OpenVPN Cyberghost

If your problem doesn't fall into one of the other categories, report it here.

Moderator: Moderators

Eddie9000
Posts: 6
Joined: Sun Oct 26, 2014 5:29 pm

OpenVPN Cyberghost

Post by Eddie9000 »

Hi folks,

I’m going on a vacation to spain and expect a free wifi for the whole apartment building. In order to have a secure internet access there I plan to set up a Client + AP mode.

My router: TP-Link WDR3600 Gargoyle 1.6.2

I already set up the Client + AP mode and it works fine with my wifi at home. The TOR connection works fine as well.

But I can’t set up an OpenVPN connection to Cyberghost (Premium Plus member).

“Error Parameters saved but OpenVPN failed to connect. Re-check your configuration.”

Your help is highly appreciated! Eddie

=======================================
Here is my set up:

I downloaded the ovpn file from my Cyberghost account:

https://support.cyberghostvpn.com/index ... -for-linux

Connection --> OpenVPN --> Configure Client Manually
client


remote ua-openvpn.cyberghostvpn.com 443
dev tun
proto udp
cipher AES-256-CBC
auth-user-pass /etc/openvpn/user.txt
resolv-retry infinite
redirect-gateway def1
persist-key
persist-tun
nobind
auth MD5
ping 5
ping-exit 60
ping-timer-rem
explicit-exit-notify 2
script-security 2
remote-cert-tls server
route-delay 5
tun-mtu 1500
fragment 1300
mssfix 1300
verb 4
comp-lzo
ca /etc/openvpn/grouter_client_phqwnwmzscao_ca.crt
cert /etc/openvpn/grouter_client_phqwnwmzscao.crt
key /etc/openvpn/grouter_client_phqwnwmzscao.key

CA Certificate:
In this box I copied the next passage from the downloaded config file. Opened the file ‚CyberGhost.ovpn‘ as before with a text editor and marked the passage between <ca> and </ca>. Copy all text between <ca> and </ca>, so from -----BEGIN CERTIFICATE … [down to] …END CERTIFICATE-----

Client Certificate:
Copied all text between <cert> and </cert>, so from CERTIFICATE: … [down to] …END CERTIFICATE----- and transfered.

Client Key:
Copied all text between <key> und </key>, so from -----BEGIN PRIVATE KEY … [down to] …END PRIVATE KEY ----- and transfered.

Finally I created the text file user.txt. First row username, second password. Uploaded it with WinSCP to /etc/openvpn/.

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: OpenVPN Cyberghost

Post by ispyisail »

Finally I created the text file user.txt. First row username, second password. Uploaded it with WinSCP to /etc/openvpn/.
what editor do you use to create this file?

craigrose
Posts: 7
Joined: Mon Aug 11, 2014 9:59 am

Re: OpenVPN Cyberghost

Post by craigrose »

Thanks Eddie - got your PM.

First I'd second ispyisail on the creation of the password file. To cover your bases just get a shell to the router and use echo - then you'll know it's right.

I'm no expert in this just extremely persistent!

I'd start with getting a shell to you router and checking:
1. The contents of /etc/openvpn
2. The contents of grouter_client_######.conf
3. Use ps to check that the correct process and options are running
/usr/sbin/openvpn --syslog openvpn(custom_config) --writepid /var/run/openvpn-custom_config.pid --config /etc/openvpn/grouter_client_######.conf
4. The contents of /usr/password or where ever you put it. Some locations are not persistent storage.

In general I found Gargoyle would mess things up - hence the gymnastics discussed in the original post and I guess you could (might?) achieve all the correct configuration from a shell without Gargoyle.

As far as your actual options for openvpn you need to have them specified by your service provider and use https://openvpn.net/index.php/open-sour ... l#examples as a reference.

Eddie9000
Posts: 6
Joined: Sun Oct 26, 2014 5:29 pm

Re: OpenVPN Cyberghost

Post by Eddie9000 »

ispyisail wrote:
Finally I created the text file user.txt. First row username, second password. Uploaded it with WinSCP to /etc/openvpn/.
what editor do you use to create this file?
The Windows "editor" of Windows 8.1

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: OpenVPN Cyberghost

Post by ispyisail »

Eddie9000 wrote:
ispyisail wrote:
Finally I created the text file user.txt. First row username, second password. Uploaded it with WinSCP to /etc/openvpn/.
what editor do you use to create this file?
The Windows "editor" of Windows 8.1
Use notepad++ or vi in command line.

Eddie9000
Posts: 6
Joined: Sun Oct 26, 2014 5:29 pm

Re: OpenVPN Cyberghost

Post by Eddie9000 »

Is there a way to check what the problem is exactly? Speaking of reading out a log or something similar.

By the way notepad++ is like 100 year evolution ahead of Windows editor.

craigrose
Posts: 7
Joined: Mon Aug 11, 2014 9:59 am

Re: OpenVPN Cyberghost

Post by craigrose »

1. Download and run putty.exe (http://www.chiark.greenend.org.uk/~sgta ... nload.html)
2. Connect to your router. Use the address and credentials you use through the gargoyle interface root/password
3. Type the following and check the contents of the directory. Also get the name of the *.conf file from here.

Code: Select all

ls /etc/openvpn 

4. Type the following and check the output

Code: Select all

cat /etc/openvpn/grouter_client_########.conf 

Your password file should be where auth-user-pass says it is. Check that with the ls command. Also check it's contents with the cat command.
Any other files mentioned in the conf should be in the locations it says they should be. Again use ls and cat to check.
5. Type ps to see the list of running processes.
6. For logs type logread
7. Use the following to create password file. Make suire you use the correct location/name for the password file ie the one in the conf file. The first command will overwrite the file so be warned.

Code: Select all

echo username > path to password file
echo password >> path to password file

Eddie9000
Posts: 6
Joined: Sun Oct 26, 2014 5:29 pm

Re: OpenVPN Cyberghost

Post by Eddie9000 »

craigrose wrote: 7. Use the following to create password file. Make suire you use the correct location/name for the password file ie the one in the conf file. The first command will overwrite the file so be warned.

Code: Select all

echo username > path to password file
echo password >> path to password file
Can't echo the password. The password contains a '&'. That might be a problem.

root@Gargoyle:~# echo xxxxx&yyyyyyyyy >> /etc/openvpn/user.txt
-ash: yyyyyyyyy: not found

Eddie

Eddie9000
Posts: 6
Joined: Sun Oct 26, 2014 5:29 pm

Re: OpenVPN Cyberghost

Post by Eddie9000 »

craigrose wrote: 6. For logs type logread
The logread is: Gargoyle user.notice root: openvpn stopped, restarting

craigrose
Posts: 7
Joined: Mon Aug 11, 2014 9:59 am

Re: OpenVPN Cyberghost

Post by craigrose »

You want to use:

Code: Select all

echo "xxxxx&yyyyyyyyy" >> /etc/openvpn/user.txt
That log message doesn't tell me much other than the process was stopped then started.

Type the ps command. You should be able to see something like the following if it started successfully.

Code: Select all

/usr/sbin/openvpn --syslog openvpn(custom_config) --writepid /var/run/openvpn-custom_config.pid --config /etc/openvpn/grouter_client_obfuscatedpart.conf

Post Reply