Page 1 of 2

OpenVPN - Configure Client Manually

Posted: Sun Jun 04, 2017 9:11 pm
by ispyisail
Hi all

When trying to configure the client manually it won't let me create a config file.

Image

I get this error

Image

Re: OpenVPN - Configure Client Manually

Posted: Mon Jun 05, 2017 2:39 am
by ispyisail
After some thought the best way would be to import a Gargoyle OpenVPN config file then manually edit from there.

I guess that's why it says "configure" and not "create"

The word "configure" probably should be changed to "edit"?

Re: OpenVPN - Configure Client Manually

Posted: Thu Aug 31, 2017 11:21 am
by pouilld
Hi,
I have found a way to confiture an OPENVPN client for a VPN provider (VyprVPN) and I think that the procedure I have used could be applied to other VPN providers.

The problem is due to the fact that Gargoyle OPENVPN client has been implemented "mainly" for connecting to another Gargoyle OPENVPN SERVER using a client certificate and a client key (this explain the "config file missing" error when trying to configure a VPN provider using a traditional userid/password connection scheme.

The workaround is to use a Gargoyle previously created client certificate and key (which will NOT be used by OPENVPN) to comply with Gargoyle configuration screen and override Gargoyle OPENVPN configuration commands by those of the VPN provider.

The procedure is as follow:
  1. create (if not already done) a GARGOYLE OPENVPN server configuration to obtain a Gargoyle OPVPN client configuration file containing a valid client certificate and key.
    Download the corresponding zipped folder from Gargoyle and unzip it.
  2. obtain from your VPN provider the "OVPN" folder required to access their server, and extract from this folder

    - the OPENVPN client configuration commands
    - the CA certificate of the VPN provider (from -----BEGIN CERTIFICATE----- to -----END CERTIFICATE-----)
  3. create (SSH or WINSCP) in the /etc/openvpn/ directory a auth.txt file containing the user identification on the first line and the associated password on the second line)
  4. on the GARGOYLE OPENVPN Client configuration screen :
    - select the manual configuration option
    - enter the Gargoyle mandatory fields (server, port, protocol,cipher) and select the appropriate non-openvpn traffic option
    - copy and paste in the configuration field the OPENVPN commands from your VPN provider obtained in step 2 (they will overwrite those previously set by Gargoyle)
    - add or update the following command :
    auth-user-pass /etc/openvpn/auth.txt
  5. copy and paste the VPN provider CA certificate in the CA certificate field
  6. from the xxxx.crt file in the openvpn-credentials unziped folder obtained in step 1 extract the client certificate value (from -----BEGIN CERTIFICATE----- to -----END CERTIFICATE-----) and paste it in the "client certificate" field
  7. from the xxxx.key file in the openvpn-credentials folder obtained in step 1 extract the client key (from -----BEGIN PRIVATE KEY----- up to -----END PRIVATE KEY-----) and paste it in the "client key" field
  8. uncheck the "Use TLS-Auth Key" option and save
    After a while, you should have the Openvpn status as "Running, Connected, IP: xxx.xxx.xxx.xxx"

Enjoy ...

Re: OpenVPN - Configure Client Manually

Posted: Sun Nov 24, 2019 3:45 pm
by snake218
Can someone explain me what user and password do you use in the auth.txt file? Router user password? Vpn user password??
EDIT: Answer myself, you need to put your vpn username password

Now I'm trying to figure out how allow a specific local ip through the router vpn

Re: OpenVPN - Configure Client Manually

Posted: Sun May 24, 2020 9:00 am
by ysy
pouilld wrote:
Thu Aug 31, 2017 11:21 am

uncheck the "Use TLS-Auth Key" option and save
After a while, you should have the Openvpn status as "Running, Connected, IP: xxx.xxx.xxx.xxx"
Thanks a lot. May I ask why must we uncheck the "Use TLS-Auth Key" option? The VPN service that I am trying to setup does provide such key.

Re: OpenVPN - Configure Client Manually

Posted: Sat Jan 23, 2021 7:37 pm
by mcp
The steps by pouilld worked for me on a gargoyle_1.12.0-ar71xx-generic-mynet-n750-squashfs-factory build with NordVPN. Thanks for documenting this all.

Per the instructions I added file' auth.txt' with my credentials from NordVPN account page into the router '/etc/openvpn/' directory.

I also ended up checking the 'Use TLS-Auth Key' box and added the key from NordVPN's .ovpn file for the server location.

Re: OpenVPN - Configure Client Manually

Posted: Sat Jan 23, 2021 8:49 pm
by Lantis
For your reference, 1.13 has support for this natively, and I use nordvpn just fine.

Re: OpenVPN - Configure Client Manually

Posted: Sun Jan 24, 2021 11:59 am
by mcp
Lantis wrote:
Sat Jan 23, 2021 8:49 pm
For your reference, 1.13 has support for this natively, and I use nordvpn just fine.
I have two routers (mynet-n600 and mynet-n750), both of which i just now successfully upgraded to 1.13 per forum thread: "1.13.0.x gargoyle-ispy 2020-September-07 00"

With version 1.13, it is a simple all-in-one process:
1) select "OpenVPN Client" from OpenVPN Configuration page
2) select "Upload Client Configuration File(s)" and upload .ovpn file from VPN provider
3) check "Use Auth User/Pass" and enter creds from VPN provider
4) add VPN Custom DNS Servers on the Connection > Basic page

The only doubt I had was when first saving the OpenVPN setting, the "Please Wait While Settings Are Applied" message persisted. After about 10 mins, i opened a new window to see that the VPN server was connected. At that point I rebooted, and now i am able to enter just a new server IP in the "OpenVPN Server Address" field to switch among various NordVPN locations.

Brilliant work Lantis and devs, thank you!

Re: OpenVPN - Configure Client Manually

Posted: Wed Jun 16, 2021 11:32 am
by Magellan
Lantis wrote:
Sat Jan 23, 2021 8:49 pm
For your reference, 1.13 has support for this natively, and I use nordvpn just fine.
Hello MCP,

I use NordVPN too.
I have update my TP-Link Archer C7 Vers. 2 on version 1.13 succed.

But I can't login via OpenVPN, because Error Message with configurationfile.

Please can you tell me, whats the correct username and password?

Is it the username and password to login to NordVPN Backend (username = email) or is to enter username and the password specified in the section under NordVPN, both are very cryptic?

Re: OpenVPN - Configure Client Manually

Posted: Wed Jun 16, 2021 5:16 pm
by Lantis
Magellan wrote:
Wed Jun 16, 2021 11:32 am
Lantis wrote:
Sat Jan 23, 2021 8:49 pm
For your reference, 1.13 has support for this natively, and I use nordvpn just fine.
Hello MCP,

I use NordVPN too.
I have update my TP-Link Archer C7 Vers. 2 on version 1.13 succed.

But I can't login via OpenVPN, because Error Message with configurationfile.

Please can you tell me, whats the correct username and password?

Is it the username and password to login to NordVPN Backend (username = email) or is to enter username and the password specified in the section under NordVPN, both are very cryptic?
On your account dashboard there is a set of "service credentials". You should use these.