Ar750s 3.100 openvpn failed load ovpn

Hello to all,

I would like to ask if anyone else is having a similar issue with their ar750s-ext when trying to load an .ovpn file?
I did do the update out of the box to openwrt-ar750s-3.100

I am trying to load the ovpn file via the GL.iNet GUI and I get the message failed; nothing more.
Tried to find any logs regarding this error but doesn’t showing up anything.

I would appreciate any help on this issue.

Here is the ovpn config that I am trying to load:

persist-tun
persist-key
cipher AES-256-CBC
ncp-ciphers AES-256-GCM:AES-128-GCM
auth SHA256
tls-client
client
remote xxxx1.com
remote xxxx2.com
remote xxxx3.com
auth-user-pass
remote-cert-tls server
<ca>
-----BEGIN CERTIFICATE-----
XXXXXXXXXXXXXXXXXXXXXXX
-----END CERTIFICATE-----
</ca>
setenv CLIENT_CERT 0
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
XXXXXXXXXXXXXXXXXXXXXXXXXXX
-----END OpenVPN Static key V1-----
</tls-auth>
key-direction 1

Firmware:
OpenWrt 18.06.1 r7258-5eb055306f / LuCI openwrt-18.06 branch (git-18.196.56128-9112198)
Kernel:
4.9.120

Thank you!

Can you have log message?

I don’t know if I can. I tried to find them but on the system log section doesn’t show up anything.
Do you know if they are somewhere else or in a specific folder which I can find them?
I can try to connect via ssh also do debugging but I need the command to activate it.

You can get the system log from Luci. http://192.168.8.1/cgi-bin/luci/admin/status/syslog

Yeah I was looking at this also but didnt see something written here.

There you go
https://pastebin.com/SNA1ka7C

The log does not show anything about openvpn.

Let’s come back to your original message: do you mean that you want to upload the file to the router and you cannot upload? We thought that you cannot connect.

If you cannot upload, maybe it is because your antivirus software, mostly bitdefender.

Check out this post Openvpn config upload nothing happen workaround

No I never said I couldn’t connect to the router.
I can not upload the ovpn file to the router.

I have eset and its not what is blocking it; I tried also from my smartphone and still getting the failed message.

Have you tried the oven file with a different client? The times my upload failed it was because of incorrect or incompatible options.

yes the same file I use it on laptop, android, iphone and ipad

Can you give the detailed error with a screenshot?

What is the error in deed?

I think its a very nice simple messaged

failed1920×979 67.7 KB

your vpn is invalid, no certificate keys (empty).

He removed them before pasting the config here. You should never put your certificates or keys online, unless they are just a test and self signed.

Don`t you have cert and key in this config as I only see the ca and the tls in your config.

No. There are 2 main ways to set up OpenVPN. The usual Certificates + Keys, or using a Pre-Shared Static Key.
He is using the second, so you only need a key file to connect. It is simpler, but the key must be transfered via a USB stick or some other secure protocol.

You can read here:

On the other hand, it seems like the OP does not understand how that works, and should follow the guide i linked for a proper configuration. He has mixed both methods into one.

Maybe that confused me and the fact that I only used Certificates and Keys so far. Thanks for clarifying.

The router cannot find any valid config in your uploading.

Can you tell me what did you upload? A Zip? What is inside? Especially the file names.

If still cannot tell you may need to send me the zip to check directly.

@ Johnex
I will check it in the evening.
As I said before I use the same file on 4+devices (android, iPhone, iPad, windows) and don’t have any issue.
Maybe the devs can add more information for the error that occurs or/and have a debug feature on the admin portal.

I lost you on the last part that I mixed up the two methods.
Actually this .ovpn file is automatically generated from openvpn-client-export on a pfsense fw.

I tried also on firmware version 3.025 but again it failed.

The opvn file uploader in the GL UI is pretty strict, it was made to support most of the popular VPN services and configurations. If it finds conflicting “features”, it will not upload anything as it does not know what to do, but it will still work in openvpn when loading the config.

So either you can try to find what line in the ovpn file is causing the upload to fail, or you can load the config manually via SSH to openvpn You can also use the OpenVPN UI inside Luci (Advanced menu) after installing the luci-app-openvpn package.