- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- « Previous
- Next »
Netgear R7000 and OpenVPN for Android App
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 and OpenVPN for Android App
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 and OpenVPN for Android App
Haha, I know better. OpenSSL generates unique certs everytime it runs a cert request which is what the router wizard does. :-). I just did not feel like running through the whole manual process of doing it myself. I was just waiting for NG to fix it. Thank You for pointing me to the hot fix.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 and OpenVPN for Android App
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 and OpenVPN for Android App
Firmware V1.0.2.46
Hi, thanks for the excellent guide, it did exactly what was needed, however I am still unable to use openvpn.
Im not 100% sure but I think the router I have (UK) may have some sort of SE linux variant, as once I have completed the guide and reboot the certs all go back to md5 variants.
I have tested this by following the guide to the letter, then rebooting and clicking the windows button to get the config = old md5 certs, following again, then NOT rebooting, and doing the same = new sha256 certs.
I've given up for now, but just wanted to add this to the conversation as either something I didi wrong (dont think so) or that the filesystem may be tamper protected.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 and OpenVPN for Android App
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 and OpenVPN for Android App
Ironically, I got the P because the web wisdom was that it supported Android VPN, and the non-P did not.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 and OpenVPN for Android App
Hi Clarence,
This is a follow up on the case. Our engineering team are still working on a fix and it will be before the OpenVPN officially drops support for it.
=========================
Well, it's past April, and my Android still works, so this could just mean that OpenVPN has decided to let Netgear continue to connect.
The pop-up went away, but the message is still in the log "end of April".
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 and OpenVPN for Android App
I haven't tried the new firmware since I used Diggie3's excellent instructions to install my own certs (and I'm afraid that the new firmware could break things).
FYI: As an alternative, I just re-purposed an old RaspberryPi 2b to test as a VPN server using http://www.pivpn.io. It literally took 15 minutes to set up from scratch. My clients connect to this RbPi VPN in 1 second compared to the 5-10 sec it took to connect to the R7000 VPN. By default, connecting to this PiVPN server will route all traffic to your RbPi. If you want only certain traffic routed over this VPN, then you could add these lines to your client config (.ovpn) files [where xxx is the IP address on your LAN that you want to access]:
route-nopull route xxx 255.255.255.255 vpn_gateway
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 and OpenVPN for Android App
@ClarDold wrote:
Update from NETGEAR:
Hi Clarence,
This is a follow up on the case. Our engineering team are still working on a fix and it will be before the OpenVPN officially drops support for it.
=========================
Well, it's past April, and my Android still works, so this could just mean that OpenVPN has decided to let Netgear continue to connect.
The pop-up went away, but the message is still in the log "end of April".
OpenVPN Connect 1.1.27 have the warning message of MD5. Now the OpenVPN version is 3.0.X and no warning message. I don’t know if this is the case for the OpenVPN Connect for IOS since the version for IOS is behind Android.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 and OpenVPN for Android App
looks like they have a Hot Fix for the R7000P
Has anyone tried it yet ?
https://kb.netgear.com/000057108/R7000P-Firmware-Version-1-3-2-34-Hot-Fix
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear Openvpn telnet enabled for R6400v2
NG_Guru:
I can confirm that the hidden debug page permitted me to Enable Telnet on my new R6400v2. (I have completed your entire pdf set of instructions, and will test it tomorrow morning from an external wifi subnet.)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 and OpenVPN for Android App
I fixed the connection by manually editing my config file:
---
client
dev tap
proto udp
remote YourPublicIP-or-DNS 12974
resolv-retry infinite
nobind
persist-key
persist-tun
ca C:\\path-to-certificates\\OpenVPN\\config\\ca.crt
cert C:\\path-to-certificates\\OpenVPN\\config\\client.crt
key C:\\path-to-certificates\\OpenVPN\\config\\client.key
tls-cipher "DEFAULT:@SECLEVEL=0"
cipher AES-128-CBC
comp-lzo
verb 5
---
Kind regards, Arnold
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 and OpenVPN for Android App
Here is something interesting:
- I had resolved the issue using Diggie3's instructions.
- I just installed the beta FW (1.0.9.30_10_2_23)
- I did a telnet into the router and looked at /tmp/openvpn.... The newkeys.zip file that Diggie3 had us put in was still there.... so I unzipped it.
- I tried one of my clients that still had the old keys..... and it worked!!!
This appears to be the best of all worlds...
- I don't have to redistribute keys.
- They are unique and strong keys that I generated
- I am able to take new security updates from NG as they put them out.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 and OpenVPN for Android App
Hi Diggie3,
I used you tutorial to update my OpenVPN keys before Netgear released the new firmware. It was really helpful.
I generated my own CA, my own server and client keys. By the way, with your tutorial, I could create a key for each VPN user, so everyone can connect to through VPN at the same time without sharing the same client key (client.crt and client.key files).
In my case, I have one key and my wife has another. Nevertheless, I wonder, if I get one key compromised, what do I do to get it revoked? I know I have to generate a CRL file, but R7000 is capable of reading it? If so, where must I put it to make it work? Is the only solution generating everything again from the very begining (CA, server and client keys)?
Best regards.
- « Previous
- Next »
• Introducing NETGEAR WiFi 7 Orbi 770 Series and Nighthawk RS300
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more