NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
OpenVPN on iPhone fails to import profile for NightHawk R700P
Have been trying to get OpenVPN to run on my iPhone. Download smartphone config files from router to my iPhone. Share client3.ovpn file to OpenVPN but clicking on "Add" to add the profile results in error message: "Failed to Import Profile. Failed to parse profile: ca.crt, client.crt, client.key". VPN works fine on MacBook Air using Tunnelblick but I really need to be able to VPN into router from my phone when I'm away from home. Netgear support does have any suggestions other than to follow instructions in manual or online KB.
Previously had OpenVPN running to access TP-Link ArcherA7 but upgraded to the Nighthawk for increased speed but now I'm starting to think this wasn't much of an upgrade. Anyone have any experience with and/or solution to this problem?
6 Replies
I had the same issue and i was finally able to solve it. I dont know what netgear thinks happens when you follow their normal steps, but it didnt work for me.
I had the issue where it couldnt find these files ca.crt, client.crt, client.key. My solution was to create a "unified" ovpn file. The unified file just means that you embed the contents of ca.crt, client.crt, client.key into the ovpn file, rather than have the ovpn file point to separarte files.
This page explains how to do that https://openvpn.net/faq/i-am-having-trouble-importing-my-ovpn-file/
One issue I ran into is I found this sample file as an example to follow https://gist.github.com/renatolfc/f6c9e2a5bd6503005676 . That file is wrong. there shouldn't be any [inline] things:
ca [inline]
cert [inline]
key [inline]
tls-auth [inline] 1my client_unified.ovpn file looks like this
client
dev tun
proto udp
remote {{domain_name}} {{port}}
resolv-retry infinite
nobind
persist-key
persist-tun
cipher AES-128-CBC
comp-lzo
verb 5<ca>
{{contents_of_ca.crt}}
</ca>
<cert>
{{contents_of_client.cert}}
</cert>
<key>
{{contents_of_client.key}}
</key>
hope this helps!
This did not work for me. Same exact situation. I tried with and with out the squiggly brackets {{}}. No luck. Do I literally paste the entire contents of each file, or only sections of it. When i do this i get the message "option_error: option <key> was not properly closed out." I double checked, I do indeed have the </key> (with the slash too). Any other thoughts? Thanks
<ca>
{{contents_of_ca.crt}}
</ca>
<cert>
{{contents_of_client.cert}}
</cert>
<key>
{{contents_of_client.key}}
</key>
did you every find out what caused this im having the same issue
- Never figured it out. Spent a lot of time researching and editing the contents of the key and crt but no luck. Lots of websites said to combine the contents into one file but never worked.
try this templet i literally just figured it out i used notpad++ order is the .ovpn, ca, cert, key
client
dev tun
proto udpremote ip
resolv-retry infinite
nobind
persist-key
persist-tun
cipher
comp-lzo
verb 5<ca>
-----BEGIN CERTIFICATE-----
ca
-----END CERTIFICATE-----</ca>
<cert>
.cert
</cert>
<key>
-----BEGIN PRIVATE KEY-----
.key
-----END PRIVATE KEY-----</key>
Thank you for the help. I got it working now. Took some other trial and error. Here is what I did (my router is R6700v).
First main issue is that you cannot connect to a VPN network while on that same network it points to. Must turn off wifi on cell phone and use cell service to connect to VPN. To test on a PC, disable wired NIC card, use phone as hotspot (which turns off cell’s wifi automatically), connect computer to hotspot, then start VPN on the PC. If you don’t do this you will get errors and not connect. (This was my biggest hurdle, and from the forums where I was searching my errors - seems to be the cause of most folk's errors)
On the VPN settings in router web interface:
For Windows
- Click download “For Windows” and save zip file
- Download OpenVPN from https://openvpn.net/community-downloads/
- Must install client on PC (no portable versions exist)
- Rename the Local Area Connection (the one showing TAP in title) to NETGEAR-VPN
- Extract the contents of windows.zip to C:\Users\USERNAME\OpenVPN\config
- Try running OpenVPN as normal user. If not working, then right click, run as Administrator.
- Right click OpenVPN icon in system tray and hit connect.
For SmartPhone
- Click download “For Smart Phone” and save zip file
- Extract contents to folder
- Open “client3.ovpn” in notepad
- Delete the three lines:
- ca ca.crt
- cert client.crt
- key client.key
- Add to the bottom of the file (thank you webcurl):
- Delete the three lines:
<ca>
Entire contents of file “ca.crt”
</ca>
<cert>
Entire contents of file “client.crt”
</cert>
<key>
Entire contents of file “client.key”
</key>
- Make sure you have some returns/blank lines as shown and at the end of the file.
- Save file.
- Copy to phone (cannot load file to OpenVPN from shared drive because you’ll be on same network and it will fail when trying to add it to OpenVPN)
- Install OpenVPN app on phone
- On the phone, click on the earlier saved file “client3.ovpn,” hit share icon, then open with OpenVPN. Click add.
- Note… after connecting, the OpenVPN app showed my iPhone with an IP Address in a different subnet than what the DHCP on my router is designed to divvy out. I can on the cell phone now login to router settings via web interface and look under my Router’s “attached devices” and see two connections: the VPN connection with IP in different subnet, and another IP address within proper subnet. I can access everything on my network now.
Hope this helps others out there.
-Alchle