Enzo Andriano
asked on
configure OpenVpn client settings from .ovpn file for dd-wrt router
hello, please i am trying to configure openVpn client from a .ovpn file on my router( tp-link tl-wdr3600) using dd-wrt t v.24-sp2. i have been unsuccessful. Any help will be appreciated. Thanks
This is the content of the .ovpn file when opened with textEdit
remote web.blackberry.com@198.x.y .z 554 tcp
http-proxy 10.199.212.2 8080
client
dev tun
resolv-retry infinite
auth-retry nointeract
nobind
persist-key
persist-tun
mute-replay-warnings
#ca ca.crt
comp-lzo
verb 3
mute 20
ns-cert-type server
auth-user-pass
reneg-sec 3600
link-mtu 1578
<ca>
-----BEGIN CERTIFICATE-----
****
Y2hhbmdlbWUxETAPBgNVBCkTCG NoYW5nZW1l MR8wHQYJKo ZIhvcNAQkB FhBtYWls
QGhvc3QuZG9tYWluMB4XDTEyMD gyOTExMDUy MVoXDTIyMD gyNzExMDUy MVowgaIx
CzAJBgNVBAYTAlVTMQswCQYDVQ QIEwJDQTEV MBMGA1UEBx MMU2FuRnJh bmNpc2Nv
MRUwEwYDVQQKEwxGb3J0LUZ1bn N0b24xETAP BgNVBAsTCG NoYW5nZW1l MREwDwYD
VQQDEwhjaGFuZ2VtZTERMA8GA1 UEKRMIY2hh bmdlbWUxHz AdBgkqhkiG 9w0BCQEW
****
QTEVMBMGA1UEBxMMU2FuRnJhbm Npc2NvMRUw EwYDVQQKEw xGb3J0LUZ1 bnN0b24x
****
IGz+dA7NfqQ+SALEUn1Trh2yQz 6UdVKKy9ud nd6B9oT+w2 fUg/0T9c0G SS4+BjeU
VnqoPJWoCI33u/NHpzoOtsFFOC cSOGMkiD3q n2F2+hkyxS XdJcv5qVoW muPDQWsF
9q9+0HCx1mpmhr8F9UR01bXGKO f8
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
****
cGVuVlBOIENBMB4XDTEzMDExNz AyMTExMloX DTIzMDEyMj AyMTExMlow KDEmMCQG
****
DQEBBQUAA4GBABhVzSYXHlQEPN aKGmx9hMww nNKcHgD9cC mC9lX/KR2Y +vT/QGxK
****
bmBZk/K96P7VntzYI5S02+hOWn vjq5Wk4gOt 1+L18+R/Xu juxGbwnHW2
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
****
SKT8AALYaAPbYO+ZVzJdh8mIbg +xuF7A9G+7 z+5ZL35lrp XKnONuvmlx kK5ESwvV
Q7EOQYCZCqa8xf3li3GUBLwcwX KtOUr3AYXh dbOh2viQdi sD4Ky7H6/N d3yMc3bu
****
FoFVAQJAUGfBJDcZIm9ZL6ZPXJ rqS5oP/wdL mtFE3hfd1g r7C8oHu7BR EWB6h1qu
8c1kPlI4+/qDHWaZtQpJ977mIT oJwQJAMcgU HKAm/YPWLg T31tpckRDg qgzh9u4z
****
-----END PRIVATE KEY-----
</key>
Screen-Shot-2015-09-14-at-1.25.40-PM.png
This is the content of the .ovpn file when opened with textEdit
remote web.blackberry.com@198.x.y
http-proxy 10.199.212.2 8080
client
dev tun
resolv-retry infinite
auth-retry nointeract
nobind
persist-key
persist-tun
mute-replay-warnings
#ca ca.crt
comp-lzo
verb 3
mute 20
ns-cert-type server
auth-user-pass
reneg-sec 3600
link-mtu 1578
<ca>
-----BEGIN CERTIFICATE-----
****
Y2hhbmdlbWUxETAPBgNVBCkTCG
QGhvc3QuZG9tYWluMB4XDTEyMD
CzAJBgNVBAYTAlVTMQswCQYDVQ
MRUwEwYDVQQKEwxGb3J0LUZ1bn
VQQDEwhjaGFuZ2VtZTERMA8GA1
****
QTEVMBMGA1UEBxMMU2FuRnJhbm
****
IGz+dA7NfqQ+SALEUn1Trh2yQz
VnqoPJWoCI33u/NHpzoOtsFFOC
9q9+0HCx1mpmhr8F9UR01bXGKO
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
****
cGVuVlBOIENBMB4XDTEzMDExNz
****
DQEBBQUAA4GBABhVzSYXHlQEPN
****
bmBZk/K96P7VntzYI5S02+hOWn
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
****
SKT8AALYaAPbYO+ZVzJdh8mIbg
Q7EOQYCZCqa8xf3li3GUBLwcwX
****
FoFVAQJAUGfBJDcZIm9ZL6ZPXJ
8c1kPlI4+/qDHWaZtQpJ977mIT
****
-----END PRIVATE KEY-----
</key>
Screen-Shot-2015-09-14-at-1.25.40-PM.png
ASKER
@Mr. Thomas. there are two cert files and one private key file. placed the other one in the public client cert column.
NB: i am complete noob
Screen-Shot-2015-09-20-at-7.24.11-PM.png
NB: i am complete noob
Screen-Shot-2015-09-20-at-7.24.11-PM.png
the http-proxy line allows to connect via your site's http proxy to a VPN far away.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
solved the problem immediately
Those sections at the end of your .ovpn file (<ca> ... </ca> and <key> ... </key> are used to embed the keys within the config file. Not all VPN systems or hardware support that file format. For those that don't, the sections can be manually copied to separate files.
<ca>
move the content between the "ca" tags into /tmp/openvpncl/ca.crt
</ca>
<key>
move the content between the "key" tags into /tmp/openvpncl/client.key
</key>