OpenVPN to PureVPN


#1

It took me while to get it working but I wanted to share the config I ended up with to get the my OpenVPN tunnel to PureVPN working. Now I can use PBR to determine which traffic is sent over the PureVPN tunnel.

set interfaces openvpn vtun5 description ‘PureVPN’
set interfaces openvpn vtun5 encryption ‘aes256’
set interfaces openvpn vtun5 mode ‘client’
set interfaces openvpn vtun5 openvpn-option ‘–auth-user-pass /config/auth/purevpn-password.txt --persist-key --persist-tun --nobind --pull --route-nopull --cipher AES-256-CBC --tls-auth /config/auth/PureVPN.key 1 --auth-retry nointeract --comp-lzo --script-security 2’
set interfaces openvpn vtun5 protocol ‘udp’
set interfaces openvpn vtun5 remote-host ‘WHATEVER-ovpn.purevpn.net
set interfaces openvpn vtun5 remote-port ‘53’
set interfaces openvpn vtun5 tls ca-cert-file ‘/config/auth/PureVPN.ca’
set interfaces openvpn vtun5 tls cert-file ‘/config/auth/PureVPN-Client.crt’
set interfaces openvpn vtun5 tls key-file ‘/config/auth/PureVPN-Client.key’

Thanks
CJ


#2

Do you have any idea whether PIA can be setup with vyos as well? It uses username/password authentication.


#3

[/quote]

Do you have any idea whether PIA can be setup with vyos as well? It uses username/password authentication.
[/quote]

As long as PIA can provide the cert and key files then there is no reason it shouldn’t work.


#4

Do you have any idea whether PIA can be setup with vyos as well? It uses username/password authentication.
[/quote]

As long as PIA can provide the cert and key files then there is no reason it shouldn’t work.
[/quote]

Unfortunately NO! They provide:

  1. *.ovpn file for client configuration
  2. A certifying Authority (CA) file

That’s it. No keys!

You should have your “username and Password” to set it up.

However, the EdgeOS from ubiquiti is a derivative of Vyatta, and it has the capability to establish an Openvpn client-server connection with these information only. I mean " without the need of different key files".

If i understand it correctly, this feature is only available to Vyatta Subscriber edition. Given the fact that Vyos is now fully independent and open source, can the dev team inplement this feature now? Correct me if i am wrong. I wish I am wrong.

Thanks