OpenVPN - Configure Client Manually

Report wireless and/or network connectivity problems in this forum.

Moderator: Moderators

Post Reply
ispyisail
Moderator
Posts: 4896
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

OpenVPN - Configure Client Manually

Post by ispyisail »

Hi all

When trying to configure the client manually it won't let me create a config file.

Image

I get this error

Image

ispyisail
Moderator
Posts: 4896
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: OpenVPN - Configure Client Manually

Post by ispyisail »

After some thought the best way would be to import a Gargoyle OpenVPN config file then manually edit from there.

I guess that's why it says "configure" and not "create"

The word "configure" probably should be changed to "edit"?

pouilld
Posts: 3
Joined: Mon Sep 28, 2015 12:18 pm

Re: OpenVPN - Configure Client Manually

Post by pouilld »

Hi,
I have found a way to confiture an OPENVPN client for a VPN provider (VyprVPN) and I think that the procedure I have used could be applied to other VPN providers.

The problem is due to the fact that Gargoyle OPENVPN client has been implemented "mainly" for connecting to another Gargoyle OPENVPN SERVER using a client certificate and a client key (this explain the "config file missing" error when trying to configure a VPN provider using a traditional userid/password connection scheme.

The workaround is to use a Gargoyle previously created client certificate and key (which will NOT be used by OPENVPN) to comply with Gargoyle configuration screen and override Gargoyle OPENVPN configuration commands by those of the VPN provider.

The procedure is as follow:

  1. create (if not already done) a GARGOYLE OPENVPN server configuration to obtain a Gargoyle OPVPN client configuration file containing a valid client certificate and key.
    Download the corresponding zipped folder from Gargoyle and unzip it.

  2. obtain from your VPN provider the "OVPN" folder required to access their server, and extract from this folder

    - the OPENVPN client configuration commands
    - the CA certificate of the VPN provider (from -----BEGIN CERTIFICATE----- to -----END CERTIFICATE-----)

  3. create (SSH or WINSCP) in the /etc/openvpn/ directory a auth.txt file containing the user identification on the first line and the associated password on the second line)

  4. on the GARGOYLE OPENVPN Client configuration screen :
    - select the manual configuration option
    - enter the Gargoyle mandatory fields (server, port, protocol,cipher) and select the appropriate non-openvpn traffic option
    - copy and paste in the configuration field the OPENVPN commands from your VPN provider obtained in step 2 (they will overwrite those previously set by Gargoyle)
    - add or update the following command :
    auth-user-pass /etc/openvpn/auth.txt

  5. copy and paste the VPN provider CA certificate in the CA certificate field

  6. from the xxxx.crt file in the openvpn-credentials unziped folder obtained in step 1 extract the client certificate value (from -----BEGIN CERTIFICATE----- to -----END CERTIFICATE-----) and paste it in the "client certificate" field

  7. from the xxxx.key file in the openvpn-credentials folder obtained in step 1 extract the client key (from -----BEGIN PRIVATE KEY----- up to -----END PRIVATE KEY-----) and paste it in the "client key" field

  8. uncheck the "Use TLS-Auth Key" option and save
    After a while, you should have the Openvpn status as "Running, Connected, IP: xxx.xxx.xxx.xxx"


Enjoy ...

snake218
Posts: 20
Joined: Wed Jan 28, 2015 6:59 pm

Re: OpenVPN - Configure Client Manually

Post by snake218 »

Can someone explain me what user and password do you use in the auth.txt file? Router user password? Vpn user password??
EDIT: Answer myself, you need to put your vpn username password

Now I'm trying to figure out how allow a specific local ip through the router vpn

ysy
Posts: 54
Joined: Sat Oct 28, 2017 12:24 pm
Location: Hong Kong !!

Re: OpenVPN - Configure Client Manually

Post by ysy »

pouilld wrote:
Thu Aug 31, 2017 11:21 am

uncheck the "Use TLS-Auth Key" option and save
After a while, you should have the Openvpn status as "Running, Connected, IP: xxx.xxx.xxx.xxx"
Thanks a lot. May I ask why must we uncheck the "Use TLS-Auth Key" option? The VPN service that I am trying to setup does provide such key.

Post Reply