Blog Roll

The official mumblings of a senile monkey sent from outer space.

  1. Home
  2. Blog
  3. Kodi

Enable SlickVPN via OpenVPN on OpenELEC

Wednesday, 13 May 2015 23:01 Comments 0

This tutorial will guide you through configuring a VPN connection on your OpenELEC system via SlickVPN using OpenVPN.

A lot of advice was received from this forum topic:
http://openelec.tv/forum/69-network/68991-howto-setup-openelec-to-use-vyprvpn

To get started download the following SlickVPN OpenVPN configuration file:
https://www.slickvpn.com/downloads/config/SlickVPN_IAD.ovpn.
We'll use the contents of this file to create the necessary files to connect to SlickVPN. You can open this file within a text editor to view it's contents.

To get OpenVPN running on OpenELEC we need to perform 5 basic steps:

1) Start by creating a file called "SlickVPN-OpenVPN.config" in your OpenELEC network share:

\\OPENELEC_IP_ADDRESS\Configfiles\vpn-config

Add the following to the contents to the file and don't forget to replace the placeholder names: SERVERNAME, SERVER. 

	
	[global]
	Name = SlickVPN-OpenVPN

	[provider_openvpn]
	Type = openvpn
	Name = SlickVPN-OpenVPN
	Host = gw1.iad1.slickvpn.com
	Domain = vpn
	advanced = 1
	OpenVPN.ConfigFile = /storage/.config/vpn-config/vpn.config
	OpenVPN.Port = 443

2) Create a file called "vpn.config" and add the following contents: 

	
	# file containing username and password
	auth-user-pass /storage/.config/vpn-config/pass.txt

	# equivalent to pull, tls-client
	client

	# redirect all outgoing traffic to the vpn gateway
	redirect-gateway

	# verify the server certificate for authenticity
	remote-cert-tls server

	cipher AES-256-CBC

	proto udp
	dev tun
	keepalive 10 120
	nobind

	persist-key
	persist-tun

	# ssl certificate / key used for tls
	ca /storage/.config/vpn-config/CA.crt
	cert /storage/.config/vpn-config/Cert.crt
	key /storage/.config/vpn-config/Server.key
	log /storage/.config/vpn-config/openvpn.log

3) Create a file called "pass.txt" and add your SlickVPN username and password on separate lines: 

	
	USERNAME
	PASSWORD

Rather than copying the configuration contents below I recommend you copy the contents of the "SlickVPN_IAD.ovpn" file.

4) Create a file called "CA.cert", open this in a text editor and add the following contents: 

	
	-----BEGIN CERTIFICATE-----
	MIIDQDCCAqmgAwIBAgIJAM8Brk2pUr0KMA0GCSqGSIb3DQEBBQUAMHQxCzAJBgNV
	BAYTAlVTMQswCQYDVQQIEwJDQTEMMAoGA1UEBxMDVlBOMQwwCgYDVQQKEwNWUE4x
	DDAKBgNVBAsTA1ZQTjEMMAoGA1UEAxMDVlBOMQwwCgYDVQQpEwNWUE4xEjAQBgkq
	hkiG9w0BCQEWA1ZQTjAeFw0xMjAzMDMwMjExNDJaFw0yMjAzMDEwMjExNDJaMHQx
	CzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEMMAoGA1UEBxMDVlBOMQwwCgYDVQQK
	EwNWUE4xDDAKBgNVBAsTA1ZQTjEMMAoGA1UEAxMDVlBOMQwwCgYDVQQpEwNWUE4x
	EjAQBgkqhkiG9w0BCQEWA1ZQTjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
	wY2K08N7or1Br/EsD9XBon7gs7dKflWYuymgMLJfeMFWuJloNdsn+3GARIhYBbN6
	zhvFGFE214qKPqAydW1WmIIK7KoC0sgndr+Vk/au9gssFzVmmvr6+WN/nfo2L9Kv
	vBMoYLrMAiyw/D4cRapZi2pXJLcMDfC+p1VWAX8TYWkCAwEAAaOB2TCB1jAdBgNV
	HQ4EFgQUmyvO4rTnu5/ABnp0FngU+SdR8WAwgaYGA1UdIwSBnjCBm4AUmyvO4rTn
	u5/ABnp0FngU+SdR8WCheKR2MHQxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEM
	MAoGA1UEBxMDVlBOMQwwCgYDVQQKEwNWUE4xDDAKBgNVBAsTA1ZQTjEMMAoGA1UE
	AxMDVlBOMQwwCgYDVQQpEwNWUE4xEjAQBgkqhkiG9w0BCQEWA1ZQToIJAM8Brk2p
	Ur0KMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAoB0kOuGvrzPBTIRX
	IDHCCxBMdny+3sKAOllmH4+51j2aWhAJ4Pyc/yBTYyQGNoriABjmNzp+R05oiaxA
	D3vTgR80juKDPtQb8LoGLBF18gL7Vtc3+hJXcJasXZaDSSoyh5f+TtGvytIT+ece
	JWIrKnFXzlHOvKlyLkcZn15gwKQ=
	-----END CERTIFICATE-----

5) Create a file called "Cert.cert", open this in a text editor and add the following contents: 

	
Certificate:
  Data:
    Version: 3 (0x2)
    Serial Number: 2 (0x2)
    Signature Algorithm: sha1WithRSAEncryption
    Issuer: C=US, ST=CA, L=VPN, O=VPN, OU=VPN, CN=VPN/name=VPN/emailAddress=VPN
    Validity
      Not Before: Mar  3 02:12:57 2012 GMT
      Not After : Mar  1 02:12:57 2022 GMT
    Subject: C=US, ST=CA, L=VPN, O=VPN, OU=VPN, CN=client/name=VPN/emailAddress=VPN
    Subject Public Key Info:
      Public Key Algorithm: rsaEncryption
        Public-Key: (1024 bit)
        Modulus:
          00:ca:a9:fe:05:eb:14:04:84:95:46:fb:90:50:c8:
          9e:f9:5b:e9:94:fc:55:f9:b5:41:d8:81:0f:70:1f:
          bf:3a:95:8a:c5:7d:70:f0:ee:7b:f9:af:0f:29:f5:
          25:83:87:ae:cc:14:ae:49:92:60:04:c1:b1:5d:de:
          0f:22:5f:73:be:d3:62:22:aa:9f:46:9f:0a:d4:8a:
          ec:27:89:d2:cc:83:c2:6f:5c:09:1a:a3:6d:05:7b:
          36:31:77:85:28:14:83:42:52:1c:53:a5:4d:03:31:
          a3:c0:c5:ba:71:00:cd:28:d4:86:05:48:65:0c:8f:
          49:06:02:7b:cb:5c:35:c2:a9
        Exponent: 65537 (0x10001)
    X509v3 extensions:
      X509v3 Basic Constraints: 
        CA:FALSE
      Netscape Comment: 
        Easy-RSA Generated Certificate
      X509v3 Subject Key Identifier: 
        E7:44:BD:DB:F0:77:30:D0:9E:B8:57:E6:AD:5C:C9:FA:17:07:FB:60
      X509v3 Authority Key Identifier: 
        keyid:9B:2B:CE:E2:B4:E7:BB:9F:C0:06:7A:74:16:78:14:F9:27:51:F1:60
        DirName:/C=US/ST=CA/L=VPN/O=VPN/OU=VPN/CN=VPN/name=VPN/emailAddress=VPN
        serial:CF:01:AE:4D:A9:52:BD:0A

      X509v3 Extended Key Usage: 
        TLS Web Client Authentication
      X509v3 Key Usage: 
        Digital Signature
  Signature Algorithm: sha1WithRSAEncryption
    98:8f:26:a8:4d:b4:03:6c:49:98:2b:61:04:75:0c:76:3d:fd:
    a9:4a:57:06:14:64:ed:76:50:d5:8c:81:5c:20:27:82:df:da:
    d2:c7:e3:30:81:90:26:c0:c5:36:1e:2c:0a:99:4d:d2:61:c1:
    1a:a5:fb:e0:6d:ec:4a:24:da:d3:b9:a1:18:d8:6a:83:5f:7a:
    2c:a7:db:05:c8:4d:9f:63:67:1d:a0:aa:8c:ed:0d:1b:d4:36:
    73:fd:2d:b7:8e:c3:c8:e7:e8:ed:03:93:71:1c:c0:a4:ed:d6:
    e9:23:9c:3c:20:4b:69:18:a1:a2:15:26:9e:fd:62:da:41:a1:
    25:bc
-----BEGIN CERTIFICATE-----
MIIDizCCAvSgAwIBAgIBAjANBgkqhkiG9w0BAQUFADB0MQswCQYDVQQGEwJVUzEL
MAkGA1UECBMCQ0ExDDAKBgNVBAcTA1ZQTjEMMAoGA1UEChMDVlBOMQwwCgYDVQQL
EwNWUE4xDDAKBgNVBAMTA1ZQTjEMMAoGA1UEKRMDVlBOMRIwEAYJKoZIhvcNAQkB
FgNWUE4wHhcNMTIwMzAzMDIxMjU3WhcNMjIwMzAxMDIxMjU3WjB3MQswCQYDVQQG
EwJVUzELMAkGA1UECBMCQ0ExDDAKBgNVBAcTA1ZQTjEMMAoGA1UEChMDVlBOMQww
CgYDVQQLEwNWUE4xDzANBgNVBAMTBmNsaWVudDEMMAoGA1UEKRMDVlBOMRIwEAYJ
KoZIhvcNAQkBFgNWUE4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMqp/gXr
FASElUb7kFDInvlb6ZT8Vfm1QdiBD3AfvzqVisV9cPDue/mvDyn1JYOHrswUrkmS
YATBsV3eDyJfc77TYiKqn0afCtSK7CeJ0syDwm9cCRqjbQV7NjF3hSgUg0JSHFOl
TQMxo8DFunEAzSjUhgVIZQyPSQYCe8tcNcKpAgMBAAGjggEoMIIBJDAJBgNVHRME
AjAAMC0GCWCGSAGG+EIBDQQgFh5FYXN5LVJTQSBHZW5lcmF0ZWQgQ2VydGlmaWNh
dGUwHQYDVR0OBBYEFOdEvdvwdzDQnrhX5q1cyfoXB/tgMIGmBgNVHSMEgZ4wgZuA
FJsrzuK057ufwAZ6dBZ4FPknUfFgoXikdjB0MQswCQYDVQQGEwJVUzELMAkGA1UE
CBMCQ0ExDDAKBgNVBAcTA1ZQTjEMMAoGA1UEChMDVlBOMQwwCgYDVQQLEwNWUE4x
DDAKBgNVBAMTA1ZQTjEMMAoGA1UEKRMDVlBOMRIwEAYJKoZIhvcNAQkBFgNWUE6C
CQDPAa5NqVK9CjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwDQYJ
KoZIhvcNAQEFBQADgYEAmI8mqE20A2xJmCthBHUMdj39qUpXBhRk7XZQ1YyBXCAn
gt/a0sfjMIGQJsDFNh4sCplN0mHBGqX74G3sSiTa07mhGNhqg196LKfbBchNn2Nn
HaCqjO0NG9Q2c/0tt47DyOfo7QOTcRzApO3W6SOcPCBLaRihohUmnv1i2kGhJbw=
-----END CERTIFICATE-----

6) Create a file called "Server.key", open this in a text editor and add the following contents: 

	
	-----BEGIN PRIVATE KEY-----
	MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAMqp/gXrFASElUb7
	kFDInvlb6ZT8Vfm1QdiBD3AfvzqVisV9cPDue/mvDyn1JYOHrswUrkmSYATBsV3e
	DyJfc77TYiKqn0afCtSK7CeJ0syDwm9cCRqjbQV7NjF3hSgUg0JSHFOlTQMxo8DF
	unEAzSjUhgVIZQyPSQYCe8tcNcKpAgMBAAECgYEAsHf5M1oQ4iY4fciLT2yB0QvR
	huN6UacdINKwiKd8Mh0I6xJhh8mBtlZS0+wcsD0zXY0cff+xEDNAqEW10+5dr11Y
	zYpViacZRMQnrzBEYcTSqlfHXg2PZxu4c08ndwDxjm03Vgg5RKvQnGRMRy4lH/HP
	OiAkb9oJgR0R5sccZgECQQDmfVZF2UBn4u2scjfcPl4XsUrPO8eyie995c7s7Cz1
	TDiecLCesjLRf97RexfhhwNJurfCZUWNJ9hkq5hUGzvJAkEA4Rg/ziL74sBh+jT6
	2TaAqnmHDWZlrfCfKtlm1z4TQ5E6WpjKNXN3qfKW069QGnRjZn8zuPwgMpBPXeaT
	jHH/4QJBAJslbvchX7sOA1H6qCM2T/u+uU55PNivBGhIUlskNrb/EXWFAT4xUQe3
	/PIg21hRmyL77kmKBaEYWw6YerbShhECQQCX2Rb6BamszyGJfAIZVGY6Gp+bz48a
	Zy/I5T42R/8Q3sDh6x7GLi30rN1I0oSURB3mQDtxOEy0L5wK+Yhh/2mhAkAGXya9
	wUOcSz96jUgnMfiVoBT3BNszzn/HLKCipCPd/eR3FEvpfmNN+olkd09cONMDKCcW
	CfHad9moALon0bIV
	-----END PRIVATE KEY-----

Your OpenELEC network share should now look like this:

OpenELEC OpenVPN Network Share Contents
Fig 1: OpenELEC OpenVPN Network Share Contents.

Within your firewall you will now need to ensure that port 443 is forwarded to your OpenELEC IP Address.
If you're unsure on how to do this you will need to Google how to do this for your specific router!

Reboot OpenELEC and navigate to "System - OpenELEC - Connections" and you will see your "SlickVPN-OpenVPN" VPN listed. Click the connection and then click "Connect".

OpenELEC OpenVPN Connection
Fig 2: OpenELEC OpenVPN Connection.
#Kodi#OpenELEC#SlickVPN#XBMC

Enable SlickVPN via PPTP on OpenELEC

Saturday, 25 April 2015 16:54 Comments 0

This tutorial will guide you through configuring a Point to Point Tunnelling Protocol VPN connection on your OpenELEC system via SlickVPN.

A lot of help/advice was received from this forum topic: http://openelec.tv/forum/69-network/68991-howto-setup-openelec-to-use-vyprvpn

To get OpenVPN running on OpenELEC via a PPTP VPN connection perform the following:

Create a file called "SlickVPN-PPTP.config" in the network share:

\\OPENELEC_IP_ADDRESS\Configfiles\vpn-config

Add the contents below to the file:
Don't forget to replace the placeholder names: SERVERNAME, SERVER, USERNAME, PPTP_IPSEC_PASSWORD

You can find your PPTP/IPSec password within your SlickVPN account under "My Account -> Manage Account" 

	
	[global]
	Name = SERVERNAME
	
	[provider_pptp]
	Type = pptp
	Name = SERVERNAME
	Host = SERVER
	PPTP.User = USERNAME
	PPTP.Password = PPTP_IPSEC_PASSWORD
	Domain = vpn
	advanced = 1
	PPPD.RequirMPPE128 = 0
	PPPD.RefuseCHAP = 1
	PPPD.RequirMPPE = 1
	PPPD.RefusePAP = 1
	PPPD.RefuseEAP = 1
	PPPD.RequirMPPEStateful = 0

Within your firewall you will now need to ensure that port 443 is forwarded to your OpenELEC IP Address.

Reboot OpenELEC and navigate to "System - OpenELEC - Connections" and you will see your "SlickVPN-PPTP" VPN listed. Click the connection and then click "Connect".

OpenELEC PPTP VPN Connection
Fig 1: OpenELEC PPTP VPN Connection.
#Kodi#OpenELEC#SlickVPN#XBMC
Showing 1 to 2 of 2
Adobe Flash and Javascript are required for the Tag Cloud.