What's new
By:

380.66-Beta5 with PIA

J

jjbine

Occasional Visitor
I just can't get the VPN to start. (The server starts fine)

So, it was suggested to update to 380.66 Beta5 and just upload PIA's OVPN file and it will take care of everything.

I pasted the
ca.rsa.2048.crt to the Certificate authority section and crl.rsa.2048.pem to the Certificate Revocation List (Optional) section. Then hit SAVE. Back to the
Client setup page and uploaded the PIA OVPN file. Got this error.
Warning (17) while importing file - you will need to manually provide the CA, CRL content, on the keys/certificates page.

I read somewhere to take out these 2 line in the OVPN file....
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt, so I did and the file uploaded fine. Started the Client1 and now getting this error.
Jul 31 20:33:08 rc_service: httpd 474:notify_rc start_vpnclient1
Jul 31 20:33:24 openvpn[1346]: Options error: You must define CA file (--ca) or CA path (--capath)
Jul 31 20:33:24 openvpn[1346]: Use --help for more information.

I'm stuck and confused. Please help.
Thanks
Jim
 
jjbine said:
I just can't get the VPN to start. (The server starts fine)

So, it was suggested to update to 380.66 Beta5 and just upload PIA's OVPN file and it will take care of everything.

I pasted the
ca.rsa.2048.crt to the Certificate authority section and crl.rsa.2048.pem to the Certificate Revocation List (Optional) section. Then hit SAVE. Back to the
Client setup page and uploaded the PIA OVPN file. Got this error.
Warning (17) while importing file - you will need to manually provide the CA, CRL content, on the keys/certificates page.

I read somewhere to take out these 2 line in the OVPN file....
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt, so I did and the file uploaded fine. Started the Client1 and now getting this error.
Jul 31 20:33:08 rc_service: httpd 474:notify_rc start_vpnclient1
Jul 31 20:33:24 openvpn[1346]: Options error: You must define CA file (--ca) or CA path (--capath)
Jul 31 20:33:24 openvpn[1346]: Use --help for more information.

I'm stuck and confused. Please help.
Thanks
Jim
Click to expand...
Did you click on Keys & Certificates and paste the CA and the CRL content (the files are in the PIA zip)?
Refer to this post for further instructions:
https://www.snbforums.com/threads/h...her-vpn-providers-380-65_4.30851/#post-242926
 
You have to paste the CA and CRL AFTER uploading the ovpn, just like the warning message told you.
 
RMerlin said:
You have to paste the CA and CRL AFTER uploading the ovpn, just like the warning message told you.
Click to expand...

THANK you are trying to help me.

This is the error message I am now getting.
Jul 31 22:09:54 rc_service: httpd 474:notify_rc start_vpnclient1
Jul 31 22:10:11 openvpn[2259]: OpenVPN 2.4.1 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on May 8 2017
Jul 31 22:10:11 openvpn[2259]: library versions: OpenSSL 1.0.2k 26 Jan 2017, LZO 2.08
Jul 31 22:10:11 openvpn[2260]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 31 22:10:11 openvpn[2260]: RESOLVE: Cannot resolve host address: us-midwest.privateinternetaccess.com:1198 (Name or service not known)
Jul 31 22:10:11 openvpn[2260]: RESOLVE: Cannot resolve host address: us-midwest.privateinternetaccess.com:1198 (Name or service not known)
Jul 31 22:10:11 openvpn[2260]: Could not determine IPv4/IPv6 protocol
Jul 31 22:10:11 openvpn[2260]: SIGUSR1[soft,init_instance] received, process restarting

The processing I am doing is..

1). Upload the PIA OVPN file WITHOUT these 2 lines
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt

2) copy and paste ..2048.pem to Certificate Revocation List (optional)
3) copy and paste ..2048.crt to Certificate Authority.
4) hit SAVE
5) enter user/password
6) Turn ON the client

Thanks again for your help.
Jim
 
ASUS Merlin/PIA setup video, this may be another resource that may help you in addition to Yorgi's guide. Not sure what version of FW they are using though. But it is dated Oct, 2016
To view this content we will need your consent to set third party cookies.
For more detailed information, see our cookies page.
And you are doing everything listed here?
https://helpdesk.privateinternetacc...ing-up-an-Asus-Router-running-Merlin-Firmware

Also, what text editor are you using to copy/paste the ca cert? Try Notepad++
 
Last edited:
Another thought, what are you using for your WAN DNS Servers? Are you using the default DNS Servers of your ISP? On the WAN gui page, check no radio button on Connnect to DNS Servers Automatically. Enter OpenDNS DNS Servers (google search) or googles 8.8.8.8 and 8.8.4.4. Not sure if PIA has their own dns servers.
 
jjbine said:
I just can't get the VPN to start. (The server starts fine)

So, it was suggested to update to 380.66 Beta5 and just upload PIA's OVPN file and it will take care of everything.

I pasted the
ca.rsa.2048.crt to the Certificate authority section and crl.rsa.2048.pem to the Certificate Revocation List (Optional) section. Then hit SAVE. Back to the
Client setup page and uploaded the PIA OVPN file. Got this error.
Warning (17) while importing file - you will need to manually provide the CA, CRL content, on the keys/certificates page.

I read somewhere to take out these 2 line in the OVPN file....
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt, so I did and the file uploaded fine. Started the Client1 and now getting this error.
Jul 31 20:33:08 rc_service: httpd 474:notify_rc start_vpnclient1
Jul 31 20:33:24 openvpn[1346]: Options error: You must define CA file (--ca) or CA path (--capath)
Jul 31 20:33:24 openvpn[1346]: Use --help for more information.

I'm stuck and confused. Please help.
Thanks
Jim
Click to expand...
follow this updated guide for PIA
https://www.snbforums.com/threads/h...and-other-vpn-providers-380-66_4-06-11.30851/
 
You must log in or register to reply here.

Similar threads

A
Ipvanish Openvpn will not connect on Merlin
Replies
9
Views
570
ALIEN1X
A
S
Struggling with Asus ZenWiFi BE30000 aka 3 node BQ16 Pro bundle
15 16 17
Replies
321
Views
58K
Poppys33d
P
W
RT-AX86U with latest version 3004.388.8_2 always crash and reboot
2 3
Replies
41
Views
9K
bennor
B
G
TLS error with OpenVPN client
Replies
4
Views
4K
eibgrad
eibgrad
orudie
Need help setting up ProtonVPN in AsusWRT-merlin
2
Replies
20
Views
7K
user_20240830
user_20240830

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 3,995 (members: 19, guests: 3,976)
Back
Top