NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Status:
Uncommitted Candidate
Support for Linux clients and OPENVPN on R7000 or any other Netgear router
Althought the R7000 router has support for MAC and Windows clients when using the Netgear R7000 OPENVPN built-in server, it does not support Linux as a client. See the following link:
Currently I am running the latest "supported" firmware version: V1.0.4.30_1.1.67 as of Nov 10 2015
There is a great number of Linux users and not being able to take advantage of the OPENVPN server in the Router seems to be a big limitation/oversight. I personally purchased this router because of the fat that it had a built in OENVPN server, so that I could connect my Android and Linux devices to my network. As I discovered after purchasing the router neither of these platforms are supported. It seems that IOS and Android support is coming, but no plans to implement Linux.
It may be possible to manually configure a Linux client if Netgear would publish how OPENVPN is implemented. I understand that this would not be "supported" by Netgear, but for those of us who have some technical skill we could possibly implement it and make it work for our needs.
Providing information such as and not limited to the following would be very useful since OPENVPN is open source software:
- Tunnel Device (TUN/TAP)
- Protocol UDP/TCP)
- Port number (1194 -> official port, or another port defined by Netgear)
- Encryption cipher (None, blowfish, AES-512/256/192/128 CBC, etc....)
- Hash algorithm (SHA1/256/512,MD4/5,none, etc....)
- TLS Cipher (none, AES-128/256 SHA, etc...)
- LZO Compression (Adaptive, yes/No, none)
- Authority/ Password usage
- TLS Auth Key usage ?
- PKCS12 Key usage?
- Static Key usage?
- ns-cert-type server ?
- Is access limited to the local network, to access the internet only, or to both local and internet?
- etc.....
This post is essentially to ask for Netgear to provide the following:
- Implement a Linux client file and instructions on how to implement it for the various distributions of Linux.
- Provide comprehensive documentation on how OPENVPN is implemented in the R7000 router or any other router that has an OPENVPN server built-in.
7 Comments
I am running the latest Firmware on my R7000 Router, there appear that Netgear has no interest or made no progress in supporting Linux (Ubuntu) (Firware Version V1.0.11.116_10.2.100 )
It is interesting the Netgear is using an OpenSource product and not supporting Ubuntu Linux.
Regards.
- Status changed:UnspecifiedtoUncommitted Candidate
Jeffyry,
The first thing you need to do is upgrade your R7000 Router firmware to the latest version. I am currently running version V1.0.6.28_1.1.83
You may run into some issues if you do an upgrade as your router may not work well after the upgrade. Netgear's upgrades do not work well in my experience. There are many references to problems in the forum such as the 2.4G band does not work or works intermittently, etc....
I also ran into several issues, and resolved them, by copying down/printing all of my router settings, doing a reset of the router, upgrading the router to the new firmware, doing another reset of the router, then manually applying all of the settings. Since I had a lot of configuration information, such as port forwarding, static DHCP setting, etc..., this took a significant amount of time to re-enter my original configuration. The good news is the router has been rather stable since doing this. I do find that I have to reboot it periodically because my internet speeds slow down. Following the reboot life is good again for a couple of months.
Once you have the latest firmware installed got to the Advance Tab => Advance Setup => VPN Service and you will now see three option:
- For Windows
- For Non-Windows
- For Smartphone
I selected the Smartphone option which created a "smartphone.zip" file. Once this file was extracted I then had the following files called:
- ca.crt
- client.crt
- client.key
- client3.ovpn
These are the files I pointed my OpenVPN client to in UBUNTU using the procedure I supplied in an earlier post. This will create a TUN connection.
HVOSPkxa can you by any chance post your TUN client.config here? My Nighthawk (AC1900) doesn't have the mobile devise opiton. It only has Win and Non-Win buttons. The TAP config for non-Win is not working on ubuntu. I keep getting the error that tanrekk is getting.
I'm not usre how to modify my TAP config to TUN.
Thank!
Here is how I configured OpenVPN on Ubuntu 14.04 to access my network using the Netgear R7000 using the GUI interface.
- After logging into the router I changed the ports on the VPN configuration screen to 1194 which are the official OpenVPN ports.https://docs.openvpn.net/frequently-asked-questions/ https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
- Next I downloaded the OpenVPN configurartion file "For Smart Phone", because I did not need a TAP device as a TUN device met my needs. You can google what the differences are between a TUN and a TAP device. The non-windows config file sets up a TAP device and the setup below should also work, but I have not tried it.
- I then copied the smartphone.zip file to my Ubuntu Laptop to a subdirectory in the "Documents" directory and unzipped the file. Since I am the only user of the system (laptop) locating the files there works for me.
- I then installed network-manager-openvpn and the network-manager-openvpn-gnome (sudo apt-get install network-manager-openvpn) This will install both.
- Launch the Gnome GUI for Network Connections (pull down top Right Hand corner) and select "Edit Connection". click on "Add", slect "Import a Saved VPN configuration". Import the " *.ovpn" file.
- A new menu will open up then point to the location of the User Certificate file (client.crt), the CA Certificate file (ca.cert) and the Private Key file (client.key).
- For the Authentication type select "Certificate (TLS)
- Click on save.
- You should now be able to enable or disable your VPN connection by Launching the Gnome GUI for Network Connections (pull down top Right Hand corner, selecting the "VPN Connection" to connect or disconnect the VPN connection.
I have also been able to use the command line to open the VPN connection to the Netgear R7000 router as follows.
https://openvpn.net/index.php/access-server/docs/admin-guides/182-how-to-connect-to-access-server-with-linux-clients.html- Open a terminal in the directory where the *.ovpn file is located and issue the (sudo openvpn --config *.ovpn) command to start the connection.
- In order to stop the connection from the command line see the following: http://askubuntu.com/questions/298419/how-to-disconnect-from-openvpn
In order to test if your VPN connection works you will have to try it while connected to another network other than the network to which you want to access. ie: from a coffee shop, McDonals, Starbucks, a friends network, etc....
Note: The external network from which you are testing your VPN connection must not have blocked port 1194. If they have then you will not be able to connect. Since 1194 is the official openvpn port the chances of it being blocked are minimal as many companies use openvpn in order for their mobile employees to work remotely and while trevelling. I have used a PPTP server at home in the past to access my network but found that port 1723 is blocked at times on the network to which I am connected.
As mentioned before the non-wiondows and the smartphone OpenVPN config files from the R7000 are very similar other than the fact that one configures a TAP device and the other configures a TUN device. To date I have been successful in configuring my Android tablet and my Ubuntu Laptop to access my home network via the Netgear R7000 router.Hi, im also having trouble setting up a VPN-tunnel between Ubuntu and the Nighthawk r7000. Whats more confusing is that the official FAQ reports that it should work to connect to the r7000 with OpenVPN on Linux. http://kb.netgear.com/app/answers/detail/a_id/23794/~/r7000-faqs
redlawpy I tried what you discribed but ended up with the error: "Linux ifconfig failed: external program exited with error status: 4" Could you maybe elaborate further?
Hi HVOSPkxa,
There is a way to make it work in linux. (I'm currently using it with my Ubuntu laptop)
The steps to make it work in linux are the following:
- First install the openvpn client.
Open the terminal and type (depending on your distro)
Fedora/CentOS/RedHat:
sudo yum install openvpn
Ubuntu/Debian:
sudo apt-get install openvpn
- Then download the configuration files from the router.
Go to: Advanced Setup > VPN Service > (Under "OpenVPN configuration package download") For non-Windows
Extract the zip file in the folder, for example, /home/user(your username)/vpn/
- After you downloaded the openvpn client and the configuration files.
From the terminal do:
sudo openvpn --config /home/user/vpn/client2.conf --ifconfig 192.168.1.5 255.255.255.0 --route 192.168.1.1
Obs.: The way I got it to work is by assigning, to the virtual interface, an static IP(192.168.1.5 255.255.255.0). In my case, I got the network 192.168.1.0/24 so I chose an IP address that is not in the range of the DHCP. That way, I'm sure that there won't be another device with the same IP.