OpenVPN client settings for iPredator VPN

[bighornram]

After trial and error these settings worked for me using ASUS-merlin build (also Tomato). Hope this saves someone some time...

Basic Settings:
Start with WAN: optional
Interface Type: TUN
Protocol: UDP
Server Address and Port: pw.openvpn.ipredator.se Port:1194
Firewall: Automatic
Authorization Mode: TLS
Username/Password Authentication: Yes
Username: "username"
Password: "password"
Username Auth. Only: No
Extra HMAC authorization: Bi-directional
Create NAT on tunnel: Yes

Advanced Settings:
Poll Interval: 0
Redirect Internet traffic: Yes
Accept DNS Configuration: Disabled
Encryption cipher: AES-256-CBC
Compression: Adaptive
TLS Renegotiation Time: -1
Connection Retry: 30
Verify Server Certificate: No
Custom Configuration:
--------------------------
client
;dev tun0
proto udp
remote pw.openvpn.ipredator.se 1194
resolv-retry infinite
nobind
tls-client
ns-cert-type server
keepalive 10 30
cipher AES-256-CBC
tls-cipher TLSv1:!ADH:!SSLv2:!NULL:!EXPORT:!DES:!LOW:!MEDIUMSTRENGTH
persist-key
persist-tun
comp-lzo
tun-mtu 1500
mssfix
passtos
verb 3
-----------------------------
OpenVPN Keys:
Select OpenVPN instance to edit: Client 1
Static Key:
-----BEGIN OpenVPN Static key V1-----
03f7b2056b9dc67aa79c59852cb6b35a
a3a15c0ca685ca76890bbb169e298837
2bdc904116f5b66d8f7b3ea6a5ff05cb
fc4f4889d702d394710e48164b28094f
a0e1c7888d471da39918d747ca4bbc2f
285f676763b5b8bee9bc08e4b5a69315
d2ff6b9f4b38e6e2e8bcd05c8ac33c5c
56c4c44dbca35041b67e2374788f8977
7ad4ab8e06cd59e7164200dfbadb942a
351a4171ab212c23bee1920120f81205
efabaa5e34619f13adbe58b6c83536d3
0d34e6466feabdd0e63b39ad9bb1116b
37fafb95759ab9a15572842f70e7cba9
69700972a01b21229eba487745c091dd
5cd6d77bdc7a54a756ffe440789fd39e
97aa9abe2749732b7262f82e4097bee3
-----END OpenVPN Static key V1-----

Certificate Authority:
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIJAKee4ZMMpvhzMA0GCSqGSIb3DQEBBQUAMIG9MQswCQYD
VQQGEwJTRTESMBAGA1UECBMJQnJ5Z2dsYW5kMQ8wDQYDVQQHEwZPZWxkYWwxJDAi
BgNVBAoTG1JveWFsIFN3ZWRpc2ggQmVlciBTcXVhZHJvbjESMBAGA1UECxMJSW50
ZXJuZXR6MScwJQYDVQQDEx5Sb3lhbCBTd2VkaXNoIEJlZXIgU3F1YWRyb24gQ0Ex
JjAkBgkqhkiG9w0BCQEWF2hvc3RtYXN0ZXJAaXByZWRhdG9yLnNlMB4XDTEyMDgw
NDIxMTAyNVoXDTIyMDgwMjIxMTAyNVowgb0xCzAJBgNVBAYTAlNFMRIwEAYDVQQI
EwlCcnlnZ2xhbmQxDzANBgNVBAcTBk9lbGRhbDEkMCIGA1UEChMbUm95YWwgU3dl
ZGlzaCBCZWVyIFNxdWFkcm9uMRIwEAYDVQQLEwlJbnRlcm5ldHoxJzAlBgNVBAMT
HlJveWFsIFN3ZWRpc2ggQmVlciBTcXVhZHJvbiBDQTEmMCQGCSqGSIb3DQEJARYX
aG9zdG1hc3RlckBpcHJlZGF0b3Iuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQCp5M22fZtwtIh6Mu9IwC3N2tEFqyNTEP1YyXasjf+7VNISqSpFy+tf
DsHAkiE9Wbv8KFM9bOoVK1JjdDsetxArm/RNsUWm/SNyVbmY+5ezX/n95S7gQdMi
bA74/ID2+KsCXUY+HNNUQqFpyK67S09A6r0ZwPNUDbLgGnmCZRMDBPCHCbiK6e68
d75v6f/0nY4AyAAAyqwAELIAn6sy4rzoPbalxcO33eW0fUG/ir41qqo8BQrWKyEd
Q9gy8tGEqbLQ+B30bhIvBh10YtWq6fgFZJzWP6K8bBJGRvioFOyQHCaVH98UjwOm
/AqMTg7LwNrpRJGcKLHzUf3gNSHQGHfzAgMBAAGjggEmMIIBIjAdBgNVHQ4EFgQU
pRqJxaYdvv3XGEECUqj7DJJ8ptswgfIGA1UdIwSB6jCB54AUpRqJxaYdvv3XGEEC
Uqj7DJJ8ptuhgcOkgcAwgb0xCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlCcnlnZ2xh
bmQxDzANBgNVBAcTBk9lbGRhbDEkMCIGA1UEChMbUm95YWwgU3dlZGlzaCBCZWVy
IFNxdWFkcm9uMRIwEAYDVQQLEwlJbnRlcm5ldHoxJzAlBgNVBAMTHlJveWFsIFN3
ZWRpc2ggQmVlciBTcXVhZHJvbiBDQTEmMCQGCSqGSIb3DQEJARYXaG9zdG1hc3Rl
ckBpcHJlZGF0b3Iuc2WCCQCnnuGTDKb4czAMBgNVHRMEBTADAQH/MA0GCSqGSIb3
DQEBBQUAA4IBAQB8nxZJaTvMMoSG47jD2w31zt9o6nSx8XJKop/0rMMHKBe1QBUw
/n3clGwYxBW8mTnrXHhmJkwJzA0Vh525+dkF28E0I+DSigKUXEewIZtKjADYSxaG
M+4272enbJ86JeXUhN8oF9TT+LKgMBgtt9yX5o63Ek6QOKwovH5kemDOVJmwae9p
tXQEWfCPDFMc7VfSxS4BDBVinRWeMWZs+2AWeWu2CMsjcx7+B+kPbBCzfANanFDD
CZEQON4pEpfK2XErhOudKEJGCl7psH+9Ex//pqsUS43nVN/4sqydiwbi+wQuUI3P
BYtvqPnWdjIdf2ayAQQCWliAx9+P03vbef6y
-----END CERTIFICATE-----

 

[iPredVPNuser]

This setup is not working for me...
I took the ----- out of the custom script and show as connected, BitTorrent traffic travels through fine (I think) but browsing gives errors saying it can not find the server/site.

 

[bighornram]

I tested my setup again. Seems to be working fine. These are my screenshots of the settings pages and a screenshot indicating my external IP.

Hope this helps.

 

[iPredVPNuser]

I tested my setup again. Seems to be working fine. These are my screenshots of the settings pages and a screenshot indicating my external IP.

Hope this helps.

Thanks for the reply. I actually have this router running behind my Modem & Router combo from my ISP which is probably the issue. I have ordered just the modem from my ISP and it should be here in approx 1 week. I'll try the setup again then.

Thanks for all your help brother

 

[iPredVPNuser]

Create NAT on tunnel
(Router must be configured manually)

What does this mean??? Also what does start with WAN mean? I can get it to load pages when I have start with WAN enabled but it's showing my real IP then which is not good

It's STILL not working for me brother

 

[iPredVPNuser]

Mar 2 20:49:02 notify_rc : start_vpnclient1
Mar 2 20:49:02 kernel: tun: Universal TUN/TAP device driver, 1.6
Mar 2 20:49:02 kernel: tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
Mar 2 20:49:02 openvpn[1675]: OpenVPN 2.3.0 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Feb 13 2013
Mar 2 20:49:02 openvpn[1675]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mar 2 20:49:02 openvpn[1675]: Control Channel Authentication: using 'static.key' as a OpenVPN static key file
Mar 2 20:49:02 openvpn[1675]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 2 20:49:02 openvpn[1675]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 2 20:49:02 openvpn[1675]: Socket Buffers: R=[114688->131072] S=[114688->131072]
Mar 2 20:49:02 openvpn[1686]: UDPv4 link local: [undef]
Mar 2 20:49:02 openvpn[1686]: UDPv4 link remote: [AF_INET]93.182.185.2:1194
Mar 2 20:49:02 openvpn[1686]: TLS: Initial packet from [AF_INET]93.182.185.2:1194, sid=f59b2e9f f019fcbd
Mar 2 20:49:02 openvpn[1686]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mar 2 20:49:03 openvpn[1686]: VERIFY OK: depth=1, C=SE, ST=Bryggland, L=Oeldal, O=Royal Swedish Beer Squadron, OU=Internetz, CN=Royal Swedish Beer Squadron CA, emailAddress=hostmaster@ipredator.se
Mar 2 20:49:03 openvpn[1686]: VERIFY OK: nsCertType=SERVER
Mar 2 20:49:03 openvpn[1686]: VERIFY OK: depth=0, C=SE, ST=Bryggland, L=Oeldal, O=Royal Swedish Beer Squadron, OU=Internetz, CN=pw.openvpn.ipredator.se, emailAddress=hostmaster@ipredator.se
Mar 2 20:49:05 openvpn[1686]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mar 2 20:49:05 openvpn[1686]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 2 20:49:05 openvpn[1686]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mar 2 20:49:05 openvpn[1686]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 2 20:49:05 openvpn[1686]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Mar 2 20:49:05 openvpn[1686]: [pw.openvpn.ipredator.se] Peer Connection Initiated with [AF_INET]93.182.185.2:1194
Mar 2 20:49:07 openvpn[1686]: SENT CONTROL [pw.openvpn.ipredator.se]: 'PUSH_REQUEST' (status=1)
Mar 2 20:49:07 openvpn[1686]: PUSH: Received control message: 'PUSH_REPLY,route 93.182.185.2 255.255.255.255 net_gateway,route-gateway 93.182.185.1,redirect-gateway def1,topology subnet,dhcp-option DOMAIN ipredator.se,dhcp-option DNS 93.182.132.32,dhcp-option DNS 93.182.182.93,ip-win32 dynamic,ping 10,ping-restart 60,ifconfig 93.182.185.90 255.255.255.128'
Mar 2 20:49:07 openvpn[1686]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:8: ip-win32 (2.3.0)
Mar 2 20:49:07 openvpn[1686]: OPTIONS IMPORT: timers and/or timeouts modified
Mar 2 20:49:07 openvpn[1686]: OPTIONS IMPORT: --ifconfig/up options modified
Mar 2 20:49:07 openvpn[1686]: OPTIONS IMPORT: route options modified
Mar 2 20:49:07 openvpn[1686]: OPTIONS IMPORT: route-related options modified
Mar 2 20:49:07 openvpn[1686]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mar 2 20:49:07 openvpn[1686]: WARNING: potential conflict between --remote address [93.182.185.2] and --ifconfig address pair [93.182.185.90, 255.255.255.128] -- this is a warning only that is triggered when local/remote addresses exist within the same /24 subnet as --ifconfig endpoints. (silence this warning with --ifconfig-nowarn)
Mar 2 20:49:07 openvpn[1686]: TUN/TAP device tun11 opened
Mar 2 20:49:07 openvpn[1686]: TUN/TAP TX queue length set to 100
Mar 2 20:49:07 openvpn[1686]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mar 2 20:49:07 openvpn[1686]: /sbin/route add -net 93.182.185.2 netmask 255.255.255.255 gw MY IP
Mar 2 20:49:07 openvpn[1686]: /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 93.182.185.1
Mar 2 20:49:07 openvpn[1686]: /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 93.182.185.1
Mar 2 20:49:07 openvpn[1686]: /sbin/route add -net 93.182.185.2 netmask 255.255.255.255 gw MY IP
Mar 2 20:49:07 openvpn[1686]: ERROR: Linux route add command failed: external program exited with error status: 1
Mar 2 20:49:07 openvpn[1686]: Initialization Sequence Completed

 

[iPredVPNuser]

Just got this now:

Mar 2 20:53:08 openvpn[1747]: SENT CONTROL [pw.openvpn.ipredator.se]: 'PUSH_REQUEST' (status=1)
Mar 2 20:53:08 openvpn[1747]: AUTH: Received control message: AUTH_FAILED
Mar 2 20:53:08 openvpn[1747]: SIGTERM[soft,auth-failure] received, process exiting

 

[iPredVPNuser]

bump...any help?

 

[iPredVPNuser]

disregard I got it working and am going to make a new thread