TorGuard and OpenVPN Setup help



  • I am trying to setup a OpenVPN connection to TorGuard.
    I have followed a few guides (How to create an OpenVPN client to TUVPN.com) and (How to create an OpenVPN client to StrongVPN) but I keep getting stuck at the same point.

    Certificates - Private key. I just don't have a .key file from TorGuard.
    I have tried to just use the contants of the crt file.

    This is the error in OpenVPN log

    openvpn[97856]: Exiting due to fatal error
    openvpn[97856]: Error: private key password verification failed

    is the error related to Certificates - Private key or is it my TorGuard username and password?

    Not sure what to try next.
    Can anyone help?

    Thanks - MKStar



  • Ok, here is how you have to do this.

    First, make sure you have a copy of the OpenVPN_Configs from your customer portal at Torguard.

    
    - Go to Diagnostics > Edit File
      - Paste the contents of the .ca file for the server you want to connect to. (For example, swissca.crt.)
      - Enter /cf/conf/swissca.crt in the Save/Load form path input box.
      - Click Save
    
    - Go to Diagnostics > Edit File
      - Enter /cf/conf/userpass.txt in the Save/Load from path input box.
      - Enter your Torguard Username and Password in the input box, one on each line. Like so:
    
    username
    password
    
      - Click Save
    
    - Open the .ovpn file and copy the server IP address.
    
    - Go to VPN > OpenVPN > Client > + (new)
      - Server Mode: Peer to Peer (SSL/TLS)
      - Server host or address: (server IP address you copied from the .ovpn file)
      - Server port: 443
      - *UNCHECK* TLS Authentication
      - Encryption algorithm: BF-CBC (128-bit)
      - Input the following into the Advanced field at the bottom:
    
    tls-client; key-method 2; ca /cf/conf/swissca.crt; auth-user-pass /cf/conf/userpass.txt; tun-mtu 1500; tun-mtu-extra 32; mssfix 1450; persist-key; persist-tun; comp-lzo; verb 3;
    
       - Click Save
    
    

    At this point, you should be able to go to Status - OpenVPN and see it connected.

    I have a unique setup with StrongVPN in addition to Torguard, so all I was able to test was that it connected successfully. I'm also unsure if /cf/conf is the proper place to store these files so they survive a reboot. I plan to do further testing after the Thanksgiving holiday. I've attached a screenshot to show that it does work at a basic level however.

    I have now tested this and it works perfectly.

    Lastly, for security purposes you should SSH into the box and chmod the two files you created to 400.

    Good luck.

    ![Screenshot 2013-11-27 23.42.34.jpg](/public/imported_attachments/1/Screenshot 2013-11-27 23.42.34.jpg)
    ![Screenshot 2013-11-27 23.42.34.jpg_thumb](/public/imported_attachments/1/Screenshot 2013-11-27 23.42.34.jpg_thumb)



  • I was looking for instructions for TorGuard OpenVPN and ended up here. Here's a link to TorGuard's own setup guide that I found after further searching. Hope people find this helpful  :)

    http://torguard.net/blog/how-to-setup-pfsense-with-torguard-openvpn/

    This has worked for me after brief testing. Guide is relatively easy to follow. They don't specify IPv4 or IPv6, so I just did the configuration for IPv4 and ignored IPv6 completely.