Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu May 27, 2021 7:28 pm
Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?
Hello friends,
I run a Cable modem in Passthrough mode, that serves my main DHCP router in my home over the WAN/Internet port. This router is the Asus TM-AC1900. All other APs and routers in my home are basically running as APs with no ability to serve IPs.
I went ahead and was able to set up an OpenVPN connection and generate the appropriate certificate file as well. There are seemingly no errors in the router, but when I import this file in OpenVPN on my Android phone, I cannot connect to my VPN with this ominous error:
22:54:33.969 -- ----- OpenVPN Start -----
22:54:33.969 -- EVENT: CORE_THREAD_ACTIVE
22:54:33.971 -- OpenVPN core 3.git:released:662eae9a:Release android arm64 64-bit PT_PROXY
22:54:33.972 -- Frame=512/2048/512 mssfix-ctrl=1250
22:54:33.974 -- EVENT: CORE_THREAD_ERROR info='X509:arse_pem: error in cert:: error:0909006CEM routines:get_name:no start line'
Any body know what's wrong? I don't know how to validate this format, nor am I sure if this is a credentials issue (no errors indicating it) or, my router is generating garbage certificates?
Please help. Thank you!
I run a Cable modem in Passthrough mode, that serves my main DHCP router in my home over the WAN/Internet port. This router is the Asus TM-AC1900. All other APs and routers in my home are basically running as APs with no ability to serve IPs.
I went ahead and was able to set up an OpenVPN connection and generate the appropriate certificate file as well. There are seemingly no errors in the router, but when I import this file in OpenVPN on my Android phone, I cannot connect to my VPN with this ominous error:
22:54:33.969 -- ----- OpenVPN Start -----
22:54:33.969 -- EVENT: CORE_THREAD_ACTIVE
22:54:33.971 -- OpenVPN core 3.git:released:662eae9a:Release android arm64 64-bit PT_PROXY
22:54:33.972 -- Frame=512/2048/512 mssfix-ctrl=1250
22:54:33.974 -- EVENT: CORE_THREAD_ERROR info='X509:arse_pem: error in cert:: error:0909006CEM routines:get_name:no start line'
Any body know what's wrong? I don't know how to validate this format, nor am I sure if this is a credentials issue (no errors indicating it) or, my router is generating garbage certificates?
Please help. Thank you!
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?
Probably not using inline markers correctly. You can post your config here.
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu May 27, 2021 7:28 pm
Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?
Thank you for your response and I really appreciate it! Do you mean posting my ovpn file? I can but 2 issues:TinCanTech wrote: ↑Thu May 27, 2021 7:31 pmProbably not using inline markers correctly. You can post your config here.
1. I do not see an attachment option here LOL!
2. Is there anything sensitive in there that I should take out before posting?
Thank you again!
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?
Take a look here for an example: viewtopic.php?f=30&t=22603
Remove your private key file.
Cutting to the chase ..
https://community.openvpn.net/openvpn/wiki/IOSinline
Remove your private key file.
Cutting to the chase ..
https://community.openvpn.net/openvpn/wiki/IOSinline
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu May 27, 2021 7:28 pm
Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?
Thank you for continuing to try to help. I'm generating the certificate file via my mobile phone, accessing the router via the browser. Once OpenVPN is set up with my ASUS router, I'm simply hitting the Export button, downloading on my mobile phone, then importing into my Android OpenVPN Connect app. This is what my file is showing in Notepad, I changed the port and removed some of the cert value. I cannot see where the problem is. Can you please advise?TinCanTech wrote: ↑Thu May 27, 2021 11:33 pmTake a look here for an example: viewtopic.php?f=30&t=22603
Remove your private key file.
Cutting to the chase ..
https://community.openvpn.net/openvpn/wiki/IOSinline
Code: Select all
client
dev tun
proto udp
remote x.asuomm.com 14747474
float
cipher AES-256-CBC
comp-lzo adaptive
keepalive 15 60
auth-user-pass
ns-cert-type server
<ca>
-----BEGIN CERTIFICATE----- MIIDNzCCAqCgAwIBAgIJAKX52P7xrsYAMA0GCSqGSIb3DQEBBQUAMHExCzAJBgNV aG9zdC5teWRvbWFpbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAm8nebIn4 tLwyLuFf8/jwUmckqlWQmQ7QZ/8VLg1fUZGhYEgn3dHBWEAMhKHNahKxZKw6qYS7 LL/cT3BrwLZThjf9CaGYaMyrwGKocQ17G6SKkMNcdOY9ghwzO3kiIt3o01+/reYF HV3vcvSgDsoEF/QpYBN3He3KPiCh8BgYj/UCAwEAAaOB1jCB0zAdBgNVHQ4EFgQU JVA9PDcs8lvVp3xQD7f2NJEJ6/kwgaMGA1UdIwSBmzCBmIAUJVA9PDcs8lvVp3xQ BxMGVGFpcGVpMQ0wCwYDVQQKEwRBU1VTMRIwEAYDVQQDEwlUTS1BQzE5MDAxITAf naPQ+1w/4d9IBrnOXPK4YQdyvB5RGhityRG4B9a5UKrQgsM636j9AocIzYPERWac h4+g7rup8EIrBWAZhcupreZYzPld12cqXXyMJ8NyszsJ/ZIFbtgp6pHZy18WBJyI jUIvn+9/OJ2fwwc=
-----END CERTIFICATE-----
</ca>
<cert>
paste client certificate data here
</cert>
<key>
paste client key data here
</key>
resolv-retry infinite
nobind
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu May 27, 2021 7:28 pm
Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?
Haha it's working like arse!
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu May 27, 2021 7:28 pm
Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?
This is my first set up ever, my friend. Can you please guide me a bit more? I realize I'm on the very n00b side of things...
Are you suggesting to empty everything out, just use the cert tags and my public key?
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu May 27, 2021 7:28 pm
Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?
Nevermind, on retrospect, I see what you mean... Can you suggest where I can get the cert and key from, using my ASUS router?
I thought when it exported the ovpn file, it would include all the necessary pieces?
I thought when it exported the ovpn file, it would include all the necessary pieces?
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?
You can create all the keys you need with EasyRSA and paste them in as it says.
If you want my help with ASUS then I am available for hire: tincantech at protonmail dot com
If you want my help with ASUS then I am available for hire: tincantech at protonmail dot com
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu May 27, 2021 7:28 pm
Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?
Thank you TinCanTech. Unfortunately, I'm not looking to pay someone to get this issue resolved. I thought it was a community of folks experienced in the area and looking to help others as a community without monetary connotations. Thank you for all your time!TinCanTech wrote: ↑Fri May 28, 2021 7:56 pmYou can create all the keys you need with EasyRSA and paste them in as it says.
If you want my help with ASUS then I am available for hire: tincantech at protonmail dot com
If there are others reading this thread, is someone willing to help me with a bit more patience and explanation? I'd appreciate your time and help in advance! Thank you all!
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?
Openvpn does not create any of the files for you.
You either do that yourself or rely on a third party, in your case ASUS.
Or a third party such as myself.
There is an exclusivity principle here that you should be aware of.
You can only choose two of the following:
You either do that yourself or rely on a third party, in your case ASUS.
Or a third party such as myself.
There is an exclusivity principle here that you should be aware of.
You can only choose two of the following:
- * Lazy * Successful * Cheap *
- * Cheap * Secure * Fast *