NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Orbi 753 and Open VPN - has anyone managed to make this work for a mac laptop??
I've been battling with the VPN server in the orbi for some time now. If I tether my mac laptop to my phone at home in the UK running on data I can connect via tunnelblick. If I'm on an external network I can't connect via tunnelblick. I have checked and the external networks do not share the same 192.168.1.xxx as the orbi network.
I have not been able to connect directly to VPN via Open VPN with either my phone or my iPad as every time I try to open the client.ovpn file downloaded from the "smartphone" button from the router both tell me they 'failed to parse profile: ca.crt, client cut, client.key".
I thought it's ok, I can still tether to my phone and connect to my home network with the mac laptop. I've recently arrived in the US and although I have a data plan and tunnelblick connects on the mac I can no longer access my home network.
Are netgear purposefully making this impossible and providing as little documentation as possible?
If anyone has any help or advice it will be much appreciated.
2 Replies
Can you please explain "teather". Does that refer to:
- Physically connect the laptop to the iPhone, or
- Create a WiFi Hot Spot on the iPhone and connect the laptop to it?
On my (old) RBR50, the smart_phone.zip file contains one file named "smart_phone.ovpn". There is no file named "client.ovpn". Perhaps in their infinite wisdom Netgear decided to rename the ovpn file for the RBR750 series?
I've attached my smart_phone.ovpn file. Does your client.ovpn have the same sections as mine?
client dev tun proto udp remote myDDNSname.mynetgear.com 12973 resolv-retry infinite nobind persist-key persist-tun <ca> -----BEGIN CERTIFICATE----- VQQGEwJUVzELMAkGA1UECBMCVFcxDzANBgNVBAcTBlRhaXBlaTEQMA4GA1UEChMH bmV0Z2VhcjEQMA4GA1UECxMHbmV0Z2VhcjETMBEGA1UEAxMKbmV0Z2VhciBDQTEQ MA4GA1UEKRMHRWFzeVJTQTEbMBkGCSqGSIb3DQEJARYMbWFpbEBuZXRnZWFyMB4X DTE4MDUyMzIyMjgxMFoXDTM4MDUxODIyMjgxMFowgZMxCzAJBgNVBAYTAlRXMQsw CQYDVQQIEwJUVzEPMA0GA1UEBxMGVGFpcGVpMRAwDgYDVQQKEwduZXRnZWFyMRAw DgYDVQQLEwduZXRnZWFyMRMwEQYDVQQDEwpuZXRnZWFyIENBMRAwDgYDVQQpEwdF YXN5UlNBMRswGQYJKoZIhvcNAQkBFgxtYWlsQG5ldGdlYXIwgZ8wDQYJKoZIhvcN AQEBBQADgY0AMIGJAoGBAMhEJZ5zE/JKdEmaPZcYWk8fJSFxdmtVUva5dvv2z02E 4s21BTsuZM5y9LTW24FHkX6pYEknVLgftb2fmIQ8tH0ln3F/KIGZr4ooSchzpvtn X530ztG1zMcV7/y5sWzg2LlU+/zlVzdfMj4lh2XPD1sj9RbTIf3Fpq5t/2GpiXjf AgMBAAGjgfswgfgwHQYDVR0OBBYEFH8m9w0a39vfSS2sM2OnbZIrbartMIHIBgNV HSMEgcAwgb2AFH8m9w0a39vfSS2sM2OnbZIrbartoYGZpIGWMIGTMQswCQYDVQQG EwJUVzELMAkGA1UECBMCVFcxDzANBgNVBAcTBlRhaXBlaTEQMA4GA1UEChMHbmV0 Z2VhcjEQMA4GA1UECxMHbmV0Z2VhcjETMBEGA1UEAxMKbmV0Z2VhciBDQTEQMA4G A1UEKRMHRWFzeVJTQTEbMBkGCSqGSIb3DQEJARYMbWFpbEBuZXRnZWFyggkA/X6o L5w++IUwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQB+7NlPceHCq1M6 +w72zuqiV9kpbQp3SiLdb/dXJLST2F1/AVUop0SdDeQnKD9yFh7YAaOBy9qMW4Rn BQ2va8mt/+iW9YBrmYFKrMLyyPbdqRT6UWwiUyaF4B7PcZxj/afHF6OrIktNzRhR 5AqiTpjQNyyyd9eUo6xXDweM9JPgWA== -----END CERTIFICATE----- </ca> <cert> Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear CA/name=EasyRSA/emailAddress=mail@netgear Validity Not Before: Jul 13 19:33:02 2018 GMT Not After : Jul 8 19:33:02 2038 GMT Subject: C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=client/name=EasyRSA/emailAddress=mail@netgear Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (1024 bit) Modulus: 00:d6:29:ce:29:61:81:18:a4:ea:31:9b:e7:21:7a: 53:e8:4d:41:c0:13:e9:80:b7:9a:7e:d8:62:fe:7b: 7b:01:c0:2c:13:b8:36:44:44:ad:20:19:cc:79:3d: af:73:68:74:60:bb:14:d6:32:1b:4d:34:88:57:82: b4:e1:6a:ac:88:62:01:d4:f1:58:54:4a:0c:00:7a: e9:01:7b:67:d9:d7:a6:cb:1d:9a:23:fd:0b:52:a6: 6a:05:25:40:38:79:06:20:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Comment: Easy-RSA Generated Certificate X509v3 Subject Key Identifier: ED:01:3E:B4:0B:F3:BA:F9:D8:55:56:9F:A4:80:35:89:C7:F5:DE:15 X509v3 Authority Key Identifier: keyid:7F:26:F7:0D:1A:DF:DB:DF:49:2D:AC:33:63:A7:6D:92:2B:6D:AA:ED DirName:/C=TW/ST=TW/L=Taipei/O=netgear/OU=netgear/CN=netgear CA/name=EasyRSA/emailAddress=mail@netgear serial:FD:7E:A8:2F:9C:3E:F8:85 X509v3 Extended Key Usage: TLS Web Client Authentication X509v3 Key Usage: Digital Signature Signature Algorithm: sha256WithRSAEncryption e4:9b:e2:54:9a:b4:5f:2b:4d:18:d7:bd:c8:31:66:59:e6:36: 30:f9:44:bb:06:f0:53:43:3c:c4:ff:4b:85:af:a4:f7:de:41: 11:d7:0d:75:96:28:f8:fc:9d:95:76:71:39:e5:d8:62:5f:a3: da:4e:49:fa:c2:65:8b:23:b6:97:5c:bd:df:58:d2:22:cf:61: 90:8b:36:b9:84:62:a3:00:0c:91:4b:36:72:df:91:f8:3f:1a: 1a:e8:62:5f:17:19:91:04:65:3e:a2:f6:a6:50:1c:6e:a8:9e: 2b:5c -----BEGIN CERTIFICATE----- B0Vhc3lSU0ExGzAZBgkqhkiG9w0BCQEWDG1haWxAbmV0Z2VhcjAeFw0xODA3MTMx OTMzMDJaFw0zODA3MDgxOTMzMDJaMIGPMQswCQYDVQQGEwJUVzELMAkGA1UECBMC VFcxDzANBgNVBAcTBlRhaXBlaTEQMA4GA1UEChMHbmV0Z2VhcjEQMA4GA1UECxMH bmV0Z2VhcjEPMA0GA1UEAxMGY2xpZW50MRAwDgYDVQQpEwdFYXN5UlNBMRswGQYJ KoZIhvcNAQkBFgxtYWlsQG5ldGdlYXIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ AoGBANYpzilhgRik6jGb5yF6U+hNQcAT6YC3mn7YYv57ZkdaPDRBTtbs+ocvuY4o XkSA6+aD0RNriCtbyx9VewHALBO4NkRErSAZzHk9r3NodGC7FNYyG000iFeCtOFq rIhiAdTxWFRKDAB66QF7Z9nXpssdmiP9C1KmagUlQDh5BiBxAgMBAAGjggFKMIIB RjAJBgNVHRMEAjAAMC0GCWCGSAGG+EIBDQQgFh5FYXN5LVJTQSBHZW5lcmF0ZWQg Q2VydGlmaWNhdGUwHQYDVR0OBBYEFO0BPrQL87r52FVWn6SANYnH9d4VMIHIBgNV HSMEgcAwgb2AFH8m9w0a39vfSS2sM2OnbZIrbartoYGZpIGWMIGTMQswCQYDVQQG EwJUVzELMAkGA1UECBMCVFcxDzANBgNVBAcTBlRhaXBlaTEQMA4GA1UEChMHbmV0 Z2VhcjEQMA4GA1UECxMHbmV0Z2VhcjETMBEGA1UEAxMKbmV0Z2VhciBDQTEQMA4G A1UEKRMHRWFzeVJTQTEbMBkGCSqGSIb3DQEJARYMbWFpbEBuZXRnZWFyggkA/X6o L5w++IUwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMA0GCSqGSIb3 DQEBCwUAA4GBABAJVRifewYH7D60p2Nuo8wv2uSb4lSatF8rTRjXvcgxZlnmNjD5 RLsG8FNDPMT/S4WvpPfeQRHXDXWWKPj8nZV2cTnl2GJfo9pOSfrCZYsjtpdcvd9Y 0iLPYZCLNrmEYqMADJFLNnLfkfg/GhroYl8XGZEEZT6i9qZQHG6onitc -----END CERTIFICATE----- </cert> <key> -----BEGIN PRIVATE KEY----- MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANYpzilhgRik6jGb 1uO1u26DQcmghO1hrt0nfGADNZTzVwK/GQiWZ9h3gxTtIgBHKJKmVySP5bCeFFYu w+3RpsXsJ5mDyb7nTryrG98kKtGSd+AsP9Mswt4rvSh4YaqEQgJMuEJZV8WgxYDO jHghkkHBYESUpUQOYQJBAPXJJT9xd+eJfTAP8gCq9w56RZmzBrQcid4RqyE4Kj0W H4NKmlsN1/6zDme3vz2WDuDm9QLGSdNGSGgcSR8ffmcCQQDfEDyPXVU1O4Ikug1D WwlXGEvgpSgCRxeX4k9xbGzIQIPgGJKOuzNbsaZF0DGWf7QfEBcpch0OPhDSH12m bv+sJ0Sd9+E48UlXyqXBaSDTsWzd3mSKR8/SaBMWqMBBzFvHSnEFAkEAiLdEGZeU XXpvjlx3Tv9TiPU5XHbfDyfBkFJ7HbhLWR1/N62HeCiee8d00Jw/isWgfaUJbQyu qb1I4B1Z346tTQ== -----END PRIVATE KEY----- </key> cipher AES-128-CBC comp-lzo verb 5Check this out https://www.netgear.com/home/services/orbilogin/
@My Estub wrote:
I've been battling with the VPN server in the orbi for some time now. If I tether my mac laptop to my phone at home in the UK running on data I can connect via tunnelblick. If I'm on an external network I can't connect via tunnelblick. I have checked and the external networks do not share the same 192.168.1.xxx as the orbi network.
I have not been able to connect directly to VPN via Open VPN with either my phone or my iPad as every time I try to open the client.ovpn file downloaded from the "smartphone" button from the router both tell me they 'failed to parse profile: ca.crt, client cut, client.key".
I thought it's ok, I can still tether to my phone and connect to my home network with the mac laptop. I've recently arrived in the US and although I have a data plan and tunnelblick connects on the mac I can no longer access my home network.
Are netgear purposefully making this impossible and providing as little documentation as possible?
If anyone has any help or advice it will be much appreciated.
