12-12T21:09:46+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2025-12-12T21:09:46+01:00 INFO [vpn] stopping
2025-12-12T21:09:46+01:00 INFO [vpn] starting
2025-12-12T21:09:46+01:00 INFO [firewall] allowing VPN connection...
2025-12-12T21:09:46+01:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2025-12-12T21:09:46+01:00 INFO [openvpn] library versions: OpenSSL 3.3.5 30 Sep 2025, LZO 2.10
2025-12-12T21:09:46+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.233.216.129:1197
2025-12-12T21:09:46+01:00 INFO [openvpn] UDPv4 link local: (not bound)
2025-12-12T21:09:46+01:00 INFO [openvpn] UDPv4 link remote: [AF_INET]84.233.216.129:1197
2025-12-12T21:10:26+01:00 INFO [healthcheck] program has been unhealthy for 40s: restarting VPN (healthcheck error: dialing: dial tcp4: lookup cloudflare.com on 1.1.1.1:53: write udp 10.42.2.103:49171->1.1.1.1:53: write: operation not permitted)
2025-12-12T21:10:26+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2025-12-12T21:10:26+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2025-12-12T21:10:26+01:00 INFO [vpn] stopping
2025-12-12T21:10:26+01:00 INFO [vpn] starting
2025-12-12T21:10:26+01:00 INFO [firewall] allowing VPN connection...
2025-12-12T21:10:26+01:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2025-12-12T21:10:26+01:00 INFO [openvpn] library versions: OpenSSL 3.3.5 30 Sep 2025, LZO 2.10
2025-12-12T21:10:26+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.233.216.214:1197
2025-12-12T21:10:26+01:00 INFO [openvpn] UDPv4 link local: (not bound)
2025-12-12T21:10:26+01:00 INFO [openvpn] UDPv4 link remote: [AF_INET]84.233.216.214:1197
2025-12-12T21:11:11+01:00 INFO [healthcheck] program has been unhealthy for 45s: restarting VPN (healthcheck error: dialing: dial tcp4: lookup cloudflare.com on 1.1.1.1:53: write udp 10.42.2.103:51843->1.1.1.1:53: write: operation not permitted)
2025-12-12T21:11:11+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2025-12-12T21:11:11+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2025-12-12T21:11:11+01:00 INFO [vpn] stopping
2025-12-12T21:11:11+01:00 INFO [vpn] starting
2025-12-12T21:11:11+01:00 INFO [firewall] allowing VPN connection...
2025-12-12T21:11:11+01:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2025-12-12T21:11:11+01:00 INFO [openvpn] library versions: OpenSSL 3.3.5 30 Sep 2025, LZO 2.10
2025-12-12T21:11:11+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.233.216.188:1197
2025-12-12T21:11:11+01:00 INFO [openvpn] UDPv4 link local: (not bound)
2025-12-12T21:11:11+01:00 INFO [openvpn] UDPv4 link remote: [AF_INET]84.233.216.188:1197
2025-12-12T21:12:01+01:00 INFO [healthcheck] program has been unhealthy for 50s: restarting VPN (healthcheck error: dialing: dial tcp4: lookup cloudflare.com on 1.1.1.1:53: write udp 10.42.2.103:41316->1.1.1.1:53: write: operation not permitted)
2025-12-12T21:12:01+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2025-12-12T21:12:01+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2025-12-12T21:12:01+01:00 INFO [vpn] stopping
2025-12-12T21:12:01+01:00 INFO [vpn] starting
2025-12-12T21:12:01+01:00 INFO [firewall] allowing VPN connection...
2025-12-12T21:12:01+01:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2025-12-12T21:12:01+01:00 INFO [openvpn] library versions: OpenSSL 3.3.5 30 Sep 2025, LZO 2.10
2025-12-12T21:12:01+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.233.216.135:1197
2025-12-12T21:12:01+01:00 INFO [openvpn] UDPv4 link local: (not bound)
2025-12-12T21:12:01+01:00 INFO [openvpn] UDPv4 link remote: [AF_INET]84.233.216.135:1197
2025-12-12T21:12:56+01:00 INFO [healthcheck] program has been unhealthy for 55s: restarting VPN (healthcheck error: dialing: dial tcp4: lookup cloudflare.com on 1.1.1.1:53: write udp 10.42.2.103:58004->1.1.1.1:53: write: operation not permitted)
2025-12-12T21:12:56+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2025-12-12T21:12:56+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2025-12-12T21:12:56+01:00 INFO [vpn] stopping
2025-12-12T21:12:56+01:00 INFO [vpn] starting
2025-12-12T21:12:56+01:00 INFO [firewall] allowing VPN connection...
2025-12-12T21:12:56+01:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2025-12-12T21:12:56+01:00 INFO [openvpn] library versions: OpenSSL 3.3.5 30 Sep 2025, LZO 2.10
2025-12-12T21:12:56+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.233.216.157:1197
2025-12-12T21:12:56+01:00 INFO [openvpn] UDPv4 link local: (not bound)
2025-12-12T21:12:56+01:00 INFO [openvpn] UDPv4 link remote: [AF_INET]84.233.216.157:1197
2025-12-12T21:13:56+01:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (healthcheck error: dialing: dial tcp4: lookup cloudflare.com on 1.1.1.1:53: write udp 10.42.2.103:40073->1.1.1.1:53: write: operation not permitted)
2025-12-12T21:13:56+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2025-12-12T21:13:56+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2025-12-12T21:13:56+01:00 INFO [vpn] stopping
2025-12-12T21:13:56+01:00 INFO [vpn] starting
2025-12-12T21:13:56+01:00 INFO [firewall] allowing VPN connection...
2025-12-12T21:13:56+01:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2025-12-12T21:13:56+01:00 INFO [openvpn] library versions: OpenSSL 3.3.5 30 Sep 2025, LZO 2.10
2025-12-12T21:13:56+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.233.216.157:1197
2025-12-12T21:13:56+01:00 INFO [openvpn] UDPv4 link local: (not bound)
2025-12-12T21:13:56+01:00 INFO [openvpn] UDPv4 link remote: [AF_INET]84.233.216.157:1197
2025-12-12T21:14:56+01:00 WARN [openvpn] TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
🚒🚒🚒🚒🚒🚨🚨🚨🚨🚨🚨🚒🚒🚒🚒🚒
That error usually happens because either:
1. The VPN server IP address you are trying to connect to is no longer valid 🔌
Check out https://github.com/qdm12/gluetun-wiki/blob/main/setup/servers.md#update-the-vpn-servers-list
2. The VPN server crashed 💥, try changing your VPN servers filtering options such as SERVER_REGIONS
3. Your Internet connection is not working 🤯, ensure it works
4. Something else ➡️ https://github.com/qdm12/gluetun/issues/new/choose
2025-12-12T21:14:56+01:00 INFO [openvpn] TLS Error: TLS handshake failed
2025-12-12T21:14:56+01:00 INFO [openvpn] SIGTERM received, sending exit notification to peer
2025-12-12T21:14:56+01:00 INFO [openvpn] SIGTERM[soft,tls-error] received, process exiting
2025-12-12T21:14:56+01:00 INFO [vpn] retrying in 15s
2025-12-12T21:15:01+01:00 INFO [healthcheck] program has been unhealthy for 1m5s: restarting VPN (healthcheck error: dialing: dial tcp4: lookup cloudflare.com on 1.1.1.1:53: write udp 10.42.2.103:49952->1.1.1.1:53: write: operation not permitted)
2025-12-12T21:15:01+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2025-12-12T21:15:01+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2025-12-12T21:15:11+01:00 INFO [firewall] allowing VPN connection...
2025-12-12T21:15:11+01:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2025-12-12T21:15:11+01:00 INFO [openvpn] library versions: OpenSSL 3.3.5 30 Sep 2025, LZO 2.10
2025-12-12T21:15:11+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.233.216.155:1197
2025-12-12T21:15:11+01:00 INFO [openvpn] UDPv4 link local: (not bound)
2025-12-12T21:15:11+01:00 INFO [openvpn] UDPv4 link remote: [AF_INET]84.233.216.155:1197