Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    TorGuard and OpenVPN Setup help

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 3 Posters 4.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      staroflaw
      last edited by

      I am trying to setup a OpenVPN connection to TorGuard.
      I have followed a few guides (How to create an OpenVPN client to TUVPN.com) and (How to create an OpenVPN client to StrongVPN) but I keep getting stuck at the same point.

      Certificates - Private key. I just don't have a .key file from TorGuard.
      I have tried to just use the contants of the crt file.

      This is the error in OpenVPN log

      openvpn[97856]: Exiting due to fatal error
      openvpn[97856]: Error: private key password verification failed

      is the error related to Certificates - Private key or is it my TorGuard username and password?

      Not sure what to try next.
      Can anyone help?

      Thanks - MKStar

      1 Reply Last reply Reply Quote 0
      • M
        mevans336
        last edited by

        Ok, here is how you have to do this.

        First, make sure you have a copy of the OpenVPN_Configs from your customer portal at Torguard.

        
        - Go to Diagnostics > Edit File
          - Paste the contents of the .ca file for the server you want to connect to. (For example, swissca.crt.)
          - Enter /cf/conf/swissca.crt in the Save/Load form path input box.
          - Click Save
        
        - Go to Diagnostics > Edit File
          - Enter /cf/conf/userpass.txt in the Save/Load from path input box.
          - Enter your Torguard Username and Password in the input box, one on each line. Like so:
        
        username
        password
        
          - Click Save
        
        - Open the .ovpn file and copy the server IP address.
        
        - Go to VPN > OpenVPN > Client > + (new)
          - Server Mode: Peer to Peer (SSL/TLS)
          - Server host or address: (server IP address you copied from the .ovpn file)
          - Server port: 443
          - *UNCHECK* TLS Authentication
          - Encryption algorithm: BF-CBC (128-bit)
          - Input the following into the Advanced field at the bottom:
        
        tls-client; key-method 2; ca /cf/conf/swissca.crt; auth-user-pass /cf/conf/userpass.txt; tun-mtu 1500; tun-mtu-extra 32; mssfix 1450; persist-key; persist-tun; comp-lzo; verb 3;
        
           - Click Save
        
        

        At this point, you should be able to go to Status - OpenVPN and see it connected.

        I have a unique setup with StrongVPN in addition to Torguard, so all I was able to test was that it connected successfully. I'm also unsure if /cf/conf is the proper place to store these files so they survive a reboot. I plan to do further testing after the Thanksgiving holiday. I've attached a screenshot to show that it does work at a basic level however.

        I have now tested this and it works perfectly.

        Lastly, for security purposes you should SSH into the box and chmod the two files you created to 400.

        Good luck.

        ![Screenshot 2013-11-27 23.42.34.jpg](/public/imported_attachments/1/Screenshot 2013-11-27 23.42.34.jpg)
        ![Screenshot 2013-11-27 23.42.34.jpg_thumb](/public/imported_attachments/1/Screenshot 2013-11-27 23.42.34.jpg_thumb)

        1 Reply Last reply Reply Quote 0
        • U
          ut1l1ty
          last edited by

          I was looking for instructions for TorGuard OpenVPN and ended up here. Here's a link to TorGuard's own setup guide that I found after further searching. Hope people find this helpful  :)

          http://torguard.net/blog/how-to-setup-pfsense-with-torguard-openvpn/

          This has worked for me after brief testing. Guide is relatively easy to follow. They don't specify IPv4 or IPv6, so I just did the configuration for IPv4 and ignored IPv6 completely.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.