OpenVPN does not want to connect

I am using OpenVPN with ProtonVPN profile.

Here are the settings for the profile. The CA and the Key are uploaded (taken from the protonvpn opvn file.

config openvpn 'protonvpn_bg'
	option dev 'tun'
	option ifconfig '10.0.0.2 10.0.0.1'
	option secret 'shared-secret.key'
	option nobind '1'
	option verb '3'
	option proto 'udp'
	list remote 'bg.protonvpn.com'
	option ca '/etc/luci-uploads/cbid.openvpn.protonvpn_bg.ca'
	option port '1194, 80, 443, 4569, 5060'
	option client '1'
	option key_direction '1'
	option persist_tun '1'
	option persist_key '1'
	option tun_mtu '1500'
	option tun_mtu_extra '32'
	option fast_io '1'
	option remote_random '1'
	option resolv_retry 'infinite'
	option auth 'SHA512'
	option cipher 'AES-256-CBC'
	option reneg_sec '0'
	option remote_cert_tls 'server'
	option tls_auth '/etc/openvpn/tls-auth.key'
	option pull '1'
	option comp_lzo 'yes'
	option mssfix '1450'
	option enabled '1'
	option auth_user_pass '/etc/openvpn/pass.txt'

and this the Original protonVPN opvn without the CA and Key parts

client
dev tun
proto udp

remote bg.protonvpn.com 80
remote bg.protonvpn.com 443
remote bg.protonvpn.com 4569
remote bg.protonvpn.com 1194
remote bg.protonvpn.com 5060

remote-random
resolv-retry infinite
nobind
cipher AES-256-CBC
auth SHA512
compress
verb 3

tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun

reneg-sec 0

remote-cert-tls server
auth-user-pass
pull
fast-io

key-direction 1

Firewall Rule from /etc/config/firewall

config zone
	option name 'protonvpn'
	option forward 'REJECT'
	option output 'ACCEPT'
	option network 'ProtonVPN'
	option input 'REJECT'
	option masq '1'
	option mtu_fix '1'

config forwarding
	option dest 'protonvpn'
	option src 'lan'

and Interfrance from etc/config/network

config interface 'ProtonVPN'
	option proto 'none'
	option ifname 'tun0'

OpenVPN

When I click on "Start". Nothing happens. Also no system log entries are there related to the VPN.

What is the problem?

This looks incorrect.
Better use the OVPN format configuration to avoid issues.

Alright. I edit it. I also edit the file /tmp/etc.
It has started now, but why my WAN IP still hasn't changed?
Using online IP checkers still report my original IP

Add to the client configuration:

redirect-gateway def1 ipv6

ipv6? I don't have ipv6 enabled at all.
Additionally, I assume this is an openvpn commnad?

regarding the OVPN format configuration, I wish there was a way to import the opvn file directly instead of manual configuration

But the VPN provider may have it.
Although, you can ignore it.

This is a client profile option.

It should be possible with OpenWrt 19.07 / Snapshot.
At the same time, nothing prevents you from using scp.

I added the command using push in the config file...But still nothing
I was using WinSCP all the time :sweat_smile:

Where shall I place this command specifically?!

Should I have client.conf and server.conf? I am confused now

(moved to Network and Wireless Configuration)

Before 2.4 there used to be a float option for VPN client config which when present would make client randomly pick one of the remotes. Maybe it's still there or maybe it's just called differently now.

Then you should post the connection log.

Perhaps you should start from scratch:
https://openwrt.org/docs/guide-user/services/vpn/openvpn/client

1 Like

Got It finally working. The problem was with the Authentication with the Proton Servers. The OVPN credentials are different than that of the Proton's login credentials.
It connects now!

Thanks for all the help!

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.