Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
Fragger
OpenVpn Newbie
Posts: 7
Joined: Thu May 27, 2021 7:28 pm

Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?

Post by Fragger » Thu May 27, 2021 7:28 pm

Hello friends,


I run a Cable modem in Passthrough mode, that serves my main DHCP router in my home over the WAN/Internet port. This router is the Asus TM-AC1900. All other APs and routers in my home are basically running as APs with no ability to serve IPs.

I went ahead and was able to set up an OpenVPN connection and generate the appropriate certificate file as well. There are seemingly no errors in the router, but when I import this file in OpenVPN on my Android phone, I cannot connect to my VPN with this ominous error:



22:54:33.969 -- ----- OpenVPN Start -----

22:54:33.969 -- EVENT: CORE_THREAD_ACTIVE

22:54:33.971 -- OpenVPN core 3.git:released:662eae9a:Release android arm64 64-bit PT_PROXY

22:54:33.972 -- Frame=512/2048/512 mssfix-ctrl=1250

22:54:33.974 -- EVENT: CORE_THREAD_ERROR info='X509:arse_pem: error in cert:: error:0909006CEM routines:get_name:no start line'


Any body know what's wrong? I don't know how to validate this format, nor am I sure if this is a credentials issue (no errors indicating it) or, my router is generating garbage certificates?

Please help. Thank you!

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?

Post by TinCanTech » Thu May 27, 2021 7:31 pm

Probably not using inline markers correctly. You can post your config here.

Fragger
OpenVpn Newbie
Posts: 7
Joined: Thu May 27, 2021 7:28 pm

Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?

Post by Fragger » Thu May 27, 2021 10:41 pm

TinCanTech wrote:
Thu May 27, 2021 7:31 pm
Probably not using inline markers correctly. You can post your config here.
Thank you for your response and I really appreciate it! Do you mean posting my ovpn file? I can but 2 issues:

1. I do not see an attachment option here LOL!
2. Is there anything sensitive in there that I should take out before posting?

Thank you again!

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?

Post by TinCanTech » Thu May 27, 2021 11:33 pm

Take a look here for an example: viewtopic.php?f=30&t=22603

Remove your private key file.

Cutting to the chase ..
https://community.openvpn.net/openvpn/wiki/IOSinline

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?

Post by TinCanTech » Thu May 27, 2021 11:35 pm

Fragger wrote:
Thu May 27, 2021 7:28 pm
X509:arse_pem: error in cert:: error:0909006CEM routines:get_name:no start line
good grief :mrgreen:

Fragger
OpenVpn Newbie
Posts: 7
Joined: Thu May 27, 2021 7:28 pm

Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?

Post by Fragger » Fri May 28, 2021 2:29 am

TinCanTech wrote:
Thu May 27, 2021 11:33 pm
Take a look here for an example: viewtopic.php?f=30&t=22603

Remove your private key file.

Cutting to the chase ..
https://community.openvpn.net/openvpn/wiki/IOSinline
Thank you for continuing to try to help. I'm generating the certificate file via my mobile phone, accessing the router via the browser. Once OpenVPN is set up with my ASUS router, I'm simply hitting the Export button, downloading on my mobile phone, then importing into my Android OpenVPN Connect app. This is what my file is showing in Notepad, I changed the port and removed some of the cert value. I cannot see where the problem is. Can you please advise?

Code: Select all




client 
dev tun 
proto udp 
remote x.asuomm.com 14747474 
float 
cipher AES-256-CBC 
comp-lzo adaptive 
keepalive 15 60 
auth-user-pass 
ns-cert-type server 
<ca> 
-----BEGIN CERTIFICATE----- MIIDNzCCAqCgAwIBAgIJAKX52P7xrsYAMA0GCSqGSIb3DQEBBQUAMHExCzAJBgNV      aG9zdC5teWRvbWFpbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAm8nebIn4 tLwyLuFf8/jwUmckqlWQmQ7QZ/8VLg1fUZGhYEgn3dHBWEAMhKHNahKxZKw6qYS7 LL/cT3BrwLZThjf9CaGYaMyrwGKocQ17G6SKkMNcdOY9ghwzO3kiIt3o01+/reYF HV3vcvSgDsoEF/QpYBN3He3KPiCh8BgYj/UCAwEAAaOB1jCB0zAdBgNVHQ4EFgQU JVA9PDcs8lvVp3xQD7f2NJEJ6/kwgaMGA1UdIwSBmzCBmIAUJVA9PDcs8lvVp3xQ  BxMGVGFpcGVpMQ0wCwYDVQQKEwRBU1VTMRIwEAYDVQQDEwlUTS1BQzE5MDAxITAf   naPQ+1w/4d9IBrnOXPK4YQdyvB5RGhityRG4B9a5UKrQgsM636j9AocIzYPERWac h4+g7rup8EIrBWAZhcupreZYzPld12cqXXyMJ8NyszsJ/ZIFbtgp6pHZy18WBJyI jUIvn+9/OJ2fwwc=
-----END CERTIFICATE----- 
</ca> 
<cert> 
    paste client certificate data here 
</cert> 
<key> 
    paste client key data here 
</key> 
resolv-retry infinite 
nobind 



Fragger
OpenVpn Newbie
Posts: 7
Joined: Thu May 27, 2021 7:28 pm

Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?

Post by Fragger » Fri May 28, 2021 2:32 am

TinCanTech wrote:
Thu May 27, 2021 11:35 pm
Fragger wrote:
Thu May 27, 2021 7:28 pm
X509:arse_pem: error in cert:: error:0909006CEM routines:get_name:no start line
good grief :mrgreen:
Haha it's working like arse!

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?

Post by TinCanTech » Fri May 28, 2021 10:28 am

Fragger wrote:
Fri May 28, 2021 2:29 am
<cert>
paste client certificate data here
</cert>
:roll:

Fragger
OpenVpn Newbie
Posts: 7
Joined: Thu May 27, 2021 7:28 pm

Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?

Post by Fragger » Fri May 28, 2021 6:52 pm

TinCanTech wrote:
Fri May 28, 2021 10:28 am
Fragger wrote:
Fri May 28, 2021 2:29 am
<cert>
paste client certificate data here
</cert>
:roll:
This is my first set up ever, my friend. Can you please guide me a bit more? I realize I'm on the very n00b side of things...

Are you suggesting to empty everything out, just use the cert tags and my public key?

Fragger
OpenVpn Newbie
Posts: 7
Joined: Thu May 27, 2021 7:28 pm

Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?

Post by Fragger » Fri May 28, 2021 6:54 pm

Nevermind, on retrospect, I see what you mean... Can you suggest where I can get the cert and key from, using my ASUS router?

I thought when it exported the ovpn file, it would include all the necessary pieces?

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?

Post by TinCanTech » Fri May 28, 2021 7:56 pm

You can create all the keys you need with EasyRSA and paste them in as it says.

If you want my help with ASUS then I am available for hire: tincantech at protonmail dot com

Fragger
OpenVpn Newbie
Posts: 7
Joined: Thu May 27, 2021 7:28 pm

Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?

Post by Fragger » Fri May 28, 2021 8:41 pm

TinCanTech wrote:
Fri May 28, 2021 7:56 pm
You can create all the keys you need with EasyRSA and paste them in as it says.

If you want my help with ASUS then I am available for hire: tincantech at protonmail dot com
Thank you TinCanTech. Unfortunately, I'm not looking to pay someone to get this issue resolved. I thought it was a community of folks experienced in the area and looking to help others as a community without monetary connotations. Thank you for all your time!

If there are others reading this thread, is someone willing to help me with a bit more patience and explanation? I'd appreciate your time and help in advance! Thank you all!

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Asus TM-AC1900 Router and OpenVPN set up for Blue Iris, please help?

Post by TinCanTech » Fri May 28, 2021 9:17 pm

Openvpn does not create any of the files for you.

You either do that yourself or rely on a third party, in your case ASUS.
Or a third party such as myself.

There is an exclusivity principle here that you should be aware of.

You can only choose two of the following:
  • * Lazy * Successful * Cheap *
There is another exclusivity principle also but it is less relevant here:
  • * Cheap * Secure * Fast *
That is how the world works, welcome.

Post Reply