Hi there,
I wanted to Setup my Turris Omnia as a Client for the ProtonVPN and made a new OpenVPN Config in /etc/config/openvpn with all the Settings needed from the Original ProtonVPN Config who is working on my Desktop PC with Viscosity VPN Client.
But now when i press Start in the LUCI Panel i get an an Error in the Message Log.
Options error: No client-side authentication method is specified. You must use either --cert/--key, --pkcs12, or --auth-user-pass
But i have auth-user-pass defined in the Options with the userpass.txt… does anyone have a Idea what i have done wrong?
Thanks for your Help.
Original Config
client
dev tun
proto udp
remote ch.protonvpn.com 1194
remote-random
resolv-retry infinite
nobind
cipher AES-256-CBC
auth SHA512
comp-lzo
verb 3
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping 15
ping-restart 0
ping-timer-rem
reneg-sec 0
remote-cert-tls server
auth_user_pass /etc/openvpn/userpass.txt
pull
fast-io
<ca>
-----BEGIN CERTIFICATE-----
MIIFozCCA4ugAwIBAgIBATANBgkqhkiG9w0BAQ0FADBAMQswCQYDVQQGEwJDSDEV
MBMGA1UEChMMUHJvdG9uVlBOIEFHMRowGAYDVQQDExFQcm90b25WUE4gUm9vdCBD
QTAeFw0xNzAyMTUxNDM4MDBaFw0yNzAyMTUxNDM4MDBaMEAxCzAJBgNVBAYTAkNI
MRUwEwYDVQQKEwxQcm90b25WUE4gQUcxGjAYBgNVBAMTEVByb3RvblZQTiBSb290
IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAt+BsSsZg7+AuqTq7
vDbPzfygtl9f8fLJqO4amsyOXlI7pquL5IsEZhpWyJIIvYybqS4s1/T7BbvHPLVE
wlrq8A5DBIXcfuXrBbKoYkmpICGc2u1KYVGOZ9A+PH9z4Tr6OXFfXRnsbZToie8t
2Xjv/dZDdUDAqeW89I/mXg3k5x08m2nfGCQDm4gCanN1r5MT7ge56z0MkY3FFGCO
qRwspIEUzu1ZqGSTkG1eQiOYIrdOF5cc7n2APyvBIcfvp/W3cpTOEmEBJ7/14RnX
nHo0fcx61Inx/6ZxzKkW8BMdGGQF3tF6u2M0FjVN0lLH9S0ul1TgoOS56yEJ34hr
JSRTqHuar3t/xdCbKFZjyXFZFNsXVvgJu34CNLrHHTGJj9jiUfFnxWQYMo9UNUd4
a3PPG1HnbG7LAjlvj5JlJ5aqO5gshdnqb9uIQeR2CdzcCJgklwRGCyDT1pm7eoiv
WV19YBd81vKulLzgPavu3kRRe83yl29It2hwQ9FMs5w6ZV/X6ciTKo3etkX9nBD9
ZzJPsGQsBUy7CzO1jK4W01+u3ItmQS+1s4xtcFxdFY8o/q1zoqBlxpe5MQIWN6Qa
lryiET74gMHE/S5WrPlsq/gehxsdgc6GDUXG4dk8vn6OUMa6wb5wRO3VXGEc67IY
m4mDFTYiPvLaFOxtndlUWuCruKcCAwEAAaOBpzCBpDAMBgNVHRMEBTADAQH/MB0G
A1UdDgQWBBSDkIaYhLVZTwyLNTetNB2qV0gkVDBoBgNVHSMEYTBfgBSDkIaYhLVZ
TwyLNTetNB2qV0gkVKFEpEIwQDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFByb3Rv
blZQTiBBRzEaMBgGA1UEAxMRUHJvdG9uVlBOIFJvb3QgQ0GCAQEwCwYDVR0PBAQD
AgEGMA0GCSqGSIb3DQEBDQUAA4ICAQCYr7LpvnfZXBCxVIVc2ea1fjxQ6vkTj0zM
htFs3qfeXpMRf+g1NAh4vv1UIwLsczilMt87SjpJ25pZPyS3O+/VlI9ceZMvtGXd
MGfXhTDp//zRoL1cbzSHee9tQlmEm1tKFxB0wfWd/inGRjZxpJCTQh8oc7CTziHZ
ufS+Jkfpc4Rasr31fl7mHhJahF1j/ka/OOWmFbiHBNjzmNWPQInJm+0ygFqij5qs
51OEvubR8yh5Mdq4TNuWhFuTxpqoJ87VKaSOx/Aefca44Etwcj4gHb7LThidw/ky
zysZiWjyrbfX/31RX7QanKiMk2RDtgZaWi/lMfsl5O+6E2lJ1vo4xv9pW8225B5X
eAeXHCfjV/vrrCFqeCprNF6a3Tn/LX6VNy3jbeC+167QagBOaoDA01XPOx7Odhsb
Gd7cJ5VkgyycZgLnT9zrChgwjx59JQosFEG1DsaAgHfpEl/N3YPJh68N7fwN41Cj
zsk39v6iZdfuet/sP7oiP5/gLmA/CIPNhdIYxaojbLjFPkftVjVPn49RqwqzJJPR
N8BOyb94yhQ7KO4F3IcLT/y/dsWitY0ZH4lCnAVV/v2YjWAWS3OWyC8BFx/Jmc3W
DK/yPwECUcPgHIeXiRjHnJt0Zcm23O2Q3RphpU+1SO3XixsXpOVOYP6rJIXW9bMZ
A1gTTlpi7A==
-----END CERTIFICATE-----
</ca>
key-direction 1
<tls-auth>
# 2048 bit OpenVPN static key
-----BEGIN OpenVPN Static key V1-----
6acef03f62675b4b1bbd03e53b187727
423cea742242106cb2916a8a4c829756
3d22c7e5cef430b1103c6f66eb1fc5b3
75a672f158e2e2e936c3faa48b035a6d
e17beaac23b5f03b10b868d53d03521d
8ba115059da777a60cbfd7b2c9c57472
78a15b8f6e68a3ef7fd583ec9f398c8b
d4735dab40cbd1e3c62a822e97489186
c30a0b48c7c38ea32ceb056d3fa5a710
e10ccc7a0ddb363b08c3d2777a3395e1
0c0b6080f56309192ab5aacd4b45f55d
a61fc77af39bd81a19218a79762c3386
2df55785075f37d8c71dc8a42097ee43
344739a0dd48d03025b0450cf1fb5e8c
aeb893d9a96d1f15519bb3c4dcb40ee3
16672ea16c012664f8a9f11255518deb
-----END OpenVPN Static key V1-----
</tls-auth>
/etc/config/openvpn
config openvpn 'protonvpn'
option enabled '1'
option auth_user_pass '/etc/openvpn/userpass.txt'
option client '1'
option proto 'udp'
option resolv_retry 'infinite'
option nobind '1'
option cipher 'AES-256-CBC'
option auth 'SHA512'
option comp_lzo 'yes'
option verb '3'
option tun_mtu '1500'
option tun_mtu_extra '32'
option ping '15'
option ping_restart '0'
option ping_timer_rem '1'
option reneg_sec '0'
option port '1194'
option pull '1'
option fast_io '1'
option ca '/etc/openvpn/ca.crt'
option tls_auth '/etc/openvpn/tlsauth.key'
list remote 'ch.protonvpn.com'
option remote_cert_tls 'server'
option remote_random '1'
option dev 'tun0'
option mssfix '1450'
option persist_key '1'
option persist_tun '1'
/var/log/messages
2017-07-22T19:02:56+02:00 err openvpn(protonvpn)[25087]: Options error: No client-side authentication method is specified. You must use either --cert/--key, --pkcs12, or --auth-user-pass
2017-07-22T19:02:56+02:00 warning openvpn(protonvpn)[25087]: Use --help for more information.
2017-07-22T19:02:56+02:00 notice openvpn(protonvpn)[25086]: OpenVPN 2.4.3 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2017-07-22T19:02:56+02:00 notice openvpn(protonvpn)[25086]: library versions: OpenSSL 1.0.2k 26 Jan 2017, LZO 2.08
2017-07-22T19:02:56+02:00 warning openvpn(protonvpn)[25086]: WARNING: --ping should normally be used with --ping-restart or --ping-exit
2017-07-22T19:02:56+02:00 notice openvpn(protonvpn)[25086]: Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2017-07-22T19:02:56+02:00 notice openvpn(protonvpn)[25086]: Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2017-07-22T19:02:56+02:00 notice openvpn(protonvpn)[25086]: TCP/UDP: Preserving recently used remote address: [AF_INET]185.159.157.8:1194
2017-07-22T19:02:56+02:00 notice openvpn(protonvpn)[25086]: Socket Buffers: R=[163840->163840] S=[163840->163840]
2017-07-22T19:02:56+02:00 notice openvpn(protonvpn)[25086]: UDP link local: (not bound)
2017-07-22T19:02:56+02:00 notice openvpn(protonvpn)[25086]: UDP link remote: [AF_INET]185.159.157.8:1194