What's new
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

setting up opnvpn issue

unknownflip

Occasional Visitor
Hey everyone,

I was setting up openvpn using the howtogeek guide and when i got to the step of copying and pasting the ca.crt, server.crt, server.key, and dh1024.pem into the asus openvpn keys tab i hit apply and then it just gets stuck on "proceeding" for a good 30 mins and never goes back to my router homepage. I was forced to pull the plug on the router and plug it back in and when i went to check the keys, it never saved. i tried twice, i don't know if i'm doing anything wrong and any help would be greatly appreciated. i'm using FW 3.0.0.4.372.31.
 
Hey everyone,

I was setting up openvpn using the howtogeek guide and when i got to the step of copying and pasting the ca.crt, server.crt, server.key, and dh1024.pem into the asus openvpn keys tab i hit apply and then it just gets stuck on "proceeding" for a good 30 mins and never goes back to my router homepage. I was forced to pull the plug on the router and plug it back in and when i went to check the keys, it never saved. i tried twice, i don't know if i'm doing anything wrong and any help would be greatly appreciated. i'm using FW 3.0.0.4.372.31.

Check the System Log for any error message.

I don't have any problem here going to that page and hitting Apply to re-save the current settings, but I will try doing it from the beginning with whole new keys as you're the second person to have the router get stuck there.
 
I tried to reproduce the issue, and it's working fine for me. I generated a new series of certificate and keys using EasyRSA on the router, pasted them in a server instance, and they applied fine.

Can you Email me the certificate and keys you tried to paste, in case it could be an issue that only occurs on some specific key/certificates?

Also, what browser are you using? I tested both Chrome and IE10 here without any problem.

Are your keys using 1024 bits?
 
Hey everyone,

I was setting up openvpn using the howtogeek guide and when i got to the step of copying and pasting the ca.crt, server.crt, server.key, and dh1024.pem into the asus openvpn keys tab i hit apply and then it just gets stuck on "proceeding" for a good 30 mins and never goes back to my router homepage. I was forced to pull the plug on the router and plug it back in and when i went to check the keys, it never saved. i tried twice, i don't know if i'm doing anything wrong and any help would be greatly appreciated. i'm using FW 3.0.0.4.372.31.

I encountered this before. What I did wrongly was to copy everything inside the cert to the router.
When I copied only the portion as following, it worked fine. This applied for all 3 certs.

-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
 
I had the same problem, in 270.26b I could paste everything but in the latest release it would only accept as suggested above otherwise it just sat there 'processing' for ever.

steve
 
Last edited:
Thank you so much for all the help guys i greatly appreciate it, Before i went to bed last night i uninstalled openvpn and deleted the folder from my program files and i told myself i was gonna start from scratch cause maybe i thought i did something wrong. I read you guys responses just now and i wish i didn't delete it. But when i get home tonight i'm gonna try again from step 1 and i'll let you guys know if i came across the same problem. Thank you so much for all the help
 
I encountered this before. What I did wrongly was to copy everything inside the cert to the router.
When I copied only the portion as following, it worked fine. This applied for all 3 certs.

I suspect this was the problem most people are experiencing in 372.31. In the recent FW code from Asus/Broadcom there is a fixed size for nvram variables. While I enforced it in the SSH auth key field I forgot to reduce the value on the OpenVPN key fields, allowing people to paste more than the 3000 characters that are allowed.

Since even a 2048-bit key would result in a cert that is well below that limit, I suspect that people are posting all the additional info from their crt file. I added a notice at the top of the OpenVPN key page to remind them ONLY to paste the BEGIN/END block itself.
 
Hi.

Confirm the same. It is the length of the client certificate which seems to cause the problem. Only pasting the actual certificate section, then no problem.

Oh, just joined. Want to say thanks to you RMerlin for your excellent work.

Bob
 
Alright, I was able to setup properly now thanks to everyone it definitely was the length when pasting the keys. But thank you to everyone for helping, I do have two more questions. Is it safe to keep the server on all the time? Is there any other security precautions that I should look into?

Sent from my Nexus 7 using Tapatalk 4 Beta
 
Alright, I was able to setup properly now thanks to everyone it definitely was the length when pasting the keys. But thank you to everyone for helping, I do have two more questions. Is it safe to keep the server on all the time? Is there any other security precautions that I should look into?

Sent from my Nexus 7 using Tapatalk 4 Beta

OpenVPN is a pretty safe technology. The fact it authenticates using keys makes it quite hard to brute force, unlike password-based authentication which can live and die depending on the password you chose.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Back
Top