Jump to content
TorGuard
Support

TorGuard Certificate and Network Upgrades

Recommended Posts

Support

Currently, we are in the process of upgrading the TorGuard network to help get ready for IPv6 implementation along with upgrades to our stealth protocol,  general hardware upgrades and adding new servers to various locations, these will be done in stages over the next few months although certificate changes are already fully implemented.

If you currently are having trouble connecting please see below:

COMMON SYMPTOMS:

- Auth / Reconnect loop
- Certificate error - TLS_ERROR: BIO read tls_read_plaintext error

HOW TO FIX:

- Redownload and install the latest TorGuard Desktop or Android Clients located here, reinstall if you already have this version.
- If using OpenVPN on your routers and NAS devices you need to update the certificate to the one located here or regenerate your config using our generator here - if you use the Asus stock firmware, make sure to select OpenVPN 2.3, if you have a Synology NAS make sure to select the Asus image on the generator, the config is identical.

- If using OpenVPN through the command line then you just need to update your cert to this one here

SYNOLOGY NAS USERS:

Make sure to generate your config using OpenVPN 2.3 - check the Asus icon, change to OpenVPN 2.3 and this will generate a compatible config.

ASUS STOCK FIRMWARE:

Most Asus routers using stock still appear to be using OpenVPN 2.3 - check the Asus icon, change to OpenVPN 2.3 and this will generate a compatible config.

DD-WRT USERS with Manual Config:

Remove all in the CA Cert field (Certificate Authority) and copy and paste in this cert: https://torguard.net/downloads/ca.txt

That is the ONLY change you need to make, hit save and then apply settings.

DD-WRT USERS with Startup Script Config:

Under Administration --> Commands click Edit at the bottom of the field that includes your script, edit the column with your certificate, pay attention to the quotes, you need those quotes for the script to function, remove all in between:

CA_CRT="-------"

To look like below:

CA_CRT="-----BEGIN CERTIFICATE-----
MIIDMTCCAhmgAwIBAgIJAKnGGJK6qLqSMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
BAMMCVRHLVZQTi1DQTAgFw0xOTA1MjExNDIzMTFaGA8yMDU5MDUxMTE0MjMxMVow
FDESMBAGA1UEAwwJVEctVlBOLUNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlv0UgPD3xVAvhhP6q1HCmeAWbH+9HPkyQ2P6qM5oHY5dntjmq8YT48FZ
GHWv7+s9O47v6Bv7rEc4UwQx15cc2LByivX2JwmE8JACvNfwEnZXYAPq9WU3ZgRr
AGvA09ItuLqK2fQ4A7h8bFhmyxCbSzP1sSIT/zJY6ebuh5rDQSMJRMaoI0t1zorE
Z7PlEmh+o0w5GPs0D0vY50UcnEzB4GOdWC9pJREwEqppWYLN7RRdG8JyIqmA59mh
ARCnQFUo38HWic4trxFe71jtD7YInNV7ShQtg0S0sXo36Rqfz72Jo08qqI70dNs5
DN1aGNkQ/tRK9DhL5DLmTkaCw7mEFQIDAQABo4GDMIGAMB0GA1UdDgQWBBR7Dcym
XBp6u/jAaZOPUjUhEyhXfjBEBgNVHSMEPTA7gBR7DcymXBp6u/jAaZOPUjUhEyhX
fqEYpBYwFDESMBAGA1UEAwwJVEctVlBOLUNBggkAqcYYkrqoupIwDAYDVR0TBAUw
AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAE79ngbdSlP7IBbf
nJ+2Ju7vqt9/GyhcsYtjibp6gsMUxKlD8HuvlSGj5kNO5wiwN7XXqsjYtJfdhmzz
VbXksi8Fnbnfa8GhFl4IAjLJ5cxaWOxjr6wx2AhIs+BVVARjaU7iTK91RXJnl6u7
UDHTkQylBTl7wgpMeG6GjhaHfcOL1t7D2w8x23cTO+p+n53P3cBq+9TiAUORdzXJ
vbCxlPMDSDArsgBjC57W7dtdnZo7gTfQG77JTDFBeSwPwLF7PjBB4S6rzU/4fcYw
y83XKP6zDn9tgUJDnpFb/7jJ/PbNkK4BWYJp3XytOtt66v9SEKw+v/fJ+VkjU16v
E/9Q3h4=
-----END CERTIFICATE-----"

Then hit save startup and reboot.

If you are having trouble changing the certificate please submit a support ticket and our team will guide you on how to do that

Share this post


Link to post
Share on other sites
EarJuice

Errr this doesn't make any sense and it doesn't work.  I think it would be easier just to start an account with another company for cheaper than try and work out what the fuck you're on about.  Why can't you just have instructions or tell people that looping is going to be an issue?

Share this post


Link to post
Share on other sites
Anon101

It's really simple. If you suddenly have problems. Reinstall the software first.

Share this post


Link to post
Share on other sites
Tama
3 hours ago, Anon101 said:

It's really simple. If you suddenly have problems. Reinstall the software first.

i reinstalled it 4 times in my laptop ind i get the looping. i tried in the chrome extension i get the looping i try in my ipad i get the error i try in my phone i get the error. what should i do?

Share this post


Link to post
Share on other sites
Support
23 minutes ago, Tama said:

i reinstalled it 4 times in my laptop ind i get the looping. i tried in the chrome extension i get the looping i try in my ipad i get the error i try in my phone i get the error. what should i do?

 

Hello,

The certificate changes have no relation to the browser extension so I'm thinking your issues are something else - did you download the latest app from our downloads page? https://torguard.net/downloads.php - please double check you did indeed install the latest app - are you running any security software at this moment such as Webroot or similar?

In regards to your iOS device, are you using the torguard iOS app or the OpenVPN connect?

Share this post


Link to post
Share on other sites
Tama
1 hour ago, Support said:

 

Hello,

The certificate changes have no relation to the browser extension so I'm thinking your issues are something else - did you download the latest app from our downloads page? https://torguard.net/downloads.php - please double check you did indeed install the latest app - are you running any security software at this moment such as Webroot or similar?

In regards to your iOS device, are you using the torguard iOS app or the OpenVPN connect?

i think the error is just a loggin error isnt a loop i just noticed that. but when i login in the page the password is correct but when i login in the vpn i get the error.

if you have a solution please tell me

Share this post


Link to post
Share on other sites
Support
Just now, Tama said:

i think the error is just a loggin error isnt a loop i just noticed that. but when i login in the page the password is correct but when i login in the vpn i get the error

 

You can manage your service credentials here https://torguard.net/managecredentials.php - initially when you signup they are the same - if you change the website credentials they do not affect the service credentials and vice versa.

Share this post


Link to post
Share on other sites
Tama
3 minutes ago, Support said:

 

You can manage your service credentials here https://torguard.net/managecredentials.php - initially when you signup they are the same - if you change the website credentials they do not affect the service credentials and vice versa.

Thank you i solved it.

Share this post


Link to post
Share on other sites
UserX

Was just offline (loosing $)  for several hours because I installed new networking hardware, and assumed it was a problem with that - sending out an email notification to alert users to download the "latest" must be standard practice! IDC how computer savvy anyone thinks they are (no commentary please) - a paid service should make announcements when the service may be impacted  - not everyone is in "computer geek" mode 24/7!

Share this post


Link to post
Share on other sites
WTF_TG

I have to believe this could have been rolled out just a little bit smoother than what you've actually done here. I'm still sorting through your "instructions" in an attempt to successfully accomplish a connection since not everyone chooses to use the downloadable app. I do like that you are constantly improving and rolling out new services although, this implemented change gets a big fat F for a variety of reasons. I have yet to say the hell with it and disregard your services although, my patience is wearing thin.

You have an email address to inform users when a payment is due, i highly advise you notify them in the future when deciding to rollout a change that could potentially disrupt their connections and leave their traffic in the clear without any knowledge of it whatsoever. I'm refraining from saying things that i would normally say since i understand the complexities of this effort however again, transitioning to the IPV6 capability should have warranted an attempt to notify customers rather than an oh btw.

it'd be interesting to know how many of your customers choose to jump ship due to a lack of notification since this was truly a bone headed decision to not at least attempt to notify.

As for me, i will resolve my issues on my own and if i do not you'll know come next billing cycle.

Good Day.

Share this post


Link to post
Share on other sites
Socius

The VPN connection on my NAS got disconnected while torrenting.  I only realized this when I received copyright infringement emails from my ISP. No email notice was given of this change.  AND...my NAS (Asustor 4002T) will no longer connect.  Whether I use manual settings or generate an ovpn file on the site.  Tried 10 different variations of the config.  None work.  It connects on my PC, even without having to re-install the client.  But my NAS keeps saying " Could not connect to server. Either you have entered an invalid address or the remote service is not available. (Ref. 5601)"

Share this post


Link to post
Share on other sites
Support
7 hours ago, WTF_TG said:

I have to believe this could have been rolled out just a little bit smoother than what you've actually done here. I'm still sorting through your "instructions" in an attempt to successfully accomplish a connection since not everyone chooses to use the downloadable app. I do like that you are constantly improving and rolling out new services although, this implemented change gets a big fat F for a variety of reasons. I have yet to say the hell with it and disregard your services although, my patience is wearing thin.

You have an email address to inform users when a payment is due, i highly advise you notify them in the future when deciding to rollout a change that could potentially disrupt their connections and leave their traffic in the clear without any knowledge of it whatsoever. I'm refraining from saying things that i would normally say since i understand the complexities of this effort however again, transitioning to the IPV6 capability should have warranted an attempt to notify customers rather than an oh btw.

it'd be interesting to know how many of your customers choose to jump ship due to a lack of notification since this was truly a bone headed decision to not at least attempt to notify.

As for me, i will resolve my issues on my own and if i do not you'll know come next billing cycle.

Good Day.

 

Hello,

 

I apologise for your troubles.

We did send an email out last month regarding this but it seems there are quite a few users who did not receive this - one of the reasons is users who either mark our email as spam then wonder why they no longer receive emails users or ask us to not send any email in future, we barely send email to any users other than normal transactional email through our billing system  or support desk so we don't understand why users do tend to mark the email as spam as this will prevent users from receiving them in future - there are other technical reasons so we may resend that out over the weekend.

Regards

Share this post


Link to post
Share on other sites
Johnny

The Windows version of TorGuard says a new update is available, but it's downloading v3.95.0 instead of v3.95.1 . If the TorGuard program upgraded to the correct version, customers could fix the reconnect loop issue much easier.

Share this post


Link to post
Share on other sites
Support
3 hours ago, Johnny said:

The Windows version of TorGuard says a new update is available, but it's downloading v3.95.0 instead of v3.95.1 . If the TorGuard program upgraded to the correct version, customers could fix the reconnect loop issue much easier.

 

Hi Johnny,it should update you to 3.95.1, i just tested this, are you positive installing the correct installer?

Regards

Share this post


Link to post
Share on other sites
Johnny
15 minutes ago, Support said:

 

Hi Johnny,it should update you to 3.95.1, i just tested this, are you positive installing the correct installer?

Regards

To clarify, I'm talking about updating through the TorGuard app for Windows.

 

TorGuard_Update_Link.png

It only downloads v3.95.0 .  If currently running version v3.95.0 the TorGuard app shows no update available.

Share this post


Link to post
Share on other sites
Support
32 minutes ago, Johnny said:

To clarify, I'm talking about updating through the TorGuard app for Windows.

 

TorGuard_Update_Link.png

It only downloads v3.95.0 .  If currently running version v3.95.0 the TorGuard app shows no update available.

 

 

Thanks for pointing that out, we are fixing this now.

Regards

Share this post


Link to post
Share on other sites
fiapoco
On 7/12/2019 at 12:40 PM, Support said:

 

You can manage your service credentials here https://torguard.net/managecredentials.php - initially when you signup they are the same - if you change the website credentials they do not affect the service credentials and vice versa.

I am an old pencil-pushing user who pitched a b**** because I couldn't make my brand new installation of Torguard connect and I assumed that I had somehow screwed up the complicated and not overly noobie-user friendly instructions on the update dealies.  Turns out the instructions were just fine because I had in fact correctly followed the instructions and all I had to do was go to that link and let the system generate a random userID and password.  Bingo!  I'm on the innertrawebs!!   

for you guys/gals having problems connecting after doing this update,  just remember some old internet geezer got it right the first time (even tho he didn't know it at the time).  Just trust the instructions and let the system generate a lovely random  sign-in for you and you'll be on the outerintraweb when you insert the new random sign-in into the appropriate ClientVPN  fields.

To the folks in TorGuard Support who i totally annoyed yesterday, my sincere apologies.  Can you see my red face?  I actually had done the whole update thing correctly and just screwed up inputting the user id and p/w.  Changing to the random sign-in data solved m rolem.

 

Share this post


Link to post
Share on other sites
jimy

This is probably going to cost me a lot of money. I have installed the VPN on my NAS to be able to download torrents, I trusted that your service will be working. Seriously I'm really pissed with this. I didn't get any alert from you guys. Really disappointing.

Share this post


Link to post
Share on other sites
fiapoco

solved my problem.  Thanks folks, TorGuard rocks! 

Share this post


Link to post
Share on other sites
fiapoco

oh yeah, you guys should modify your update notices/emails regarding changes which could potentially cause problems for customers/users so that they must acknowledge the receipt of the update notice/warning and if they don't by the time you are ready to pull the trigger on the actual update, temporarily suspend their service or something equally drastic to prevent their continued use so that they are not unwittingly exposing themselves to the net/isp.  Keeping that from happening is the whole reason we are willing to pay for VPN service.  Just a thought,  Seems like this update/change caused a lot of problems - just trying to help. 

Share this post


Link to post
Share on other sites
slippyslappy
17 hours ago, jimy said:

This is probably going to cost me a lot of money. I have installed the VPN on my NAS to be able to download torrents, I trusted that your service will be working. Seriously I'm really pissed with this. I didn't get any alert from you guys. Really disappointing.

 

Your NAS should have some sort of failsafe. If not that's on you. My Unraid server goes offline when the VPN gets disconnected. 

Share this post


Link to post
Share on other sites
Donut

I've been using OpenVPN on my Chromebook and FireTV. When it stopped working I came to check on here to see what the problem was. On my Chromebook I resorted to connecting the L2TP method as that was the only way to get by for the time being. OpenVPN is whats giving me problems. It keeps asking for a certificate now. I went here https://torguard.net/downloads/ta.key and tried to import that but OpenVPN wants a .pfx or .p12 file extension. Tried renaming the file extension to either to see if by chance thatd work but then it asks for a password to extract the certificate. Couldnt get past that as no password I tried worked. 

Only temporary fix was using the torguard app on the chromebook but the issue ive had with that is that once the app is in the background for a few minutes the connection drops because the app is seen as not active. This is why the OpenVPN app was what I always used since it stays active when in the background.

Not sure whats the proper procedure to fix all this. Never had any issues up until recently. I too received no such email noting these network changes. I checked the spam folder and nothing.

Share this post


Link to post
Share on other sites
Fatbelly

 I am having the same problem on my iPhone. I removed  and re-install the latest torguard app. No use, We should fix this ASAP else of asking for a refund. This is so crap 

Share this post


Link to post
Share on other sites
Brandis

Downloaded the latest version of the TorGuard client for MacOS (3.95.1). My US dedicated IP works fine, only can't connect to my Canada dedicated IP.

Share this post


Link to post
Share on other sites
Support
3 hours ago, Donut said:

I've been using OpenVPN on my Chromebook and FireTV. When it stopped working I came to check on here to see what the problem was. On my Chromebook I resorted to connecting the L2TP method as that was the only way to get by for the time being. OpenVPN is whats giving me problems. It keeps asking for a certificate now. I went here https://torguard.net/downloads/ta.key and tried to import that but OpenVPN wants a .pfx or .p12 file extension. Tried renaming the file extension to either to see if by chance thatd work but then it asks for a password to extract the certificate. Couldnt get past that as no password I tried worked. 

Only temporary fix was using the torguard app on the chromebook but the issue ive had with that is that once the app is in the background for a few minutes the connection drops because the app is seen as not active. This is why the OpenVPN app was what I always used since it stays active when in the background.

Not sure whats the proper procedure to fix all this. Never had any issues up until recently. I too received no such email noting these network changes. I checked the spam folder and nothing.

 

Hello,

The certificate you need is here https://torguard.net/tgcerts.php - the OpenVPN CA,  you can also generate configs here https://torguard.net/tgconf.php?action=vpn-openvpnconfig if using the OpenVPN connect app - this will include the latest CA.

In regards to the fireTV, clearing your app cache and reinstalling the app should do the trick.

 

2 hours ago, Fatbelly said:

 I am having the same problem on my iPhone. I removed  and re-install the latest torguard app. No use, We should fix this ASAP else of asking for a refund. This is so crap 

 

If you are using the torguard app on your iPhone, you are not affected - this sues IPSec, if you are using the OpenVPN connect app, regenerate your config here https://torguard.net/tgconf.php?action=vpn-openvpnconfig

 

1 hour ago, Brandis said:

Downloaded the latest version of the TorGuard client for MacOS (3.95.1). My US dedicated IP works fine, only can't connect to my Canada dedicated IP.

 

Please open a ticket so we can check out what's going on with your TG Canada IP.

Regards

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...