OK, its been quite sometime since by last post, lots has happened in the world , stupid is on the rise , evil continues to try to get in the way of our day today,and everyone seems to want to know what YOU are doing (google, crackers , governments, and others)
One way to mitigate this is to use a VPN service , like PIA (Private Internet Access) and the most useful way to do this is by using a router configured to use the service exclusively.
There are many 3rd party router firmwares , however not all routers are compatible, so do check compatibility if you choose to use DD-Wrt , Advanced Tomato, Tomato – by Shibby, OpenWrt, LEDE or as I have for my TP-Link router Gargoyle.
OK for the most part it is REAL easy to set up Gargoyle-Router as a VPN client. the following assume you have Gargoyle-Router set up and in use ( my network uses the Gargole-Router as a Subnet to another router that handles the ISP connection) . It also assumes that you have ssh access to the router.
before doing anything with the GUI , first ssh into the router and get to the OpenVPN folder
root@Gargoyle:~# cd /etc/openvpn
then use the echo command to create the auth.txt file ( contains username and password) and confirm it using the cat command.
root@Gargoyle:/etc/openvpn#echo “<username>” >> auth.txt
root@Gargoyle:/etc/openvpn#echo “<password>” >> auth.txt
It then get s little tedious as you also have to have a “cat crl.rsa.XXXX.pem” file, if you know how to use vim, good on you , cuz do not except how to delete lines and then save ( see later)
to set up the .pem file , I used the echo command with the >> switch to add each of the 15 lines individually like
root@Gargoyle:/etc/openvpn#echo “—–BEGIN X509 CRL—–” >> crl.rsa.2048.pem
root@Gargoyle:/etc/openvpn#echo “MIICWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQI” >> crl.rsa.2048.pem
root@Gargoyle:/etc/openvpn#echo “HgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0” >> crl.rsa.2048.pem
root@Gargoyle:/etc/openvpn#echo “each line in turn” >> crl.rsa.2048.pem
root@Gargoyle:/etc/openvpn#echo “—–END X509 CRL—–” >> crl.rsa.2048.pem
then confirming it with
now you can ( for a while go to the GUI and log in.
Once logged in, go to Connections >OpenVPN and select OpenVPN client. then complete all the required boxes.
One this is done Save changes, on doing so it will advise that the configuration has been saved but failed to connect (bummer) , at which point go back to your terminal that you ssh’d into the router with.
The reason why it fails is that Gargoyle writes its own OpenVPN configuration , that points to two files that PIA does not use , some will get round this by making phantom config files ( although as the files are keys, and certs) , this does not seem wise to me.
When back at the terminal you can check the gaining config directly by using
root@Gargoyle:/etc/openvpn# openvpn grouter_client_<randonstringybit>.conf
which will confirm the error, to fix it we need to remove two lines from the .conf file, and the only editor onboard is .. vi
The two lines you need to remove are
to do this use vi on the config file
root@Gargoyle:/etc/openvpn# vi grouter_client_<randonstringybit>.conf
then move the cursor to the fist line and tap d twice , it wil remove the line , and then repeat again for the second line, after removing both lines press <esc> :wq <enter>.
you can the retry the config manually again
root@Gargoyle:/etc/openvpn# openvpn grouter_client_<randonstringybit>.conf &
which should now get to the initialisation confirmation and start the VPN client.
when you rebook you shoudl see a confirmation that the VPN is connceted on the login page , and on the Connections > OpenVPN page.
Mine has now been up for about 2 hours without issue, please post back if you have any success with this.