NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

divad-H's avatar
divad-H
Aspirant
Oct 04, 2024

Generated VPN Configuration does not include ca.crt, client.crt and client.key RBR750

Hello,

I am trying to setup the VPN on my WIFI 6 RBR750 router.

After enabling the VPN, I follow the instructions to connect OpenVPN on my Android phone using the downloaded configuration file. However, OpenVPN immediately gives me an error when trying to connect "Connection Failed - Error message: X509::parse_pem: error in ert::error04800006C:PEM routines::no start line."

When I look into the configuration file, I see that the ca, cert and key values are empty:

 

client
dev tun
proto udp
remote XXX.mynetgear.com 12973
resolv-retry infinite
nobind
persist-key
persist-tun
<ca>
</ca>
<cert>
</cert>
<key>
</key>
cipher AES-128-CBC
comp-lzo
verb 0
dhcp-option DNS 192.168.4.1

 

 

 

 

The OpenVPN configuration for Mac and Windows also don't include those values / files.

 

Am I doing something wrong here?

6 Replies

  • CrimpOn's avatar
    CrimpOn
    Guru
    Oct 04, 2024

    I just now downloaded smart_phone.ovpn for a VPN connection on an RBR750 running firmware v7.2.6.31 and it includes everything in the ovpn file.

     

    Very puzzling.

    • divad-H's avatar
      divad-H
      Aspirant
      Oct 05, 2024
      I am using the same firmware version V7.2.6.31_5.0.24
      • CrimpOn's avatar
        CrimpOn
        Guru
        Oct 05, 2024

        This is really strange.  Aside from the missing information, the only obvious difference between your file and mine is

         

        • I have set the verbosity level to 5 so that the log will include more detail, i.e.
          verb 5 rather than
          verb 0
        • I do not have that last line
          dhcp-option DNS 192.168.4.1
          OpenVPN has an explanation on "pushing" DNS servers to client devices that has a different format (and also doesn't make clear WHY a person would want to do this.)
          https://openvpn.net/community-resources/pushing-dhcp-options-to-clients/ 

        Maybe whatever is causing the dhcp-option line to appear is also causing the certificates and keys to be empty?

        For certain, there is supposed to be content in those fields.

         

        Sometimes Orbi routers just get "wonky" and the user has to fall back on the Last Resort of a Factory Reset.

         

        I always try a quick reset first:

        • Save a copy of the configuration file.
        • Do the Factory Reset.
        • When the router restarts, connect using a web server
        • Proceed through the setup process, doing the least possible
          • Do not change the default WiFi credentials
          • Do not enable anything (Armor, Parental Controls, etc.)
          • Do not register the product
          • Just plow ahead until....
        • A page comes up offering a choice of (a) enter the configuration manually or (b) reload a saved configuration.
          Pick the reload option.
        • The router will reload the saved configuration and reboot.
        • Everything will be set to the previous values, except that perhaps any 'gunk' that had gotten into the operating configuration will be gone.  All WiFi devices will reconnect as if there had been a temporary power outage, getting the correct IP assignments, etc. etc.

        I have been able to complete this entire process in under 10 minutes, whereas entering the entire configuration by hand takes me about two hours (and I make a horrible number of typing errors!)