NordVPN status is "down" and/or "reconnecting-tls-error" after following online guide/chat tech support
-
Yeah upon closer inspection they do state
"Certificate data: (you can get this certificate by downloading our CA and TLS files from here: "But they never show you were to use said certs..
"Client certificate: webConfigurator default (59f92214095d8)(Server: Yes, In Use) (please note that the numbers on your machine could be different);"
Which my guess is that is from the dns unbound configuration they have you do...
Stick by my opening comments ;)
edit: They are just going to be pem files - open them with your fav text editor... But agree - they should have clear cut instructions!
There should be clear instructions on how to import those into the pfsense cert manager.
edit: I think we should be able to send them a bill for how many of their customers end up here...
-
Install Notepad++ (it's free) and just right-click open it.
-Rico
-
BTW: Watching this great hangout done by jimp should be helpful for you: https://www.netgate.com/resources/videos/openvpn-as-a-wan-on-pfsense.html
-Rico
-
OMG, why do they take something that simple and obfuscate it?
And why can't the tech guy figure this out. I mean I shared with him all the same information I shared here, and he said "It's fine".
Anyway, /RantOff
Thank you so much for the help, you fixed in a few posts what I spent hours yesterday with tech support trying to do.
-
@HardRooster said in NordVPN status is "down" and/or "reconnecting-tls-error" after following online guide/chat tech support:
you fixed in a few posts what I spent hours yesterday with tech support trying to do.
I stick with my original comment ;)
Why anyone gives them money I have no idea...
-
@HardRooster said in NordVPN status is "down" and/or "reconnecting-tls-error" after following online guide/chat tech support:
OMG, why do they take something that simple and obfuscate it?
And why can't the tech guy figure this out. I mean I shared with him all the same information I shared here, and he said "It's fine".
Anyway, /RantOff
Thank you so much for the help, you fixed in a few posts what I spent hours yesterday with tech support trying to do.
Not really sure why their Tech people couldn't sort it, it is documented:-
https://support.nordvpn.com/1089079142
-
Who would you recommend for a VPN provider then?
-
Update: NordVPN did finally get back to me with a support email. I tired out their solution, and it worked as well as the solution posted here.
So, in all better than ExpressVPN, as at least they know what pfsense is and how to support it, even if their chat helper wasn't that helpful, someone there at least knew how to fix my problem, even if it took 24 hours or so.
-
@HardRooster said in NordVPN status is "down" and/or "reconnecting-tls-error" after following online guide/chat tech support:
and it worked as well as the solution posted here.
And what was their solution?
I wouldn't recommend a "vpn"... Its just snake oil you sell to the suckers... If you want to circumvent some geo restriction thats your own business... That is not security.. And its not privacy... If you you believe your isp is spying on you, or manipulating your traffic - 1st thing would be to change isp... But you could always just fire up a vps somewhere for a fraction of the cost of these vpn services and tunnel your traffic there, etc. etc.
-
Thank you for contacting us via live chat.
Based on the screenshot, it seems that the CA certificate you used is incorrect/outdated. We started to use the same TLS key and CA cert for all of our servers as opposed to using different ones for each server. Perhaps our tutorial needs to be updated as well.
Please go to the System / Certificate Manager / CAs and press Edit on the certificate you imported.
Change the Certificate data field with this certificate instead:
-----BEGIN CERTIFICATE-----
Lots of certificate numbers in here, deleted so as not to spam the crap out of this reply.
-----END CERTIFICATE-----
After that, save and apply the settings and check if the issue persists.
Let us know how it goes.
-
So he made no mention of the client cert? The CA cert is given right on that page, along with the tls.
-
Looks like they have updated the OpenVPN files to use the same certs but not the pfsense documentation:-
https://nordvpn.com/ovpn/
-
@NogBadTheBad said in NordVPN status is "down" and/or "reconnecting-tls-error" after following online guide/chat tech support:
Think the following needs to be used:-
-----BEGIN CERTIFICATE----- MIIFCjCCAvKgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA5MQswCQYDVQQGEwJQQTEQ MA4GA1UEChMHTm9yZFZQTjEYMBYGA1UEAxMPTm9yZFZQTiBSb290IENBMB4XDTE2 MDEwMTAwMDAwMFoXDTM1MTIzMTIzNTk1OVowOTELMAkGA1UEBhMCUEExEDAOBgNV BAoTB05vcmRWUE4xGDAWBgNVBAMTD05vcmRWUE4gUm9vdCBDQTCCAiIwDQYJKoZI hvcNAQEBBQADggIPADCCAgoCggIBAMkr/BYhyo0F2upsIMXwC6QvkZps3NN2/eQF kfQIS1gql0aejsKsEnmY0Kaon8uZCTXPsRH1gQNgg5D2gixdd1mJUvV3dE3y9FJr XMoDkXdCGBodvKJyU6lcfEVF6/UxHcbBguZK9UtRHS9eJYm3rpL/5huQMCppX7kU eQ8dpCwd3iKITqwd1ZudDqsWaU0vqzC2H55IyaZ/5/TnCk31Q1UP6BksbbuRcwOV skEDsm6YoWDnn/IIzGOYnFJRzQH5jTz3j1QBvRIuQuBuvUkfhx1FEwhwZigrcxXu MP+QgM54kezgziJUaZcOM2zF3lvrwMvXDMfNeIoJABv9ljw969xQ8czQCU5lMVmA 37ltv5Ec9U5hZuwk/9QO1Z+d/r6Jx0mlurS8gnCAKJgwa3kyZw6e4FZ8mYL4vpRR hPdvRTWCMJkeB4yBHyhxUmTRgJHm6YR3D6hcFAc9cQcTEl/I60tMdz33G6m0O42s Qt/+AR3YCY/RusWVBJB/qNS94EtNtj8iaebCQW1jHAhvGmFILVR9lzD0EzWKHkvy WEjmUVRgCDd6Ne3eFRNS73gdv/C3l5boYySeu4exkEYVxVRn8DhCxs0MnkMHWFK6 MyzXCCn+JnWFDYPfDKHvpff/kLDobtPBf+Lbch5wQy9quY27xaj0XwLyjOltpiST LWae/Q4vAgMBAAGjHTAbMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqG SIb3DQEBDQUAA4ICAQC9fUL2sZPxIN2mD32VeNySTgZlCEdVmlq471o/bDMP4B8g nQesFRtXY2ZCjs50Jm73B2LViL9qlREmI6vE5IC8IsRBJSV4ce1WYxyXro5rmVg/ k6a10rlsbK/eg//GHoJxDdXDOokLUSnxt7gk3QKpX6eCdh67p0PuWm/7WUJQxH2S DxsT9vB/iZriTIEe/ILoOQF0Aqp7AgNCcLcLAmbxXQkXYCCSB35Vp06u+eTWjG0/ pyS5V14stGtw+fA0DJp5ZJV4eqJ5LqxMlYvEZ/qKTEdoCeaXv2QEmN6dVqjDoTAo k0t5u4YRXzEVCfXAC3ocplNdtCA72wjFJcSbfif4BSC8bDACTXtnPC7nD0VndZLp +RiNLeiENhk0oTC+UVdSc+n2nJOzkCK0vYu0Ads4JGIB7g8IB3z2t9ICmsWrgnhd NdcOe15BincrGA8avQ1cWXsfIKEjbrnEuEk9b5jel6NfHtPKoHc9mDpRdNPISeVa wDBM1mJChneHt59Nh8Gah74+TM1jBsw4fhJPvoc7Atcg740JErb904mZfkIEmojC VPhBHVQ9LHBAdM8qFI2kRK0IynOmAZhexlP/aT/kpEsEPyaZQlnBn3An1CRz8h0S PApL8PytggYKeQmRhl499+6jLxcZ2IegLfqq41dzIjwHwTMplg+1pKIOVojpWA== -----END CERTIFICATE----------BEGIN OpenVPN Static key V1----- e685bdaf659a25a200e2b9e39e51ff03 0fc72cf1ce07232bd8b2be5e6c670143 f51e937e670eee09d4f2ea5a6e4e6996 5db852c275351b86fc4ca892d78ae002 d6f70d029bd79c4d1c26cf14e9588033 cf639f8a74809f29f72b9d58f9b8f5fe fc7938eade40e9fed6cb92184abb2cc1 0eb1a296df243b251df0643d53724cdb 5a92a1d6cb817804c4a9319b57d53be5 80815bcfcb2df55018cc83fc43bc7ff8 2d51f9b88364776ee9d12fc85cc7ea5b 9741c4f598c485316db066d52db4540e 212e1518a9bd4828219e24b20d88f598 a196c9de96012090e333519ae18d3509 9427e7b372d348d352dc4c85e18cd4b9 3f8a56ddb2e64eb67adfc9b337157ff4 -----END OpenVPN Static key V1----- -
Yup the above is correct, I now have 1 CA and 3 different OpenVPN connections.
-
Ok, so I may be straying now into "start a new topic" territory, but I can't see any of the other computers on my network. Is this something to do with routing, and I just need to read more of the manual and figure out how to configure pfsense to do what I want?
I have a server, my workstation (over ethernet) and my laptop via wifi that I'd like to communicate with each-other. Mainly I want to file share off the server, so I can just quickly jump from working on my workstation to my laptop seamlessly, while keeping files stored in RAID on the server.
-
-
Excellent! That did it, thank you.
