IPredator config won't work.

wtf1337

Dear users of the forum.

So i have an VPN service from IPredator that uses this config:

client
dev tun0
proto udp
remote pw.openvpn.ipredator.se 1194
remote pw.openvpn.ipredator.me 1194
remote pw.openvpn.ipredator.es 1194
resolv-retry infinite
nobind

auth-user-pass /etc/openvpn/IPredator.auth
auth-retry nointeract

ca [inline]

tls-client
tls-auth [inline]
ns-cert-type server

keepalive 10 30
cipher AES-256-CBC
persist-key
persist-tun
comp-lzo
tun-mtu 1500
mssfix
passtos
verb 3

 <ca>-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIJAKee4ZMMpvhzMA0GCSqGSIb3DQEBBQUAMIG9MQswCQYD
VQQGEwJTRTESMBAGA1UECBMJQnJ5Z2dsYW5kMQ8wDQYDVQQHEwZPZWxkYWwxJDAi
BgNVBAoTG1JveWFsIFN3ZWRpc2ggQmVlciBTcXVhZHJvbjESMBAGA1UECxMJSW50
ZXJuZXR6MScwJQYDVQQDEx5Sb3lhbCBTd2VkaXNoIEJlZXIgU3F1YWRyb24gQ0Ex
JjAkBgkqhkiG9w0BCQEWF2hvc3RtYXN0ZXJAaXByZWRhdG9yLnNlMB4XDTEyMDgw
NDIxMTAyNVoXDTIyMDgwMjIxMTAyNVowgb0xCzAJBgNVBAYTAlNFMRIwEAYDVQQI
EwlCcnlnZ2xhbmQxDzANBgNVBAcTBk9lbGRhbDEkMCIGA1UEChMbUm95YWwgU3dl
ZGlzaCBCZWVyIFNxdWFkcm9uMRIwEAYDVQQLEwlJbnRlcm5ldHoxJzAlBgNVBAMT
HlJveWFsIFN3ZWRpc2ggQmVlciBTcXVhZHJvbiBDQTEmMCQGCSqGSIb3DQEJARYX
aG9zdG1hc3RlckBpcHJlZGF0b3Iuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQCp5M22fZtwtIh6Mu9IwC3N2tEFqyNTEP1YyXasjf+7VNISqSpFy+tf
DsHAkiE9Wbv8KFM9bOoVK1JjdDsetxArm/RNsUWm/SNyVbmY+5ezX/n95S7gQdMi
bA74/ID2+KsCXUY+HNNUQqFpyK67S09A6r0ZwPNUDbLgGnmCZRMDBPCHCbiK6e68
d75v6f/0nY4AyAAAyqwAELIAn6sy4rzoPbalxcO33eW0fUG/ir41qqo8BQrWKyEd
Q9gy8tGEqbLQ+B30bhIvBh10YtWq6fgFZJzWP6K8bBJGRvioFOyQHCaVH98UjwOm
/AqMTg7LwNrpRJGcKLHzUf3gNSHQGHfzAgMBAAGjggEmMIIBIjAdBgNVHQ4EFgQU
pRqJxaYdvv3XGEECUqj7DJJ8ptswgfIGA1UdIwSB6jCB54AUpRqJxaYdvv3XGEEC
Uqj7DJJ8ptuhgcOkgcAwgb0xCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlCcnlnZ2xh
bmQxDzANBgNVBAcTBk9lbGRhbDEkMCIGA1UEChMbUm95YWwgU3dlZGlzaCBCZWVy
IFNxdWFkcm9uMRIwEAYDVQQLEwlJbnRlcm5ldHoxJzAlBgNVBAMTHlJveWFsIFN3
ZWRpc2ggQmVlciBTcXVhZHJvbiBDQTEmMCQGCSqGSIb3DQEJARYXaG9zdG1hc3Rl
ckBpcHJlZGF0b3Iuc2WCCQCnnuGTDKb4czAMBgNVHRMEBTADAQH/MA0GCSqGSIb3
DQEBBQUAA4IBAQB8nxZJaTvMMoSG47jD2w31zt9o6nSx8XJKop/0rMMHKBe1QBUw
/n3clGwYxBW8mTnrXHhmJkwJzA0Vh525+dkF28E0I+DSigKUXEewIZtKjADYSxaG
M+4272enbJ86JeXUhN8oF9TT+LKgMBgtt9yX5o63Ek6QOKwovH5kemDOVJmwae9p
tXQEWfCPDFMc7VfSxS4BDBVinRWeMWZs+2AWeWu2CMsjcx7+B+kPbBCzfANanFDD
CZEQON4pEpfK2XErhOudKEJGCl7psH+9Ex//pqsUS43nVN/4sqydiwbi+wQuUI3P
BYtvqPnWdjIdf2ayAQQCWliAx9+P03vbef6y
-----END CERTIFICATE-----</ca> 

 <tls-auth>-----BEGIN OpenVPN Static key V1-----
03f7b2056b9dc67aa79c59852cb6b35a
a3a15c0ca685ca76890bbb169e298837
2bdc904116f5b66d8f7b3ea6a5ff05cb
fc4f4889d702d394710e48164b28094f
a0e1c7888d471da39918d747ca4bbc2f
285f676763b5b8bee9bc08e4b5a69315
d2ff6b9f4b38e6e2e8bcd05c8ac33c5c
56c4c44dbca35041b67e2374788f8977
7ad4ab8e06cd59e7164200dfbadb942a
351a4171ab212c23bee1920120f81205
efabaa5e34619f13adbe58b6c83536d3
0d34e6466feabdd0e63b39ad9bb1116b
37fafb95759ab9a15572842f70e7cba9
69700972a01b21229eba487745c091dd
5cd6d77bdc7a54a756ffe440789fd39e
97aa9abe2749732b7262f82e4097bee3
-----END OpenVPN Static key V1-----</tls-auth> 

Well the problem is that there is no way to only use TLS and CA, i have gotten it to work via editing the config file in /var/etc/openvpn and then starting the service but on the webinterface itself it's not way to use that config.

Config:
http://i.imgur.com/3ZSKKA7.png
Error log
http://i.imgur.com/2WqdI3o.png

wtf1337

Does anyone know this?
Client Certificate: http://i.imgur.com/dDoaS4C.png Data: http://pastebin.com/QSVw31yp

Peer Certificate Authority: http://i.imgur.com/V1tB8Ta.png Data: http://pastebin.com/QSVw31yp

jlc

To get rid of the error message put ";ns-cert-type server" in the advanced settings of the openvpn setup. However, I don't think it will cause the vpn not to connect.

I am also having problems getting Ipredator to work, I can connect but not recieve an ip address from the server but pfsense shows the vpn up.

If you got it working I could use some help.

Thanks

Fevan

If you can try and contact support or post on IPredator VPN forums (if they got it) and ask for help in setting up your pfsense you may get better answers same applies for any VPN provider….

Sadly the support for pfsense is hit and miss regarding VPN providers out there, some have tried settings from other guides.

I googled blackvpn pfsense guide, also tried the guides posted and stickied above here:

https://www.blackvpn.com/support/pfsense-with-openvpn/

https://forum.pfsense.org/index.php/topic,29944.0.html

https://forum.pfsense.org/index.php/topic,57180.0.html

You maybe able to merge some parts of those guides to work with Ipredator vpn and other vpn providers and get it too work.

I found it very tricky, and gave up....

I also find the pfsense guides posted around to not work fully or only half. If you can find someone however who understand pfsense and has the same vpn provider as yourself maybe they willing to help !

jlc

I was unable to get Ipredator to work but I got a Blackvpn account and it fired right up. Last night one of the top support guys at Ipredator was going to set it up in a VM and see if he could figure it out but I haven't spoke with him since. If he gets it I will post here.

Blackvpn uses just the CA and Private Key also. If you want to see Blackvpn config let me know.

They have the instructions for Pfsense setup right on their site.

Could it be 32 vs 64 bit?

Regards,

Jeff

Fevan

Yeah this is what I was saying earlier its hit and miss with VPN support + pfsense…. seems one has to figure out the settings. Strangely its not that much settings its the other pfsense configuration which I found tricky...

The easy option is of course to join black vpn or a provider that supports pfsense support in general.