I got Ivacy VPN service. Anyone got idea on how to make it work as I try manual setting or even import their OpenVPN cert also can’t
Try to get “OpenVPN Files with Certificates” in this URL:
https://support.ivacy.com/vpnusecases/openvpn-files-windows-routers-ios-linux-and-mac/
Profiles in this file have the certs embeded inside each profile, so you do not need a separate ca.cert file. You can try the other links on the above site if the one I mentioned doesn’t work. I tried a few of them before success.
Ivacy support said not support for Firewalla, faint
Yes, I have tried OpenVPN Files with Certificates but can’t import it
The openvpn profile, when opened with text editor, would look something like this:
proto tcp
remote xxx.ivacy.net 80
client
verb 1
dev tun
auth-user-pass
persist-key
persist-tun
nobind
<ca>
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIJAMjXFoeo5uSlMA0GCSqGSIb3DQEBCwUAMIGoMQswCQYD
......
4ZjTr9nMn6WdAHU2
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
MIIEnzCCA4egAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBqDELMAkGA1UEBhMCSEsx
......
21oww875KisnYdWjHB1FiI+VzQ1/gyoDsL5kPTJVuu2CoG8=
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMbJ8p+L+scQz57g
......
d7q7xhec5WHlng==
-----END PRIVATE KEY-----
</key>
<tls-auth>
2048 bit OpenVPN static key
-----BEGIN OpenVPN Static key V1-----
e30af995f56d07426d9ba1f824730521
......
dd94498b4d7133d3729dd214a16b27fb
-----END OpenVPN Static key V1-----
</tls-auth>
key-direction 1
remote-cert-tls server
cipher AES-256-CBC
route-method exe
route-delay 0
script-security 2
One of the links in my previous reply are generated in this format, i.e. containing all the certs and keys, so you can directly import. Alternatively, you can manually edit the profile to make it look this way, by copying relevant keys in separate file to the profiles, but obviously you will need to do it on each profile of every country you want to import.
Thanks but below is the error I obtain…
2023-04-26 13:34:18 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2023-04-26 13:34:18 TCP/UDP: Preserving recently used remote address: [AF_INET]103.103.103.103:103
2023-04-26 13:34:18 UDP link local: (not bound)
2023-04-26 13:34:18 UDP link remote: [AF_INET]103.103.103.103:103
2023-04-26 13:34:18 WARNING: ‘link-mtu’ is used inconsistently, local=‘link-mtu 1557’, remote=‘link-mtu 1550’
2023-04-26 13:34:18 WARNING: ‘auth’ is used inconsistently, local=‘auth SHA1’, remote=‘auth [null-digest]’
2023-04-26 13:34:18 WARNING: ‘comp-lzo’ is present in remote config but missing in local config, remote=‘comp-lzo’
2023-04-26 13:34:18 [Secure-Server] Peer Connection Initiated with [AF_INET]103.103.103.103:103
2023-04-26 13:34:19 AUTH: Received control message: AUTH_FAILED
2023-04-26 13:34:19 SIGTERM received, sending exit notification to peer
2023-04-26 13:34:20 SIGTERM[soft,exit-with-notification] received, process exiting
uh, I do not know how to interpret the log, but it happened to me that a number of profiles (servers I mean) were not working. What I would do is to try a few more different profiles/servers, or if you can, try a profile with server that is known to be working.
Ic, I’m using hk server, if using app connect no issue, but if install to Firewalla doesn’t work, haiz
For HK, I am using the TCP profile daily. I have sent mine to you via dm, which I think should be identical to the one you’ve got. Please make sure the username and password are entered correctly, as I see that there may be a chance of wrong username/password from your previous log. If still not working, you may need to contact ivacy support. Ask them to point you to the correct profile in the aforementioned format.
Thanks, but still failed, username and password keyed, except the certificate password leave in blank.
Force dns over VPN enable
Internet kill switch enable
Sad to hear that. All I can say is I have checked my own working profile is identical to the one I’ve sent you, and it was still working a minute ago. Probably you need to contact its support.
BTW, are you HKer? Just a reminder that ivacy appears to be based in Singapore. If your purpose is to hide identity, the company itself is not tested for integrity. At least use profiles other than HK. If you only use it for streaming, it will be fine.