I have a use case where I only want to use NordVPN for one single app on a Linux server. I figured the easiest way to do this was via HTTPS proxy, avoiding the need to deal with complex routing rules.
https://nordvpn.com/servers/tools/ lists some “HTTP Proxy (SSL)” servers, which sounds like just what I needed. However, I couldn’t get it working on port 443 - Their servers just instantly close the connection. The regular “HTTP Proxy” works fine, but it’s unencrypted which kinda defeats the purpose of even using NordVPN, and the username and password are sent over the internet in cleartext in that case.
I spoke to their live chat, and they said that they only support HTTPS proxies in their Firefox and Chrome browser extensions, and I could not use them outside of those extensions. They couldn’t elaborate as to why.
So I downloaded the browser extensions and looked at their code. It turns out the HTTPS proxies are running on port 89, not port 443. This is not documented on their site anywhere. I changed my app to use port 89 and it worked perfectly.
openssl s_client -connect us4353.nordvpn.com:89
CONNECTED(0000019C)
depth=2 C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA
verify return:1
depth=1 C = BE, O = GlobalSign nv-sa, CN = AlphaSSL CA - SHA256 - G2
verify return:1
depth=0 OU = Domain Control Validated, CN = *.nordvpn.com
verify return:1
...
My question is, can I rely on this, since it’s not officially documented? Is anyone else using NordVPN’s HTTPS proxies?
Thank you for revealing the port number. This has been extremely frustrating.
Thx for this. Works for me.
Hey, hope you are still reading this! Thanks for the work, what kind of server preferences do I need to use on their server picker to find a HTTPS server? I tried one server listes as “HTTP Proxy (SSL)” and one server listed as “HTTP Proxy” with port 89, both didn’t seem to work.
Not sure if the reason are my program settings or because I picked the wrong server.
Yeah it’s weird that it’s not documented!
Also, I believe you could make a separate interface for the VPN and manually connect individual processes to it, if whatever you’re using allows you to specify an interface.
I’m running in an LXD container, and NordVPN’s app is broken in LXC/LXD. This forum post is the same issue I hit, with no resolution: NordVPN in LXC UnPriv/Priv Container Doesn't Work - LXC - Linux Containers Forum. Apparently directly using OpenVPN with NordVPN’s config works fine, so maybe I’ll try that.
Since it’s undocumented, it’s likely to change unexpectedly without them having to A) worry about alerting customers or B) providing backwards compatibility (as they technically don’t support it).
Right, that makes sense. I find it really weird that they document how to use an unencrypted HTTP proxy, but not the HTTPS proxy. So strange.
this helped me too.
wasted a couple of days trying to get it working!
afaik its not documented anywhere.
Hey, your submission was automatically removed because your account does not meet our karma standards. Accounts must have a minimum of 100 combined karma to post in this subreddit. This rule is meant to improve the quality of posts being submitted while mitigating abuse from troll accounts.
I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.
“HTTP Proxy (SSL)” should work. Try connect to it using openssl (or just hit it on a browser) and see if that works?
openssl s_client -connect us4353.nordvpn.com:89
Note that you have to provide a username and password for the proxy to actually work. It’s NOT the one you use to log in to their site. If you log in to their site, it should show the proxy username and password somewhere in the account info.