Jump to content
Not connected, Your IP: 3.235.101.141
pentraitor

ANSWERED Eddie 2.4 (Android) won't accept OpenVPN profiles

Recommended Posts

Hi there.
I'm using Eddie 2.4 on Android 7.1.1.
I'm quite happy here with AirVPN but a friend of mine uses another VPN provider and I suggested he try the Eddie client on Android as an alternative.
So then I wanted to show him how it works and while trying to import his custom .ovpn files into Eddie we ran into a problem.
Eddie just wouldn't accept his .ovpn files. Whenever I selected one of them Eddie just kept on displaying "OpenVPN Profiles (0) - No OpenVPN Profile available".
These profiles work just fine with the OpenVPN app by Arne Schwabe, for example. But Eddie doesn't seem to like them.
Any idea why that is? Do his config files contain something that's simply not compatible with Eddie?

Here's a "redacted" copy of one of the config files:

auth-user-pass
client
dev tun
hand-window 120
inactive 604800
mute-replay-warnings
nobind
persist-key
persist-remote-ip
persist-tun
ping 5
ping-restart 120
redirect-gateway def1
remote-random
reneg-sec 3600
resolv-retry 60
route-delay 2
route-method exe
script-security 2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA
tls-timeout 5
verb 4

tun-ipv6

tun-mtu  1500
tun-mtu-extra  32
mssfix 1450

proto tcp



remote XX.XXX.XXX.XX 44

remote XX.XXX.XXX.XX 443

remote XX.XXX.XXX.XX 4433

remote XX.XXX.XXX.XX 44

remote XX.XXX.XXX.XX 443

remote XX.XXX.XXX.XX 4433

remote XX.XXX.XXX.XX 44

remote XX.XXX.XXX.XX 443

remote XX.XXX.XXX.XX 4433

remote XX.XXX.XXX.XX 44

remote XX.XXX.XXX.XX 443

remote XX.XXX.XXX.XX 4433

remote XX.XXX.XXX.XX 44

remote XX.XXX.XXX.XX 443

remote XX.XXX.XXX.XX 4433



cipher AES-256-GCM
auth SHA512

ignore-unknown-option ncp-disable
ncp-disable

remote-cert-tls server

<ca>
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----

</ca>
<cert>
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----

</cert>
<key>
-----BEGIN PRIVATE KEY-----
[...]
-----END PRIVATE KEY-----

</key>
<tls-crypt>
-----BEGIN OpenVPN Static key V1-----
[...]
-----END OpenVPN Static key V1-----

</tls-crypt>

Share this post


Link to post

Here's a "redacted" AirVPN config file for comparison:

client
dev tun
remote at.vpn.airdns.org 443
resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
verb 3
push-peer-info
setenv UV_IPV6 yes
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
proto tcp
key-direction 1
<ca>
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
[...]
-----END PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
[...]
-----END OpenVPN Static key V1-----
</tls-auth>


 

Share this post


Link to post

Nah, it's Eddie. Have you tried importing a profile from the generator into Eddie? If I try to do that, it throws an "invalid profile" message. It's not about the profile. :D
Apart from some superfluous and effectless directives in the profile of the other VPN provider it's quite fine, I might say. :)


» I am not an AirVPN team member. All opinions are my own and are not to be considered official. Only the AirVPN Staff account should be viewed as such.

» The forums is a place where you can ask questions to the community. You are not entitled to guaranteed answer times. Answer quality may vary, too. If you need professional support, please create tickets.

» If you're new, take some time to read LZ1's New User Guide to AirVPN. On questions, use the search function first. On errors, search for the error message instead.

» If you choose to create a new thread, keep in mind that we don't know your setup. Give info about it. Never forget the OpenVPN logs or, for Eddie, the support file (Logs > lifebelt icon).

» The community kindly asks you to not set up Tor exit relays when connected to AirVPN. Their IP addresses are subject to restrictions and these are relayed to all users of the affected servers.

 

» Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, chances are you will be unique amond the mass again.

Share this post


Link to post

Huh, talk about the most obvious thing to try... and of course I haven't... yet ;)
But thanks for the suggestion. I just tried it and it definitely worked with a .ovpn I just generated from AirVPN.
I had no issue adding the profile and no issue connecting to the server.
So now it's pretty safe to assume it's because of the content inside the other .ovpn file, right?

Share this post


Link to post

By the way which directives do you think are superfluous? Maybe I could try to remove them manually to see if that makes a difference.

Share this post


Link to post

Tried a few things. I'm fairly certain that the only unsupported thing is multiple remote directives. I was able to import both the profile you provided and a freshly generated .ovpn config file when it contains only one remote.
 

9 minutes ago, pentraitor said:

By the way which directives do you think are superfluous? Maybe I could try to remove them manually to see if that makes a difference.


Doesn't matter much now. :D

» I am not an AirVPN team member. All opinions are my own and are not to be considered official. Only the AirVPN Staff account should be viewed as such.

» The forums is a place where you can ask questions to the community. You are not entitled to guaranteed answer times. Answer quality may vary, too. If you need professional support, please create tickets.

» If you're new, take some time to read LZ1's New User Guide to AirVPN. On questions, use the search function first. On errors, search for the error message instead.

» If you choose to create a new thread, keep in mind that we don't know your setup. Give info about it. Never forget the OpenVPN logs or, for Eddie, the support file (Logs > lifebelt icon).

» The community kindly asks you to not set up Tor exit relays when connected to AirVPN. Their IP addresses are subject to restrictions and these are relayed to all users of the affected servers.

 

» Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, chances are you will be unique amond the mass again.

Share this post


Link to post

Thanks for taking the time, giganerd. I really appreciate it!

The "redacted" config file I posted above contained the IPs of multiple servers for each city the provider has servers in. And each server also had three ports to choose from.
So then I generated config files for each single server, but each of these config files still had three "remote" directives, one for each port. Eddie still wouldn't accept it.
Then I removed all but one "remote" directive
with one single port, and suddenly Eddie accepted the config file :)

The only other thing I had to do was enter the credentials under the "Authentication" tab inside the settings.
Now it seems to be working without any issue. At least so far.

Again, thank you so much for your input, giganerd!

Share this post


Link to post
Guest
This topic is now closed to further replies.

×
×
  • Create New...