Connecting via working .ovpn files in Asus Router (Manually entering options)
Posted: Fri Nov 15, 2019 11:48 pm
Hi, I run a VPN Server in Azure using the OpenVPN Template and use this on all my devices. Now I recently got a new router and it has OpenVPN capabilities.
My 24/7 vpn that I run doesn't filter all traffic, only a specific website that's blocked where I live.
The .ovpn client config that I use (and it works in Tunnleblick and OpenVPN app in iOS) is below:
client
dev tun
proto udp
remote SERVERIP 1194
resolv-retry infinite
nobind
route-nopull
route 151.101.0.0 255.255.0.0
route 52.34.230.181 255.255.255.255
route 52.203.76.9 255.255.255.255
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
block-outside-dns
verb 3
<ca>
-----BEGIN CERTIFICATE-----
KEYHERE
KEYHERE
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
KEYHERE
KEYHERE
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
KEYHERE
KEYHERE
mx6Ah08HBjTF6I0yJ5IQkQun
-----END PRIVATE KEY-----
</key>
<tls-crypt>
-----BEGIN OpenVPN Static key V1-----
KEYHERE
KEYHERE
-----END OpenVPN Static key V1-----
</tls-crypt>
There's no way to simply run a .ovpn file directly on my router. But it has a OpenVPN Connect page with options, like this:
And the Router key/cert page is like this:
I'm very new to this. And I'd really appreciate the help
If you also have any advice about my VPN config do let me know. This was my first time doing anything like this.
And here's the config from my server if that's needed as well:
local 10.0.0.4
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-crypt tc.key
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
#push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 10.0.0.100"
push "dhcp-option DNS 1.1.1.1"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
crl-verify crl.pem
explicit-exit-notify
Please let me know what I'm doing wrong in my router page that vpn isn't connecting. Cheers!
And a second question about the server. Is having push dns option in the server.conf better than having it in the client .ovpn file? (I run a Pi-hole when connected to home wifi)
My 24/7 vpn that I run doesn't filter all traffic, only a specific website that's blocked where I live.
The .ovpn client config that I use (and it works in Tunnleblick and OpenVPN app in iOS) is below:
Client Config
client
dev tun
proto udp
remote SERVERIP 1194
resolv-retry infinite
nobind
route-nopull
route 151.101.0.0 255.255.0.0
route 52.34.230.181 255.255.255.255
route 52.203.76.9 255.255.255.255
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
block-outside-dns
verb 3
<ca>
-----BEGIN CERTIFICATE-----
KEYHERE
KEYHERE
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
KEYHERE
KEYHERE
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
KEYHERE
KEYHERE
mx6Ah08HBjTF6I0yJ5IQkQun
-----END PRIVATE KEY-----
</key>
<tls-crypt>
-----BEGIN OpenVPN Static key V1-----
KEYHERE
KEYHERE
-----END OpenVPN Static key V1-----
</tls-crypt>
There's no way to simply run a .ovpn file directly on my router. But it has a OpenVPN Connect page with options, like this:
And the Router key/cert page is like this:
I'm very new to this. And I'd really appreciate the help
If you also have any advice about my VPN config do let me know. This was my first time doing anything like this.And here's the config from my server if that's needed as well:
serever.conf
local 10.0.0.4
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-crypt tc.key
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
#push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 10.0.0.100"
push "dhcp-option DNS 1.1.1.1"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
crl-verify crl.pem
explicit-exit-notify
Please let me know what I'm doing wrong in my router page that vpn isn't connecting. Cheers!
And a second question about the server. Is having push dns option in the server.conf better than having it in the client .ovpn file? (I run a Pi-hole when connected to home wifi)