Openvpn and ivacy configuration

I'm trying to configure openvpn and ivacy to work using their guide here but when I press start (it's enabled) nothing happens and the log file shows nothing.

config openvpn 'ivacy_uk_maidenhead'
        option dev 'tun'
        option ifconfig ''
        option secret 'shared-secret.key'
        option nobind '1'
        option comp_lzo 'yes'
        option persist_tun '1'
        option auth 'SHA1'
        option cipher 'AES-256-CBC'
        option mute_replay_warnings '1'
        option tls_client '1'
        option ca '/etc/luci-uploads/'
        option auth_nocache '1'
        option remote_cert_tls 'server'
        option key_direction '1'
        option port '53'
        option tls_auth '/etc/openvpn/tls-auth.key'
        option enabled '1'
        option log '/tmp/openvpn.log'
        option verb '11'
        option client '1'
        option proto 'udp'
        list remote ''
        option resolv_retry 'infinite'

There is nothing in your config that explains how to authenticate you. OpenWrt cannot ask for the username and password interactively, so you need to create a file with them (two lines, the first one is the username, the second one is the password), and provide a path to it via the auth-user-pass option.

It is VERY BAD manual. Everything is much simpler.

  1. See configuration guide for Linux OpenVPN:
  2. Download necessary files by link in 4 item:

After that see, e.g. my 'outdated' guide, but it is still actual:

Ivacy appears to support multiple VPN protocols. If you continue to have difficulties with OpenVPN, you can also check out Wireguard.

I have tested WireGuard with Ivacy, and must say that it is not suitable for the use with OpenWrt. This is because the key must be obtained from their web interface, and is valid for two minutes only. There is nothing in OpenWrt that automates this process.

P.S. Other than that, it works.

2 minutes? What a strange restriction.
Even wireguard on a full fledged computer wouldn’t have a method of dealing with that restriction unless they built their own app/wrapper for this purpose. That issue is purely related to the vpn and their unusual key expiration policies. But if that is what they have in place, OpenVPN is clearly the only practical option for that service.

Exactly - they want everyone to use their app, instead of configuring connections manually. I guess that this restriction is related to their IP address allocation strategy - if you do connect (manually) within two minutes, you get a public IP, and the connection works for hours, until disconnected manually. Once you disconnect, this IP becomes someone else's.

The real answer is: to start a VPN you have to
A. mark the one you want to use with a check in the "enabled" box
B. THEN click save & apply.

Simply clicking on "start" does not do it.
Ivacy is really bad about updating anything, all of their tuts are outdated, their Openvpn profiles cause non-fatal errors and warnings from being 10 years old.

But, Ivacy is cheap and serviceable. I don't know what is meant by getting the certificate every 2 minutes. The CA and Wdc are available to download with the profiles.

It works great on my Linksys EA3500 with Openwrt 22.03.

a you found a way to setup it?

what setup guide do you use?

OpenVPN is configured in standard approach. Please, write your questions here.

1 Like

There's a wiki for setting up a openvpn client..

1 Like

seems work now, I used a guide from nordvpn

1 Like

OK, it is outdated due to kill-switch implementation. But they do not want to update my guide, they also removed me as author.