ProtonVPN OpenVPN config file not working

Installing and Using OpenWrt
1

I downloaded a config file from ProtonVPN to connect to one of their servers. I tried using the config file on the OpenVPN Connect Desktop app and it worked flawlessly. However when I upload the file into OpenWrt's OpenVPN Luci-App it does not work.

I put the login credentials into two separate lines in the section below:
image
I put username on the first line, then password.

When I tick the "enable box" and hit "start" and "save and apply" nothing happens. It just remains off.

I also have another tunnel that does not require credentials, I was able to start the tunnel, but when I go into "check my IP" my IP is not hidden. Again, this tunnel also works flawlessly when i upload the config file into the OpenVPN Connect Desktop app. This is a tunnel I generated myself using an off-site TP-Link Router.

What am I doing wrong?

2

I do not have ready made instructions but besides setting up the openvpn config you als have to setup the firewall see

I do have instructions for using WireGuard with proton vpn which is simpler and much faster, see

You need the WireGuard Client setup guide better download it as github only shows the first 5 pages

1 Like
3

Oh ok I will try this out, and report back if I encounter issues. Thanks!

[UPDATE 1]
Okay, I think I was able to get a ProtonVPN OpenVPN client running on my OpenWrt router.
There were a few mistakes I made which I corrected by redoing the entire process.

A few notes:

  1. The VPN has to be started first, then after the internet fails, the 'tun0' device appears which is then placed on the wan firewall.

  2. Starting the VPN is quite janky. The only way it seems to actually start is if you checkmark the box, and then click "save and apply". The 'start' button does not seem to work very well.

I was also able to get my private off-site (TPLink-based) OpenVPN tunnel working, the issue was that I needed to replace a line that said "allddnskeysdotnet" with the actual DDNS address provided by the No-IP service.

I will now try to set up a ProtonVPN Wireguard client on my router.

After that I want to see if I can figure out how to do split-tunneling. Have you been able to do split tunneling with ProtonVPN + OpenWrt @egc ?

I gather that it involves modifying the config file in the "allowed IP's" Section? My use case, is for example if I want the smart TV to connect to one VPN but not my laptop etc.

[UPDATE 2]
I could not get ProtonVPN Wireguard to work on OpenWRT. I added the interface to the WAN firewall zone via this method (see image). Does this method not work?

image
image2028×499 59.7 KB

I also don't understand how to turn this VPN on or off. Is it just by disabling the interface?
I wish it had a nicer GUI...

4

Hello,

Can you see my response? I edited my response so maybe you didn't get the notification.

5

When running a WireGuard Server and Client at the same time the Client should work without a problem but traffic to your server will come in via the WAn and go out via the WireGuard client which is a no go, to solve this you need Policy base routing: https://docs.openwrt.melmac.net/pbr/ if you install this PBR app then the traffic to the servers listen port will automatically routed back via the wan.

If the WireGuard client is not working despite following my notes of the WireGuard Client Setup Guide then see the paragraph about "Asking for Help" what to post so that we can help you further.