Could someone help me to configure my Asus RT-AC66 to work with TigerVPN?

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Skatewarp

New Around Here
I'm trying to configure my router's OpenVPN client to run TigerVPN service I recently purchased. I've reached their technical support, but they don't know how to properly configure it (more specifically; a proper guide). They simply recommended me to change to Tomato or DD-WRT.

Router log:
Code:
Nov  6 19:23:41 kernel: tun: Universal TUN/TAP device driver, 1.6
Nov  6 19:23:41 kernel: tun: (C) 1999-2004 Max Krasnyansky <[email protected]>
Nov  6 19:23:42 openvpn[1300]: OpenVPN 2.3.7 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Aug  3 2015
Nov  6 19:23:42 openvpn[1300]: library versions: OpenSSL 1.0.2d 9 Jul 2015, LZO 2.09
Nov  6 19:23:42 openvpn[1304]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Nov  6 19:23:42 openvpn[1304]: Socket Buffers: R=[118784->131072] S=[118784->131072]
Nov  6 19:23:42 openvpn[1304]: UDPv4 link local: [undef]
Nov  6 19:23:42 openvpn[1304]: UDPv4 link remote: [AF_INET]162.250.2.18:1194
Nov  6 19:23:42 openvpn[1304]: TLS: Initial packet from [AF_INET]162.250.2.18:1194, sid=1e8f53a0 2628b3d6
Nov  6 19:23:42 openvpn[1304]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Nov  6 19:23:42 openvpn[1304]: VERIFY OK: depth=1, C=SK, ST=Bratislava, L=Bratislava, O=Tiger At Work & Co. k. s., OU=tigerVPN, CN=tigerVPN, name=tigerVPN, [email protected]
Nov  6 19:23:42 openvpn[1304]: Validating certificate key usage
Nov  6 19:23:42 openvpn[1304]: ++ Certificate has key usage  00a0, expects 00a0
Nov  6 19:23:42 openvpn[1304]: VERIFY KU OK
Nov  6 19:23:42 openvpn[1304]: Validating certificate extended key usage
Nov  6 19:23:42 openvpn[1304]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Nov  6 19:23:42 openvpn[1304]: VERIFY EKU OK
Nov  6 19:23:42 openvpn[1304]: VERIFY OK: depth=0, C=SK, ST=Bratislava, L=Bratislava, O=Tiger At Work & Co. k. s., OU=tigerVPN, CN=tigervpn.com, name=tigerVPN, [email protected]
Nov  6 19:23:43 openvpn[1304]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Nov  6 19:23:43 openvpn[1304]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Nov  6 19:23:43 openvpn[1304]: NOTE: --mute triggered...
Nov  6 19:23:43 openvpn[1304]: 3 variation(s) on previous 10 message(s) suppressed by --mute
Nov  6 19:23:43 openvpn[1304]: [tigervpn.com] Peer Connection Initiated with [AF_INET]162.250.2.18:1194
Nov  6 19:23:45 openvpn[1304]: SENT CONTROL [tigervpn.com]: 'PUSH_REQUEST' (status=1)
Nov  6 19:23:45 openvpn[1304]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 162.250.2.19,route-gateway 10.153.21.1,topology subnet,ping 10,ping-restart 30,ifconfig 10.153.21.54 255.255.255.0'
Nov  6 19:23:45 openvpn[1304]: OPTIONS IMPORT: timers and/or timeouts modified
Nov  6 19:23:45 openvpn[1304]: OPTIONS IMPORT: --ifconfig/up options modified
Nov  6 19:23:45 openvpn[1304]: OPTIONS IMPORT: route options modified
Nov  6 19:23:45 openvpn[1304]: OPTIONS IMPORT: route-related options modified
Nov  6 19:23:45 openvpn[1304]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Nov  6 19:23:45 openvpn[1304]: TUN/TAP device tun11 opened
Nov  6 19:23:45 openvpn[1304]: TUN/TAP TX queue length set to 100
Nov  6 19:23:45 openvpn[1304]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Nov  6 19:23:45 openvpn[1304]: /usr/sbin/ip link set dev tun11 up mtu 1500
Nov  6 19:23:45 openvpn[1304]: /usr/sbin/ip addr add dev tun11 10.153.21.54/24 broadcast 10.153.21.255
Nov  6 19:23:45 openvpn[1304]: updown.sh tun11 1500 1558 10.153.21.54 255.255.255.0 init
Nov  6 19:23:46 rc_service: service 1336:notify_rc updateresolv
Nov  6 19:23:46 dnsmasq[1292]: exiting on receipt of SIGTERM
Nov  6 19:23:46 dnsmasq[1339]: started, version 2.75 cachesize 1500
Nov  6 19:23:46 dnsmasq[1339]: warning: interface ppp1* does not currently exist
Nov  6 19:23:46 dnsmasq[1339]: asynchronous logging enabled, queue limit is 5 messages
Nov  6 19:23:46 dnsmasq-dhcp[1339]: DHCP, IP range 192.168.2.2 -- 192.168.2.254, lease time 1d
Nov  6 19:23:46 dnsmasq[1339]: read /etc/hosts - 5 addresses
Nov  6 19:23:46 dnsmasq[1339]: using nameserver 208.67.220.220#53 for domain local
Nov  6 19:23:46 dnsmasq[1339]: using nameserver 208.67.222.222#53 for domain local
Nov  6 19:23:46 dnsmasq[1339]: using nameserver 162.250.2.19#53
Nov  6 19:23:46 dnsmasq[1339]: using nameserver 208.67.222.222#53
Nov  6 19:23:46 dnsmasq[1339]: using nameserver 208.67.220.220#53
Nov  6 19:23:51 openvpn[1304]: /usr/sbin/ip route add 162.250.2.18/32 via 196.3.74.38
Nov  6 19:23:51 openvpn[1304]: ERROR: Linux route add command failed: external program exited with error status: 2
Nov  6 19:23:51 openvpn[1304]: /usr/sbin/ip route add 0.0.0.0/1 via 10.153.21.1
Nov  6 19:23:51 openvpn[1304]: /usr/sbin/ip route add 128.0.0.0/1 via 10.153.21.1
Nov  6 19:23:51 openvpn-routing: Skipping, client 1 not in routing policy mode
Nov  6 19:23:51 openvpn[1304]: Initialization Sequence Completed
Nov  6 19:24:15 openvpn[1304]: [tigervpn.com] Inactivity timeout (--ping-restart), restarting
Nov  6 19:24:15 openvpn[1304]: SIGUSR1[soft,ping-restart] received, process restarting
Nov  6 19:24:15 openvpn[1304]: Restart pause, 2 second(s)
Nov  6 19:24:17 openvpn[1304]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Nov  6 19:24:17 openvpn[1304]: Socket Buffers: R=[118784->131072] S=[118784->131072]

After I start the service, seconds later I'm without Internet connection.
 
Last edited:

Q Chau

New Around Here
I'm using an ASUS RT-AC68U with TigerVPN and here are my settings.
Interface Type=TUN
Protocol=UDP
Server Address and Port = which ever vpn server you want to connect to. Tiger has a list and use port 1194
Firewall=Automatic
Authorization Mode=TLS
Username/Password Authentication=Yes
Username= The tiger username that is supply to you. You can get this on your account page.
Password= The tiger password that is supply to you. You can get this on your account page.
Username / Password Auth. Only = Yes
Extra HMAC authorization= Disable
Create NAT on tunnel=Yes
Poll Interval=0 (it's zero) for disable
Accept DNS Configuration=Disable, I have my DNS manually set on my router to point at Google DNS and Open DNS.
Encryption cipher=AES-256-CBC
Compression=Adaptive
TLS Renegotiation Time=-1
Connection Retry=-1
Verify Server Certificate=No
Redirect Internet traffic= Policy rules but this is your choice/option what you want. I have this VPN connection to only one device, so that is why I chose this setting.
Block routed client if tunnel goes down=Yes but again, this is an option if you wish to enable or disable. My is enable.
Custom Configuration settings that I have enter is
pull
tls-client
script-security 2
mute 10
route-delay 5
remote-cert-tls server
mssfix

P.S. Remember that you need to also add TigerVPN's CA (certificate authority). Also, the best speed came from Toronto.
I forgot where I got the openvpn config file from but I tried quite a few and mess with the configuration. Then it finally work. Hopefully this will help you
 
Last edited:

Rob Nellen

New Around Here
Hi

I know this is an old thread but I have a Asus AC68U router and wanted to know if this is still working okay?

I haven't signed up to tiger VPN as yet so unable to try.

Many thanks
 

yorgi

Very Senior Member
I'm using an ASUS RT-AC68U with TigerVPN and here are my settings.
Interface Type=TUN
Protocol=UDP
Server Address and Port = which ever vpn server you want to connect to. Tiger has a list and use port 1194
Firewall=Automatic
Authorization Mode=TLS
Username/Password Authentication=Yes
Username= The tiger username that is supply to you. You can get this on your account page.
Password= The tiger password that is supply to you. You can get this on your account page.
Username / Password Auth. Only = Yes
Extra HMAC authorization= Disable
Create NAT on tunnel=Yes
Poll Interval=0 (it's zero) for disable
Accept DNS Configuration=Disable, I have my DNS manually set on my router to point at Google DNS and Open DNS.
Encryption cipher=AES-256-CBC
Compression=Adaptive
TLS Renegotiation Time=-1
Connection Retry=-1
Verify Server Certificate=No
Redirect Internet traffic= Policy rules but this is your choice/option what you want. I have this VPN connection to only one device, so that is why I chose this setting.
Block routed client if tunnel goes down=Yes but again, this is an option if you wish to enable or disable. My is enable.
Custom Configuration settings that I have enter is
pull
tls-client
script-security 2
mute 10
route-delay 5
remote-cert-tls server
mssfix

P.S. Remember that you need to also add TigerVPN's CA (certificate authority). Also, the best speed came from Toronto.
I forgot where I got the openvpn config file from but I tried quite a few and mess with the configuration. Then it finally work. Hopefully this will help you
You should not use Google dns and open DNS because you will be leaking DNS to google and open dns
use the default dns of your vpn provider and leave the google and open dns for local isp traffic providing you use policy rules.
 

Carlos De sedas

New Around Here
Hi... I'd like to try and revive this too... this is an old thread... I have an Asus RT-AC88U with Merlin's 380.67 and after trying to set up TigerVPN as described above I get the following error:

Jul 31 10:38:51 rc_service: httpds 552:notify_rc start_vpnclient2
Jul 31 10:38:53 openvpn[26752]: Options error: Unrecognized option or missing or extra parameter(s) in config.ovpn:24: ---BEGIN (2.4.3)
Jul 31 10:38:53 openvpn[26752]: Use --help for more information.

I have used the exact parameters as described above.... I have no clue on what to do now... help is appreciated!

Thanks
 

RMerlin

Asuswrt-Merlin dev
You seem to have pasted a certificate in the middle of your config file, which isn't correct. We'd need to see your config file to understand what you did.
 

Carlos De sedas

New Around Here
You seem to have pasted a certificate in the middle of your config file, which isn't correct. We'd need to see your config file to understand what you did.

Thank you very much!!! exactly, I was using some other instructions on how to do this and I had placed the certificate in the wrong section... I placed it where you told me and it works now, using the instructions above in the second post...

Hats off!! Thanks again,

Carlos
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top