NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Morganino's avatar
Morganino
Tutor
Jun 26, 2017
Solved

Netgear R7000 and OpenVPN for Android App

Hi, since last OpenVPN for Android App update (v.0.6.73) downloadable at the following link: https://play.google.com/store/apps/details?id=de.blinkt.openvpn OpenSSL version was upgraded to 1.1 and...
Features
Firmware
Netgear router tech support number 1-844-330-2330 Netgear router support phone number Netgear router tech support phone number Netgear tech support phone number
Security
  • Diggie3's avatar
    Diggie3
    Feb 28, 2018

    Thanks everyone for feedback so far. Attached is version 1.0.1. I fixed some typos, added a suggestion to clean up your tftp folder when you're done, and made a note about the OpenVPN version that's most compatible with the document.

     

    Some users looking to work through this doc may find that they can avoid Step 1 by visiting this hidden page:

     

    http://192.168.1.1/debug.htm

     

    If the debug page loads and there is an "Enable Telnet" option then you got lucky. Note that either the debug page or the option to "Enable Telnet" may not exist on your device or firmware version. Remember to check that this option is disabled after you're finished because having telnet enabled is a security risk.

katsaw's avatar
katsaw
Guide
Mar 02, 2018
Diggie3wrote:

katsaw You could try this:

 

cat /proc/mounts

 

Here's some output from the R7000:

 

/dev/mtdblock18 /tmp/openvpn jffs2 rw,relatime 0 0

 

The reason we can update the keys is that /tmp/openvpn is a read-write jffs2 filesystem, which is a compressed, non-volatile file system. That was a smart move on Netgear's part. See if you have something similar. The R7000 also has /tmp/media/nand of this type, but there's no OpenVPN content there on the R7000, and I don't know how safe it would be to modify that one (I haven't tried).


Thanks for your prompt reply!

 

Here it is:

 

# # cat /proc/mounts

rootfs / rootfs rw 0 0

/dev/root / squashfs ro,relatime 0 0

ramfs /dev ramfs rw,relatime 0 0

proc /proc proc rw,relatime 0 0

none /tmp ramfs rw,relatime 0 0

none /media ramfs rw,relatime 0 0

none /sys sysfs rw,relatime 0 0

none /proc/bus/usb usbfs rw,relatime 0 0

devpts /dev/pts devpts rw,relatime,mode=600 0 0

/dev/sda1 /tmp/mnt/shares/U vfat rw,relatime,fmask=0000,dmask=0000,allow_utime=0022,codepage=cp950,iocharset=utf8,shortname=mixed,errors=remount-ro 0 0

#

Diggie3's avatar
Diggie3
Luminary
Mar 03, 2018
A couple of updates:

1- Forum user pyrmont has created a set of instructions for Linux users. You can read that here:
http://articles.inqk.net/2018/03/02/netgear-openvpn-keys.html

2- katsaw and I did some more investigation of the R6220 model. The outcome is:

a) I don't think it's possible to update the keys on the R6220 using the same technique as for the R7000. Other methods might exist, but I'm not familiar with them and I have no way to research it.

b) I would recommend R6220 owners disable the OpenVPN server, and if they really need to run a VPN server either to look into third-party firmware or a newer model of router.