NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

ULTOne's avatar
ULTOne
Follower
Feb 28, 2022

R7000 - VPN Service - No client.crt

Current Firmware version: V1.0.11.134_10.2.119

 

I enabled the DDYNS and VPN services and upon downloading the openVPN configuration pakage it only containers ca.crt, client.key and client3.ovpn. Client.crt is missing, but is asked for when i try to add it with openvpn connect on android.

 

I have factory reset the router.

3 Replies

  • Kitsap's avatar
    Kitsap
    Master
    Feb 28, 2022

    You need to download the configuration package for Smart Phone.  It consists of a zip file with one file inside.  The smart phone configuration package combines the four required parts into one file.  The file name is smart_phone.ovpn.

    • græy's avatar
      græy
      Aspirant
      Jul 27, 2022
      Kitsap wrote:

      You need to download the configuration package for Smart Phone.  It consists of a zip file with one file inside.  The smart phone configuration package combines the four required parts into one file.  The file name is smart_phone.ovpn.

      I'm on FW version V1.0.11.134_10.2.119, but the above answer is incorrect. Having just now downloaded smartphone.zip, the configuration package contains 4 files - ca.crt, client.crt, client.key, and client3.ovpn.

       

      Importing the ovpn file into Android's OpenVPN errors with the OP's message. I've read other posts where manually combining the files into a single ovpn can succeed, but I have yet to make that work.

       

      Does Netgear even test these VPN configurations? I have owned my R7000 for years and despite several attempts over the years, never once has the default configuration worked for me.

      • græy's avatar
        græy
        Aspirant
        Jul 27, 2022

        I found a working format for the inline ovpn files. Follow this example here to merge the ca.cert, client.cert, and client.key files into the ovpn file.

         

        https://gist.github.com/renatolfc/f6c9e2a5bd6503005676

         

        The example includes settings for TLS as well. Don't include those sections in the modified netgear ovpn. And obviously get the contents for the <ca>, <cert>, and <key> sections from your own respective files.

         

        Also, you have to comment out the lines 

         

        ca [inline]
        cert [inline]
        key [inline]

         

        so they become

         

        #ca [inline]
        #cert [inline]
        #key [inline]

         

        After that, it should work.