Have you tried the oven file with a different client? The times my upload failed it was because of incorrect or incompatible options.
yes the same file I use it on laptop, android, iphone and ipad 
Can you give the detailed error with a screenshot?
What is the error in deed?
your vpn is invalid, no certificate keys (empty).
He removed them before pasting the config here. You should never put your certificates or keys online, unless they are just a test and self signed.
Don`t you have cert and key in this config as I only see the ca and the tls in your config.
No. There are 2 main ways to set up OpenVPN. The usual Certificates + Keys, or using a Pre-Shared Static Key.
He is using the second, so you only need a key file to connect. It is simpler, but the key must be transfered via a USB stick or some other secure protocol.
You can read here:
On the other hand, it seems like the OP does not understand how that works, and should follow the guide i linked for a proper configuration. He has mixed both methods into one.
1 Like
Maybe that confused me and the fact that I only used Certificates and Keys so far. Thanks for clarifying.
The router cannot find any valid config in your uploading.
Can you tell me what did you upload? A Zip? What is inside? Especially the file names.
If still cannot tell you may need to send me the zip to check directly.
@ Johnex
I will check it in the evening.
As I said before I use the same file on 4+devices (android, iPhone, iPad, windows) and donāt have any issue.
Maybe the devs can add more information for the error that occurs or/and have a debug feature on the admin portal.
I lost you on the last part that I mixed up the two methods.
Actually this .ovpn file is automatically generated from openvpn-client-export on a pfsense fw.
I tried also on firmware version 3.025 but again it failed.
The opvn file uploader in the GL UI is pretty strict, it was made to support most of the popular VPN services and configurations. If it finds conflicting āfeaturesā, it will not upload anything as it does not know what to do, but it will still work in openvpn when loading the config.
So either you can try to find what line in the ovpn file is causing the upload to fail, or you can load the config manually via SSH to openvpn 
You can also use the OpenVPN UI inside Luci (Advanced menu) after installing the luci-app-openvpn package.
2 Likes
@alzhao Its a ovpn file. What is inside is what I pasted on the original post.
@Johnex Thank man for the help! Unfortunately I tried to go with the openvpn UI inside the luci advance portal and got to another issue
ar750s-broken-after-openwrt-upgrade
I was checking also via ssh to the folders of the router if there is somewhere a .config/.ovpn to manually load mine but didnāt find something at that time.
@Johnex you saved the day on the other thread literally I did the same this multiple time.
anyhow
root@R2-D2:/# find . -name openvpn
./etc/config/openvpn
./etc/init.d/openvpn
./etc/openvpn
./lib/upgrade/keep.d/openvpn
./overlay/upper/etc/openvpn
./overlay/upper/etc/config/openvpn
./overlay/upper/usr/lib/lua/luci/view/openvpn
./rom/etc/config/openvpn
./rom/etc/init.d/openvpn
./rom/etc/openvpn
./rom/lib/upgrade/keep.d/openvpn
./rom/usr/sbin/openvpn
./rom/usr/share/openvpn
./usr/lib/lua/luci/view/openvpn
./usr/sbin/openvpn
./usr/share/openvpn
I uploaded to etc/openvpn the .ovpn file and created also a copy as .config
then I edited the /etc/config/openvpn to match the example it had as ācustom_configā
root@R2-D2:/# cat ./etc/config/openvpn
package openvpn#################################################
Sample to include a custom config file.
#################################################
config openvpn custom_config
# Set to 1 to enable this instance: option enabled 0 # Include OpenVPN configuration option config /etc/openvpn/my-vpn.confconfig openvpn myovpntest
# Set to 1 to enable this instance: option enabled 0 # Include OpenVPN configuration option config /etc/openvpn/myovpntest.conf
and rebooted the router.
Unfortunately nothing. Any guidance on this?
Give this a try? I havenāt tested it since i usually only use the Cert+Key ādefaultā way of VPNing:
Just to add, why are you not using Wireguard? OpenVPN is old, slow. You will get better performance on your AR750s, 80mbit+ vs 20mbit on OpenVPN.
hooray!
managed to load the 19.07 version and indeed the ovpn options is available there.
Also managed to load the ovpn file (sidenote the instance name does NOT have to contain any dots)
Tried to start it and now:
Sat Feb 15 15:55:26 2020 daemon.err uhttpd[1288]: sh: /etc/init.d/openvpn: not found
heheā¦I have to find also the way to activate the luci back since this is a clear openwrt installation.
I am not using wireguard because I read some articles that is still in the beta phase and not fully approved yet. Yes its faster and way easier to implement but not yet fully ready apparently.
Edit:
For the issue above āsh: /etc/init.d/openvpn: not foundā I needed to install openvpn-openssl
I realized that the luci I was referring to is not actually the GUI of glinet which I had before and thought that this was it.
Do we know if I can add this again on-top of the new firmware?
Because now the 192.168.8.1 url its blank.
I would recommend you go back to the GL firmware, latest testing version, openwrt-ar750s-3.101-0212.img, from here:
https://dl.gl-inet.com/firmware/ar750s/testing/
The img file is used in uBoot, the tar file is used in the GL UI upgrade page.
You can access Luci from the GL UI menu, More Settings ā Advanced.
I still recommend you switch to wireguard for all your devices, but do what you did again using the GL firmware.
So to give an update here:
I tried the testing version 3.101 and I had issues with the internet. The connections was unstable and was dropping multiple times. I had to relogin/auth to the wifi of the hotel more than 4 times in the time window of 30 mins. Anyway; I did go back to 3.100 to be stable.
Now the SOLUTION:
persist-tun
persist-key
cipher AES-256-CBC
ncp-ciphers AES-256-GCM:AES-128-GCM
auth SHA256
tls-client
client
remote xxxx1.com
remote xxxx2.com
remote xxxx3.com
auth-user-pass
dev tun0 <======================================
remote-cert-tls server
<ca>
-----BEGIN CERTIFICATE-----
XXXXXXXXXXXXXXXXXXXXXXX
-----END CERTIFICATE-----
</ca>
setenv CLIENT_CERT 0
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
XXXXXXXXXXXXXXXXXXXXXXXXXXX
-----END OpenVPN Static key V1-----
</tls-auth>
key-direction 1
From the original config what was missing causing the failed message was actually one line.
ādev tun0ā
I was able to find this when I was troubleshooting on the 19.07 openwrt version and I was seeing the error messages on the system logs.
Maybe the developers can add a debug window that shows all the error messages and not just āfailedā
Thank you everyone for your help!