Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

Search found 1236 matches

by parityboy
Tue Dec 31, 2019 3:42 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: The CryptoStorm Speed Test Thread
Replies: 78
Views: 168747

Re: The CryptoStorm Speed Test Thread

@thread I recently upgraded to a 70Mb/s FTTC connection so I thought I'd share some results here. :) Connected to the Sweden node and pulling a copy of Linux Mint from the Swedish mirror, I get this: Resolving saimei.ftp.acc.umu.se (saimei.ftp.acc.umu.se)... 194.71.11.138, 2001:6b0:19::138 Connecti...
by parityboy
Thu Dec 26, 2019 12:42 am
Forum: member support & tech assistance
Topic: Some services down?
Replies: 15
Views: 926

Re: Some services down?

@Bob

Which node are you trying to connect to?
by parityboy
Tue Dec 17, 2019 5:21 am
Forum: cryptofree: no-cost cryptostorm network access
Topic: Free service registration broken
Replies: 1
Views: 517

Re: Free service registration broken

@OP

I think registering for a Wireguard token is broken at the moment.
by parityboy
Fri Dec 06, 2019 12:10 am
Forum: member support & tech assistance
Topic: Token doesn't work - support not responding.
Replies: 18
Views: 876

Re: Token doesn't work - support not responding.

DudeOfLondon wrote:
Thu Dec 05, 2019 5:16 am
Also some European servers don't load all webpages. eg. the Frankfurt node does oly load half of my websites. Not ebven this forum loads with the Frankfurt node.
I could be wrong but apart from a misconfiguration, the Frankfurt node might have a flaky network card in it.
by parityboy
Wed Dec 04, 2019 9:17 pm
Forum: member support & tech assistance
Topic: cryptostorm.nu down?
Replies: 4
Views: 418

Re: cryptostorm.nu down?

Mikrano wrote:
Wed Dec 04, 2019 5:42 am
From some sources here, hopefully its not true, DF got captured by FBI. Is this true?
Absolutely no idea. He could have been hit by a car, struck down with illness, had to relocate @ short notice (although the last one is less likely, considering the lack of comms but you never know).
by parityboy
Wed Dec 04, 2019 5:17 am
Forum: member support & tech assistance
Topic: Black Friday Sale
Replies: 10
Views: 541

Re: Black Friday Sale

This is worrying, lots of down servers, df not seen anywhere, strange message on twitter yesterday!! parityboy, any insights????? edit; also HavenLabs hasn't tweeted anything since july 7, they're part of CS, right? There's something strange going on... HavenLabs is not a Twitter account I follow, ...
by parityboy
Wed Dec 04, 2019 5:14 am
Forum: member support & tech assistance
Topic: Token doesn't work - support not responding.
Replies: 18
Views: 876

Re: Token doesn't work - support not responding.

@DudeOfLondon When I connect (using Konversation) I get [SSL Connection Warning] The SSL certificate for the server irc.cryptostorm.is (port 6697) failed the authenticity check. likely due to the SSL certificate being self-signed. Odd that they never replaced it with a Let's Encrypt cert, but the I...
by parityboy
Mon Dec 02, 2019 5:27 pm
Forum: member support & tech assistance
Topic: Spammers
Replies: 4
Views: 413

Re: Spammers

MOQ888 wrote:
Mon Dec 02, 2019 7:37 am
bloody nuisances, they PM spam as well ...
Yeah, but the good thing about those is that they have to register on the site with a username. I've handed out a few IP bans as a result. :D
by parityboy
Mon Dec 02, 2019 5:26 pm
Forum: DeepDNS - cryptostorm's no-compromise DNS resolver framework
Topic: DNS over TLS with unbound
Replies: 2
Views: 233

Re: DNS over TLS with unbound

@OP

As far as I know, CS only support DNSCrypt.
by parityboy
Mon Dec 02, 2019 1:54 am
Forum: member support & tech assistance
Topic: Token doesn't work - support not responding.
Replies: 18
Views: 876

Re: Token doesn't work - support not responding.

@Hyam

Thanks for not going off at the deep end. :D And yes, it is disappointing but more worrying than disappointing.

@DudeOfLondon

It looks like the Wireguard instance at the Frankfurt server has fallen over. The OpenVPN instance is up and running (I'm connected to it right now).
by parityboy
Sat Nov 30, 2019 9:13 am
Forum: member support & tech assistance
Topic: Token doesn't work - support not responding.
Replies: 18
Views: 876

Re: Token doesn't work - support not responding.

@OP I owe you an apology: I saw your latest posts and managed to hit the "Disapprove" button, which was damned careless of me; once again, I apologise. On a more technical note, if you wish to know which nodes are available, check my sig for an uptime page. For some odd reason, Moldova spent a day ...
by parityboy
Sat Nov 30, 2019 9:07 am
Forum: member support & tech assistance
Topic: Black Friday Sale
Replies: 10
Views: 541

Re: Black Friday Sale

@OP

There's a Black Friday announcement on the site, which could have been automated. As far as I am aware, it wasn't placed there by df.
by parityboy
Fri Nov 29, 2019 6:26 pm
Forum: member support & tech assistance
Topic: Black Friday Sale
Replies: 10
Views: 541

Re: Black Friday Sale

@OP

As you may or may not know, df has been missing in action for the past few days. Unless he pops up shortly, there won't be any Black Friday sales. I would hold off buying any tokens at all until he returns. :)
by parityboy
Thu Nov 28, 2019 10:34 pm
Forum: member support & tech assistance
Topic: Token doesn't work - support not responding.
Replies: 18
Views: 876

Re: Token doesn't work - support not responding.

They are not responding on twitter, irc server is down, wireguard not working. Something's definitively happening. I hope the boys are ok. If you have a native IRC client, you can hop onto IRC at irc.cryptostorm.is, port 6697 (SSL) or 6667 (non-SSL). It's the same problem with me. I bought 3 tokens...
by parityboy
Thu Nov 28, 2019 5:51 am
Forum: member support & tech assistance
Topic: Token doesn't work - support not responding.
Replies: 18
Views: 876

Re: Token doesn't work - support not responding.

@OP

Cryptostorm is definitely not a scam, I've been using it since 2014, basically since launch day. :)

Can you post any logs from your OpenVPN connection attempts (I don't use Wireguard so I'm not familiar with it)? Also which server are you trying to connect to?
by parityboy
Thu Nov 28, 2019 5:46 am
Forum: member support & tech assistance
Topic: Some services down?
Replies: 15
Views: 926

Re: Some services down?

@moris

If you have a native IRC client you can join the IRC channel at irc.cryptstorm.is, port 6697 (SSL) or 6667 (non-SSL). The channel name is #cryptostorm.
by parityboy
Wed Nov 27, 2019 9:36 am
Forum: member support & tech assistance
Topic: Some services down?
Replies: 15
Views: 926

Re: Some services down?

@OP

Glad you got it working. :D By the way, if you wish to know if a node truly is down or not, check here. :)
by parityboy
Tue Nov 26, 2019 5:59 pm
Forum: member support & tech assistance
Topic: Some services down?
Replies: 15
Views: 926

Re: Some services down?

@OP nslookup la.cryptostorm.pw Server: 127.0.1.1 Address: 127.0.1.1#53 Non-authoritative answer: Name: la.cryptostorm.pw Address: 173.208.77.71 Name: la.cryptostorm.pw Address: 173.208.77.70 Name: la.cryptostorm.pw Address: 173.208.77.89 Name: la.cryptostorm.pw Address: 23.19.67.117 Name: la.crypto...
by parityboy
Sun Nov 24, 2019 5:00 am
Forum: member support & tech assistance
Topic: Spammers
Replies: 4
Views: 413

Re: Spammers

@OP

df is going to have to implement a CAPTCHA or something to block automated registration bots...and then maybe 2FA afterwards to knock out password guessers.
by parityboy
Sun Nov 24, 2019 4:56 am
Forum: member support & tech assistance
Topic: Default port forwarding
Replies: 1
Views: 99

Re: Default port forwarding

@OP

Are you talking about port forwarding in general or specifically doing it on a Cryptostorm exit node?
by parityboy
Sun Nov 24, 2019 4:54 am
Forum: member support & tech assistance
Topic: cryptostorm.nu down?
Replies: 4
Views: 418

Re: cryptostorm.nu down?

@OP

No idea, but it's definitely still down for whatever reason...
by parityboy
Mon Aug 05, 2019 9:05 pm
Forum: independent cryptostorm token resellers, & tokens 101
Topic: New token reseller -> okaruto.space
Replies: 9
Views: 17704

Re: New token reseller -> okaruto.space

@OP

Glad you're back and still operating! :D
by parityboy
Sun Jul 07, 2019 1:11 am
Forum: crypto, VPN & security news
Topic: [VPNPro] Hidden VPN owners unveiled: 97 VPN products run by just 23 companies
Replies: 0
Views: 3690

[VPNPro] Hidden VPN owners unveiled: 97 VPN products run by just 23 companies

On the surface, it may seem that the VPN market is teeming with various companies competing for a piece of the growing consumer VPN pie. However, when we began to look further into the VPNs and the companies that own them, we noticed something interesting: a lot of these products are owned by the s...
by parityboy
Sun Jul 07, 2019 1:07 am
Forum: general chat, suggestions, industry news
Topic: OpenWRT + VPN (openvpn) + doh (dnscrypt-proxy)
Replies: 1
Views: 852

Re: OpenWRT + VPN (openvpn) + doh (dnscrypt-proxy)

@OP

It's always useful to run a VPN on a router, since it saves having to run a VPN client on every Internet-accessing device. DNSCrypt is the cherry on top if you can get it working. :)
by parityboy
Sun Jul 07, 2019 1:04 am
Forum: member support & tech assistance
Topic: internal DHCP ip clash only on Dusseldorf UDP
Replies: 3
Views: 1053

Re: internal DHCP ip clash only on Dusseldorf UDP

@OP

Interesting...do you not use the usual 192.168.x.x. addressing scheme on your LAN, or is this on a mobile Windows device?
by parityboy
Sun Jul 07, 2019 1:01 am
Forum: member support & tech assistance
Topic: VirtualBox Kubuntu VM not allowing LAN access with CS
Replies: 4
Views: 900

Re: VirtualBox Kubuntu VM not allowing LAN access with CS

MOQ888 wrote:
Tue Jul 02, 2019 3:09 pm
DOH ... I switched it from NAT to Bridged and of course it works perfectly. Tks PB!
yw. :D
by parityboy
Mon Jun 24, 2019 5:20 pm
Forum: member support & tech assistance
Topic: IPLeak.net broken?
Replies: 18
Views: 4553

Re: IPLeak.net broken?

@df

Yeah, thanks for that. I think that for now 'll just set the 10.x.x.x DNS server address on the hosts I need it for. It works and is a simple fix. :)
by parityboy
Mon Jun 24, 2019 5:15 pm
Forum: member support & tech assistance
Topic: VirtualBox Kubuntu VM not allowing LAN access with CS
Replies: 4
Views: 900

Re: VirtualBox Kubuntu VM not allowing LAN access with CS

@OP

In the VM config, is the LAN interface NAT or bridged?
by parityboy
Thu May 23, 2019 6:23 am
Forum: member support & tech assistance
Topic: IPLeak.net broken?
Replies: 18
Views: 4553

Re: IPLeak.net broken?

@parityboy ... As for the DNS leak test failing, I can only see that happening on a host behind the router, and only if the host is set to use DHCP and a DNS server running on the router (which would be connected to CS, and maybe set to use the DNS pushed by the VPN ). That's the one thing that pfS...
by parityboy
Mon Apr 29, 2019 2:30 pm
Forum: crypto, VPN & security news
Topic: [The Register] There's NordVPN odd about this, right? Infosec types concerned over strange app traffic
Replies: 0
Views: 2160

[The Register] There's NordVPN odd about this, right? Infosec types concerned over strange app traffic

Weird things are afoot with NordVPN's app and the traffic it generates - Reg readers have spotted it contacting strange domains in the same way compromised machines talk to botnets' command-and-control servers. Although NordVPN has told us this is expected behaviour by the app and is intended as a ...
by parityboy
Sun Apr 28, 2019 4:42 pm
Forum: member support & tech assistance
Topic: IPLeak.net broken?
Replies: 18
Views: 4553

Re: IPLeak.net broken?

@df Apart from the usual SNAT/MASQ stuff which is needed anyway, the only thing outstanding I have in pfSense is a port forward rule to support a private tracker and that only applies to a single VM guest on a host-only network of its own. Another thing I noticed is that I can't get pfSense to reso...
by parityboy
Sun Apr 28, 2019 1:45 am
Forum: member support & tech assistance
Topic: IPLeak.net broken?
Replies: 18
Views: 4553

Re: IPLeak.net broken?

@df

I get 88.202.180.213, which is one of the England exit node IPs.
by parityboy
Sun Apr 28, 2019 12:24 am
Forum: member support & tech assistance
Topic: IPLeak.net broken?
Replies: 18
Views: 4553

Re: IPLeak.net broken?

@df
Screenshot_20190427_202245.png

Code: Select all

whoami.cryptostorm.is has address 88.202.180.213
Those are exit node IPs. : ) They are what shows up on https://cryptostorm.is/test, depending on the exit node being used.
by parityboy
Fri Apr 26, 2019 9:51 pm
Forum: member support & tech assistance
Topic: IPLeak.net broken?
Replies: 18
Views: 4553

Re: IPLeak.net broken?

@df

I just tried the CS DNS Leak Test page. The IPs it listed are actually the IPs of the exit nodes I'm connected to, rather than the DNS servers I'm using, hence it lists them in red as "not cryptostorm DNS". I've configured pfSense to use 82.163.72.123 and 128.127.104.108 as DNS servers.
by parityboy
Mon Mar 11, 2019 7:36 pm
Forum: member support & tech assistance
Topic: Connecting through Cryptostorm in China
Replies: 2
Views: 1960

Re: Connecting through Cryptostorm in China

@OP As far as I am aware, the Great Firewall will (at least try to) block OpenVPN at the protocol level. The newer CS configs employ TLS to encrypt the OpenVPN handshake which should defeat and kind of Deep Packet Inspection. However Cryptostorm IPs are public, so blocking them is not exactly diffi...
by parityboy
Mon Mar 11, 2019 7:33 pm
Forum: member support & tech assistance
Topic: NBN (National Broadband Network) in Australia
Replies: 2
Views: 1960

Re: NBN (National Broadband Network) in Australia

@marza

Unless NBN goes out of its way to block port 443 or the OpenVPN protocol, it should no different to how it is now in terms of setup and operation.
by parityboy
Mon Jan 14, 2019 3:24 pm
Forum: crypto, VPN & security news
Topic: [BleepingComputer] VORACLE Attack Can Recover HTTP Data From VPN Connections
Replies: 5
Views: 15512

Re: [BleepingComputer] VORACLE Attack Can Recover HTTP Data From VPN Connections

@df

Really? All of the security-related posts here on the form have all pointed to compression being disabled (at least according to PJ and the earlier configs).
by parityboy
Fri Dec 07, 2018 5:15 pm
Forum: general chat, suggestions, industry news
Topic: wrong repository link in tutorial
Replies: 3
Views: 6192

Re: wrong repository link in tutorial

@OP Try this: sudo -s wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg|apt-key add - echo "deb http://build.openvpn.net/debian/openvpn/stable bionic main" > /etc/apt/sources.list.d/openvpn-aptrepo.list apt-get update && apt-get install openvpn exit Linux Mint is based on Ubuntu and the ...
by parityboy
Thu Nov 01, 2018 11:43 pm
Forum: member support & tech assistance
Topic: Probs with new configs in Ubuntu
Replies: 28
Views: 19513

Re: Probs with new configs in Ubuntu

MOQ888 wrote:kubuntu up and running, CS working well - HOORAY!
:thumbup: :thumbup: :D
by parityboy
Thu Nov 01, 2018 11:42 pm
Forum: member support & tech assistance
Topic: [VyOS] VyOS Complains That ca.crt Is Invalid
Replies: 9
Views: 12081

Re: [VyOS] VyOS Complains That ca.crt Is Invalid

@df

As a router, VyOS is actually OK. As a security device, clearly not so much so I would never use it as an edge device (although some people put their firewalls behind their edge-located routers).
by parityboy
Tue Oct 30, 2018 12:47 pm
Forum: member support & tech assistance
Topic: [VyOS] VyOS Complains That ca.crt Is Invalid
Replies: 9
Views: 12081

Re: [VyOS] VyOS Complains That ca.crt Is Invalid

@df I blew the VyOS instance away (I'll likely get a mini PC from AliExpress or Banggood and stick pfSense on it) but here's the ca.crt I was using. -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgIJAKekpGXxXvhbMA0GCSqGSIb3DQEBCwUAMIG6MQswCQYD VQQGEwJDQTELMAkGA1UECBMCUUMxETAPBgNVBAcTCE1vbnRyZWFsMTYwN...
by parityboy
Tue Oct 30, 2018 12:41 pm
Forum: member support & tech assistance
Topic: Probs with new configs in Ubuntu
Replies: 28
Views: 19513

Re: Probs with new configs in Ubuntu

@MOQ888

Hmmm...I have KDE Neon badgering me to update it to its new 18.04 LTS base, but I'm now wondering whether it's worth it. Having said that, my VPN is handled by a router so I wouldn't need Network Manager for VPN duty. :)
by parityboy
Sun Oct 28, 2018 7:21 pm
Forum: member support & tech assistance
Topic: Probs with new configs in Ubuntu
Replies: 28
Views: 19513

Re: Probs with new configs in Ubuntu

@MOQ888

Glad you got working. :D Now we just need Network Manager to support the ECC instances. :)
by parityboy
Sat Oct 27, 2018 3:31 pm
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 15513

Re: [Exits] England Node Not Passing Any Traffic

@df

I agree. :P On that note, what happened to the Spain node? I see the legacy one has been consolidated onto the Portugal node and the newer configs (including RSA) have no Spain node at all.
by parityboy
Sat Oct 27, 2018 8:15 am
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 15513

Re: [Exits] England Node Not Passing Any Traffic

@df

Sounds like something might be broken in the kernel running on that machine, or maybe sysctl needs a tweak? No reason why UDP should have issues when TCP works fine and the Windows-optimised instances also work fine.
by parityboy
Sat Oct 27, 2018 7:58 am
Forum: member support & tech assistance
Topic: [SOLVED] Port Forwarding On Legacy Nodes: Broken?
Replies: 6
Views: 6614

[SOLVED] Re: Port Forwarding On Legacy Nodes: Broken?

@df Found it. :D In pfSense on the Port Forwarding page, simply creating the rule isn't enough. There's a field near the bottom of the page which says "Filter rule association". The default selection for this is "None" (no doubt for security reasons). To make the rule active, one needs to select "P...
by parityboy
Sat Oct 27, 2018 6:05 am
Forum: member support & tech assistance
Topic: [SOLVED] Port Forwarding On Legacy Nodes: Broken?
Replies: 6
Views: 6614

[SOLVED] Re: Port Forwarding On Legacy Nodes: Broken?

@df Yep, I have a NAT hole punched in my pfSense firewall for the VPN client address (10.66.216.32) which is in turn forwarded to the VM running my BitTorrent client (which is listening on 45886). Weird - it definitely worked before the upgrade (I checked it with telnet from an outside network). I'...
by parityboy
Fri Oct 26, 2018 4:23 pm
Forum: member support & tech assistance
Topic: [SOLVED] Port Forwarding On Legacy Nodes: Broken?
Replies: 6
Views: 6614

[SOLVED] Re: Port Forwarding On Legacy Nodes: Broken?

@df

I'm currently on 128.127.104.111, port number 45886. Try telneting to it and see if you get a response.
by parityboy
Thu Oct 25, 2018 11:39 pm
Forum: member support & tech assistance
Topic: [SOLVED] Port Forwarding On Legacy Nodes: Broken?
Replies: 6
Views: 6614

[SOLVED] Port Forwarding On Legacy Nodes: Broken?

I've just realised that the port forwarding feature on the legacy RSA nodes - <os>-<location>.cryptostorm.net - doesn't seem to be functional. The setup page at http://10.31.33.7/fwd is there and appears to set the mapping (even complaining when you try to set the mapping twice) but telnet ing to th...
by parityboy
Wed Oct 24, 2018 6:04 pm
Forum: member support & tech assistance
Topic: Probs with new configs in Ubuntu
Replies: 28
Views: 19513

Re: Probs with new configs in Ubuntu

@OP

I'm going to have to dig into this. I'm running KDE Neon (now based on 18.04 LTS but mine is still running a 16.04 LTS base) and I suspect it has a newer Network Manager that accommodates this. Mine looks like this.

Image
by parityboy
Mon Oct 22, 2018 5:23 pm
Forum: member support & tech assistance
Topic: Probs with new configs in Ubuntu
Replies: 28
Views: 19513

Re: Probs with new configs in Ubuntu

@OP Oct 22 21:40:28 e8100i7 NetworkManager[1163]: nm-openvpn-Message: openvpn[7095]: send SIGTERM Oct 22 21:40:28 e8100i7 nm-openvpn[7095]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Oct 22 21:40:28 e8100i7 nm-openvpn[7095]: TLS Error: TLS hand...
by parityboy
Sun Oct 21, 2018 11:05 pm
Forum: member support & tech assistance
Topic: Probs with new configs in Ubuntu
Replies: 28
Views: 19513

Re: Probs with new configs in Ubuntu

@OP

Can you collect and post some logs so we can see what Network Manager is doing? I suspect it's related to TLS handshaking, but I'd like to be sure. :)
by parityboy
Sat Oct 20, 2018 6:56 am
Forum: member support & tech assistance
Topic: block outside dns
Replies: 5
Views: 8732

Re: block outside dns

@marza

I can't really help you on the Windows side of things, but would you ever consider delegating VPN duty to a router? That way you wouldn't have to deal with all the weirdness. :)
by parityboy
Thu Oct 18, 2018 4:46 pm
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 15513

Re: [Exits] England Node Not Passing Any Traffic

@blurb Yeah, Wireguard looks really nice. Needs more router support and therefore greater adoption, but it needs auditing before anything else. OpenVPN is complex and annoying, but on the other hand it was the first decent VPN that wasn't closed code (i.e. enterprise and therefore expensive and/or ...
by parityboy
Thu Oct 18, 2018 5:47 am
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 15513

Re: [Exits] England Node Not Passing Any Traffic

@blurb,@df OK, I've tested all of the legacy EU nodes ( linux-<location>.cryptostorm.net ). The following nodes connect and successfully pass traffic: Denmark Dusseldorf Frankfurt Finland Latvia Netherlands Paris Poland Romania Rome Sweden Switzerland The following nodes are broken and refuse to pa...
by parityboy
Thu Oct 18, 2018 3:05 am
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 15513

Re: [Exits] England Node Not Passing Any Traffic

@blurb Well if I remember rightly, you've got it running on a Tomato-based router (which is based on Linux). I've experienced this issue on both Linux Mint 18.3 and pfSense 2.3.4 (which is based on FreeBSD). Also yes, all of the nodes are physical machines running multiple instances of OpenVPN, eac...
by parityboy
Wed Oct 17, 2018 7:23 pm
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 15513

Re: [Exits] England Node Not Passing Any Traffic

@blurb This is what I'm getting in my pfSense log: Oct 17 14:18:27 openvpn 22625 Bad LZO decompression header byte: 0 Oct 17 14:18:47 openvpn 22625 Bad LZO decompression header byte: 0 Oct 17 14:19:07 openvpn 22625 Bad LZO decompression header byte: 0 Oct 17 14:19:07 openvpn 22625 [cryptostorm serv...
by parityboy
Wed Oct 17, 2018 7:00 pm
Forum: member support & tech assistance
Topic: Best Node for Australian Members
Replies: 2
Views: 6937

Re: Best Node for Australian Members

@OP Going by this map , I'd say US West coast, based on the links. Failing that, I would suggest the most eastern part of Europe (Poland, Romania); bear in mind that overland links are not shown. Check this link for a list of the node locations. UPDATE I've just realised that we now have a Hong Kon...
by parityboy
Wed Oct 17, 2018 6:48 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: The CryptoStorm Speed Test Thread
Replies: 78
Views: 168747

Re: The CryptoStorm Speed Test Thread

@blurb Many thanks for sharing this. :D Ironically, while the newer ECC cryptographic algorithms are much more efficient than the older RSA - requiring much less CPU power for the same level of cryptographic strength - there's a good chance that the older routers (which would actually benefit from ...
by parityboy
Wed Oct 17, 2018 6:37 pm
Forum: general chat, suggestions, industry news
Topic: Token Hashing - OpenVPN user input
Replies: 24
Views: 49078

Re: Token Hashing - OpenVPN user input

@cryptomon It could be then that either the parsing code for the HTML page or the database which actually stores the username/password credentials have not been updated to reflect the update to the HTML page. Having said that, it might be worth looking to see if the router actually stores the crede...
by parityboy
Wed Oct 17, 2018 2:17 am
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 15513

Re: [Exits] England Node Not Passing Any Traffic

@blurb

Yeah, I confirmed it directly from the desktop with Network Manager. My OP concerned pfSense, but the effect (unfortunately) is the same.
by parityboy
Tue Oct 16, 2018 9:30 pm
Forum: general chat, suggestions, industry news
Topic: Token Hashing - OpenVPN user input
Replies: 24
Views: 49078

Re: Token Hashing - OpenVPN user input

@cryptomon

Could you try inspecting the HTML in something like Firefox's debugger? It may give you the ability to alter the HTML (i.e. remove the restriction on the input field) temporarily just so that you can input the hashed token.
by parityboy
Mon Oct 15, 2018 3:35 pm
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 15513

[Exits] England Node Not Passing Any Traffic

Has anyone else noticed this? I have the NL node configured identically and it works fine, but the England node (5.101.149.7) refuses to pass any traffic.
by parityboy
Sat Oct 13, 2018 7:03 am
Forum: member support & tech assistance
Topic: New configuration files - my setup issues
Replies: 3
Views: 7511

Re: New configuration files - my setup issues

@OP

I'd guess that the IP addresses of the new ecc/ed448/ed25519 instances are not yet in the check databases.
by parityboy
Tue Oct 09, 2018 4:38 pm
Forum: guides, HOWTOs & tutorials
Topic: ASUS router stock firmware OpenVPN working.
Replies: 7
Views: 19660

Re: ASUS router stock firmware OpenVPN working.

Hi, I am running Asuswrt-Merlin 384.7 and I am getting the following in my log: httpd: nvram_check fail: nvram vpn_client_username over length (128 > 64) ovpn-client1[8736]: ERROR: username from Auth authfile 'up' is empty ovpn-client1[8736]: Exiting due to fatal error Any ideas on what I need to d...
by parityboy
Tue Oct 02, 2018 7:11 am
Forum: cryptofree: no-cost cryptostorm network access
Topic: Speeds
Replies: 12
Views: 26795

Re: Speeds

@blurb

That sounds good. :)

Is your connection cable, fiber or xDSL (including hybrid fiber)? Also, would you be kind enough to document your experience in the Speed Test thread? :D
by parityboy
Mon Oct 01, 2018 10:41 pm
Forum: member support & tech assistance
Topic: [VyOS] VyOS Complains That ca.crt Is Invalid
Replies: 9
Views: 12081

Re: [VyOS] VyOS Complains That ca.crt Is Invalid

@df OK, so I tried using NordVPN's certificate (extracted from one of their OpenVPN configuration files) and VyOS accepted it. For posterity, here it is. -----BEGIN CERTIFICATE----- MIIFCjCCAvKgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA5MQswCQYDVQQGEwJQQTEQ MA4GA1UEChMHTm9yZFZQTjEYMBYGA1UEAxMPTm9yZFZQTiBSb290...
by parityboy
Mon Oct 01, 2018 10:11 pm
Forum: member support & tech assistance
Topic: [VyOS] VyOS Complains That ca.crt Is Invalid
Replies: 9
Views: 12081

Re: [VyOS] VyOS Complains That ca.crt Is Invalid

@df I checked using the method you described and yes, it's the RSA cert (1866 bytes long). As for the other certs and keys, seemingly the VyOS scripts expect them regardless of whether they are used or not. Either way, even before I created them, VyOS was whining that Cryptostorm's ca.crt was not v...
by parityboy
Fri Sep 28, 2018 10:52 pm
Forum: member support & tech assistance
Topic: [VyOS] VyOS Complains That ca.crt Is Invalid
Replies: 9
Views: 12081

Re: [VyOS] VyOS Complains That ca.crt Is Invalid

@thread

OK, quick update. I upgraded VyOS to 1.2.0, which runs OpenVPN 2.3.4 It will accept the CA cert for PIA, but NOT the one for Cryptostorm.

I have no idea why. df if you (or anyone else) can offer any ideas, it would be greatly appreciated. :)
by parityboy
Fri Sep 28, 2018 9:09 pm
Forum: member support & tech assistance
Topic: [VyOS] VyOS Complains That ca.crt Is Invalid
Replies: 9
Views: 12081

Re: [VyOS] VyOS Complains That ca.crt Is Invalid

OK, I've found two things: 1) PIA's ca.2048.crt file works perfectly well, while Cryptotsorm's ca.crt does not. 2) VyOS 1.1.8 actually uses OpenVPN 2.1.x, which doesn't connect even to PIA's network so it certainly won't connect to Cryptostorm's. The age of the OpenVPN build on VyOS 1.1.8 might be w...
by parityboy
Thu Sep 27, 2018 5:13 am
Forum: member support & tech assistance
Topic: How to obfuscate VPN usage from ISP in restricted countries?
Replies: 2
Views: 7288

Re: How to obfuscate VPN usage from ISP in restricted countries?

@OP If you're talking specifically about the Cryptostorm VPN service, using the ECC instances will help, since (if I have this correct) they encrypt the handshake between client and server, so it cannot be identified as being OpenVPN. The non-ECC instances cannot do this and so they can be blocked ...