PersonalVPN-SSL FAQ

From Witopiawiki

Welcome to the personalVPN™-SSL Frequently Asked Questions

For openVPN-based service it will often be useful to view a connection log. You can do this by Right-Clicking on VPN icon (Windows) or Choosing "Details..." through Tunnelblick or Viscosity Client (Macintosh). If you cannot find answer below, send the log with details of your Operating System (Example: Windows XP SP3) to support@witopia.net.

If you are a PPTP VPN customer with connection problems, try our personalVPN-PPTP FAQ

1. I want to have the latest update of personalVPN OR my hard drive crashed and I do *NOT* have a backup of WiTopia files or Installer.
   • Make certain you do not have a copy of your custom Windows Installer or Mac Installer saved on your computer, a backup drive, or archived in your e-mail or elsewhere.
   • If you have access to your custom installer, you should be able to simply reinstall openVPN-based personalVPN™
   • If you do not, follow the instructions below for generating a new custom installer package.
   • If you do not have a copy of your ORD# and the e-mail address you signed up with (both required to generate a new installer), send e-mail (with any order details you may have) to support@witopia.net.

   Answer

   Go here
   
   

2. My hard drive crashed, but I have a backup. How do I restore VPN service?

   Answer

   • If you have access to your custom installer, you should be able to simply reinstall openVPN-based personalVPN™ by running the installer package.
   • If you do not have an installer package, but have a backup of your WiTopia files, Windows customers can restore by doing the below.

   Macintosh users without an installer package follow the steps in Q1 above.

   Windows users:

   1. Download and Reinstall personalVPN™ software. You can download the latest personalVPN software from here
   2. Copy the files from My Computer ->C:\Program Files\WiTopia.Net\config folder that start with "First Name_Last Name" over to the same directory on your new computer that was created when you installed the software.
   3. It should be a total of 3 files:

   • First Name_Last Name.key
   • First name_Last Name.crt
   • First Name_Last Name.ovpn (in newer installs, the config file is named personalVPN.ovpn)

   If you have WINDOWS 7, you must follow the instructions in this link

   http://wiki.personalvpn.net/wiki/Windows_7

   You should now be able to use your personalVPN™ on the new computer. If it does not connect, RESTART your machine and try again.
   
   

3. I use Hotmail, MSN, or AOL and I haven't received my receipt, new files, or my Macintosh installer package...what can I do?

   Answer

   Sadly, many free e-mail services are less than reliable with the attachments we send and despite our efforts, this continues. We are moving to a system that does not rely on e-mail. Until then, please e-mail support@witopia.net with an alternative e-mail address, your ORD#, and brief description of what we owe you. If you desire a free e-mail service, Gmail and Yahoo Mail have been most reliable.
   
   

4. Can I install personalVPN on a 2nd computer I own?

   Answer

   Yes, however, remember the license allows for 1 active VPN tunnel at a time and doesn't allow for simultaneous use.

   If you purchased personalVPN-SSL for Mac and want to install on Windows OR want to put Windows VPN on a Mac, you can find instructions on how to switch between Mac OS X and Windows by clicking here.

   For machines of same OS/Platform, simply run your WiTopia custom Mac or Windows VPN installer program on the second machine.

   If you lost your installer, you should have also bookmarked a link during activation to download a new installer at anytime. Check Q2 above.

   You can also download a new installer by following Q1 above, but it will invalidate previous installs so you will have to install the new VPN package on all machines.

   You can also manually transfer your working openVPN SSL VPN from one Windows machine to another by doing this:

   1. Download and Reinstall personalVPN™ software on the second computer. You can download the latest personalVPN software from here
   2. Copy all files from My Computer ->C:\Program Files\WiTopia.Net\config folder (if you have the latest installer, the files will be in C:\Program Files\personVPN\config) over to the same directory on your new computer that was created when you installed the software.
   3. There should be a total of 4 files:

   • ca.crt
   • First Name_Last Name.key
   • First name_Last Name.crt
   • First Name_Last Name.ovpn (in newer installs, the config file will be the "gatewayname".ovpn ... there will be several of them)

   If you have WINDOWS 7, you must follow the instructions in this link

   http://wiki.personalvpn.net/wiki/Windows_7

   • You should now be able to use your personalVPN™ on the new Windows computer. If it does not connect, RESTART your machine and try again.

5. I'm having SLOW performance, not resolving blocked websites, or seeing HOST NOT FOUND errors in my log:

   Answer

   Your ISP may be blocking or throttling your VPN because you are using their DNS (Domain Name System) servers. This is especially common in countries with censorship or blocking VoIP, Skype, etc. Normally, if you have your computer set to automatically detect network settings using DHCP (Windows) or your "Location" is set to "Automatic" in Network Settings (Macintosh), this should happen seamlessly and automatically. Sometimes though, it is necessary to manually input WiTopia's DNS servers to conquer local blocking techniques.

   WiTopia provides free and secure DNS service for its customers and we always recommend you take advantage of it to maintain best privacy, security, and performance.
   
   

   WINDOWS (General Instructions for all Windows Systems...may be slight variations between OS types)

   • Click Start -> Control Panel -> Network and Internet Connections.
   • Click Manage network connections (on left side of window).
   • Right-click Local Area Connection that you wish to change and then click Properties. You will want to change the settings on your MAIN Local Area connection and Wireless connection.
     
     

   

   • Click the Networking tab. Under This connection uses the following items, click the Internet Protocol Version 4 (TCP/IPv4), NOT the IPv6 settings, and then click Properties.

   IMPORTANT: ***DO NOT CHANGE SETTINGS on Internet Protocol Version 6 (TCP/IPv6). Make sure you change IPv4 settings only. FOR WINDOWS XP, IT WILL JUST SAY TCP/IP setting. DO NOT CHANGE DNS ON THE TAP WIN32 VP ADAPTER - that is the virtual adapter for the vpn.

   • Click Obtain an IP address automatically and click OK.
   • Select Use the following DNS server addresses and enter the IP address of the WiTopia DNS server closest to you as Preferred DNS server and the other as your Alternate DNS server.
     
     

   The DNS servers currently available for customer use are:
   
   

   38.119.98.220 (Northern Virginia, USA)

   91.216.105.75 (Manchester, GB)

   203.131.247.198 (Hong Kong, China)

   216.93.191.228 (California, USA)
   
   

   
   
   

   MACINTOSH:

   • TIGER users open "System Preferences" then "Network" then "TCP/IP"
   • LEOPARD and SNOW LEOPARD users open "Network Preferences", click the Airport icon (for wireless connections) or click Ethernet (for hardwired / lan connections), then click "Advanced" button, then "DNS"

   In DNS server fields, enter 38.119.98.220 (for those closest to US East Coast) or 216.93.191.228 (for those closest to US West Coast) or 203.131.247.198 (for those closest to Hong Kong) or 91.216.105.75 (for those closest to Manchester, GB) in the DNS Server field and SAVE and APPLY the setting changes. It may be a good idea to enter more than one. Certainly will do no harm. If you are using viscosity, please make sure that in Preferences - under the General Tab for each config - you have the enable DNS support box checked.
   
   

   
   
   

   
   
   

   
   
   

6. My account is about to expire, how do I renew?

   Answer

   You can learn about that here.
   
   

7. Do you have a maintenance window or regularly reboot your servers?

   Answer

   Yes, check out our Maintenance page for details.
   
   

8. I'm using a computer that runs WINDOWS VISTA or WINDOWS 7 and have started the vpn and the two monitors in my task bar are green, but I still can not access certain web sites. Also, when I go to http://www.ipchicken.com it still shows my local IP address.

   Answer

   Vista and Windows 7,by their nature, limit your administrator privileges. So, you will need to follow these steps to allow the vpn to run on your system with the necessary access level to your computer:

   1. Right-click on OpenVPN GUI and Choose "Exit"
   2. Go to your personalvpn shortcut and make sure you right click and choose "Run as Administrator" each time you launch the vpn.
   3. Often times doing the above step is not enough, so you will have to turn off User Account Control (UAC). This should restore administrator privileges but you will receive warning messages. Here are the instructions for turning off UAC for Vista and Windows 7:

   For VISTA, go to Control Panel > User Accounts > Turn User Account Control on or off
   
   

   For Windows 7:

   1. Go to Access User Control Panel from Start Menu -> Control Panel -> User Accounts and Family Safety -> User Account
   2. Click on User Account Control settings link.
   3. Move the Slider to Never Notify
   4. Click OK to make the change effective
   5. Reboot.
      
      
9. I'm having problems with e-mail since I starting running personalVPN™

   Answer

   WiTopia's SMTP relay should activate automatically and require zero configuration. If this is not the case, read PersonalVPN-Mail-WorkArounds
   
   

10. HELP, I CAN'T CONNECT and receive a Connection Failed error.

    Answer

    If you are running Windows, right-click on the gui icon and select "View Log". If you see something along the lines of this:

    Wed Mar 21 22:37:36 2007 Cannot load certificate file C:\Program Files\WiTopia.Net\config\First_Last.crt:error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib

    Wed Mar 21 22:37:36 2007 Exiting

    It means you didn't save your signed certificate to the right location or it didn't download properly. Try performing a Search/Find on your computer (including desktop) for your firstname_lastname.crt (using your name, of course) file. or you can try a general *.crt search.

    • If found, move/drag it to My Computer ->C:\Program Files->WiTopia.Net->config, Restart your computer and Connect. If you have the latest installer, the files will be in C:\Program Files\personVPN\config
    • If you can't find your "firstname_lastname.crt" file then follow the steps in Q1 to generate a new installer (for either Mac OS X or Windows).
      
      

11. personalVPN™ seems to connect, but I cannot browse websites. How do I fix?

    Answer

    Try a "Detect Settings" in your browser's Proxy Settings AND turning off any use of proxies.

    • In MS Explorer (for example), here is where to find:

    1. From the Tools mention select 'Internet Options'
    2. Select the 'Connections' tab
    3. Click the 'LAN Settings' button

    • You may need to restart your browser or machine for changes to take hold.

    NOTE: It is also possible your ISP is filtering/blocking you using DNS so try solution in Q5 above.
    
    

12. My VPN Icon has disappeared. Help!

    Answer

    Macintosh users should relaunch Tunnelblick or Viscosity application from their Applications Folder and be careful to only DISCONNECT and not QUIT.

    XP Windows Users may occasionally experience a well-known Windows bug:

    • This usually works to repair: START menu->My Network Places->Show Icons for Networked UPnP Devices->Show UPnP Device icons->NO
    • Or, for more detailed explanation, here is a good article: http://www.mydigitallife.info/2006/01/04/system-tray-icon-missing-from-system-tray-in-windows-xp/

    Vista Users, here's a good step-by-step how to that should fix it for you: http://www.colincochrane.com/post/2007/10/Windows-Vista-Disappearing-System-Tray-Icons-Fix.aspx
    
    

13. Can my Firewall, anti-virus, anti-spyware interfere with VPN?

    Answer

    YES. You will often see TLS errors like this in the log when this is occurring:

    TLS Error: TLS key negotiation failed to occur within 60 seconds TLS Error: TLS handshake failed

    • If you're sure you have solid Internet connectivity and no firewall (on your local network or router) is blocking, then the culprit is likely third party security software on your computer. Here is what we have captured as of now, but PLEASE feel free to contribute: Conflicting Software
      
      

14. During installation on WINDOWS VISTA, I get an error message along the lines of: "An error occurred installing the Tap 32 device driver", is there anything I can do?

    Answer

    Yes, try re-installing personalVPN by right-clicking on the personalVPN installer package and select "Run as administrator"
    
    

15. Looking at the log file, I see "All TAP-Win32 adapters on this system are currently in use" or "There are no TAP-Win32 adapters on this system." How do I fix this?

    Answers

    1. If you have the original personalVPN™ Installer, try reinstalling the program (after right-clicking on the gui icon and selecting "Exit").
    2. If you don't have the personalVPN™ Installer, go to C:\Program Files\WiTopia.Net\bin (If you have the latest installer, the files will be in C:\Program Files\personalVPN\drivers)
       • If running Windows XP double-click on "addtap" if you have an older vpn installer. If you have the new installer -click on install_driver.bat
       • If running Windows Vista or Windows 7 right-click on "addtap" and select "Run as administrator"....or for new installations, right click on install_driver.bat and choose "Run as administrator"
    3. A customer has reported that disabling, then enabling the TAP adapter also solved this for them.
       
       
16. I'm a Mac user and having problems finding the log file, what should I do?

    Answer

    Go to your Utilities folder (within the Applications folder) and open "Console". Look under "LOG FILES" and click on "system.log". In the search field (may say "String Matching"), type "openvpn" (without the quotes) - next, copy & paste the log results into in an email to support@witopia.net along with your ORD#, product, and a description of your problem.
    
    

17. I'm running Windows XP, SP3 and having problems connecting to the VPN

    We've found 3 different solutions that appear to work, however, please try them in the following order, and only 1 at a time

    Answer

    1. Click Start -> Connect to -> Show all Connections
    2. Right-click on the TAP-Win32 connection icon and select "Properties" from the menu
    3. Click on the "Advanced" tab and disable NetBios over TCP/IP
    4. Click "OK" and try connecting again.

    Answer

    1. Right-click on the gui icon in your taskbar and select "Edit Config"
    2. When the config file opens, add "ip-win32 netsh" on a line by itself
    3. Save and Close the config file and try connecting again.

    Answer

    1. Click Start -> Run -> then type "cmd" and hit enter
    2. Type "netsh int ip reset logfile.txt", hit enter, and
    3. Type "netsh winsock reset catalog" and hit enter
    4. Reboot your computer and try connecting again.
       
       
18. On my Mac, can I set up personalVPN for Multiple User Accounts?

    Answer

    Yes. If you want to allow your wife, or kids to use personalVPN under their own separate user account do this:

    • For Tunnelblick versions:

    • From the administrator account copy the openvpn folder from ~user/Library, and the Tunnelblick application from the Applications folder onto a USB drive since the copy - paste functions do not work between user accounts After copying the files, go to the respective user account and copy from the USB drive "openvpn" into the ~user/Library folder, and copy "Tunnelblick" to the Applications folder. After the installation just open Tunnelblick and click connect.

    • For Viscosity versions (only compatible with MAC OS 10.5 or higher):

    • From the administrator account copy the OpenVPN folder from ~/Library/Application Support/Viscosity (double-click on Macintosh HD -> Users -> home folder -> Library -> Application Support -> Viscosity), and the Viscosity application from the Applications folder onto a USB drive since the copy - paste functions do not work between user accounts
    • After copying the files, go to the respective user account and copy from the USB drive "OpenVPN" into the ~/Library/Application Support/Viscosity folder, and copy "Viscocity" to the Applications folder. After the installation just open Viscosity and click connect.
      
      

19. Do I need any special wireless network adapter for your personalVPN?

    Answer

    No, it should work with all connection types, however, we discourage dial-up as it may be unbearably slow.
    
    

20. Do I need to download any special software to use your service? If so, is it resource intensive? How difficult is it to setup and maintain?

    Answer

    • Upon purchase, we provide a link to download our software. The software uses very little memory and few CPU cycles. When the VPN is up and running, there is some overhead associated with the encrypting/decrypting the traffic, and sometimes you may notice a slowdown in performance, but in general there is very little noticeable slowdown.
    • As for setup and maintenance, there are a few steps to get up and running. We have links to instructions on the Main_Page of our wiki.
      
      
21. Can I use your personalVPN service with any type of internet connection?

    Answer

    Yes, it should work with any type of internet connection. We have seen a few cases where ISPs are blocking VPN traffic from their networks, but this is rare. There are also rare cases in which a wifi provider only wants to allow Web surfing -- so port 80 and a handful of other ports are open, but the rest are blocked. By default personalVPN currently uses UDP 1194, however, we have an Alternate Port server using TCP 443.
    
    

22. Do I need to change different network settings when connecting to different networks?

    Answer

    No, there is an icon in your toolbar that you use to enable and disable the VPN connection.
    
    

23. How do I know personalVPN is working?

    Answer

    Whether using a Mac or PC, the toolbar icon should indicate when the VPN is active or inactive. To TEST that you are fully secured and anonymized, go to http://www.ipchicken.com (or any IP address tester) and you should see a WiTopia IP address displayed instead of your ISP’s. You should also see "vpn.witopia.net" (or something very similar) under “Name Address” in Advanced section. If not, and none of the questions on this FAQ help, you can send a copy of the log to us at support@witopia.net to open a trouble ticket.
    
    

24. What WON'T work with a personalVPN connection?

    Answer

    Any type of service that requires a 'listening' socket at the remote end will not work. For example:

    1. ftp in non-passive mode
    2. remote access to your computer (via ssh, telnet, ...)
    3. any web services you offer from your computer
    4. p2p clients which benefit from incoming connection availability

    • Such services may still be provided by your computer - just not while using the VPN
      
      
25. On my Mac, I chose "Quit" from the tunnel icon instead of "Disconnect" now the tunnel icon is gone! How do I get it back?

    Answer

    Use the finder to run the "Tunnelblick" or "Viscosity" application in the "Applications" folder. Double click on it. The icon in your upper toolbar will reappear.
    
    

26. Can I configure personalVPN so it automatically connects upon login/reboot?

    Answer

    Yes, when using Windows. Here's what you need to do.

    1. Make a copy of the personalVPN desktop icon/shortcut
    2. Move the copy into your "Startup" folder
    3. Right-click on the personalVPN shortcut you just moved to "Startup" folder and select "Properties"
    4. Under the "Shortcut" tab under "Target:" it should say "C:\Program Files\WiTopia.Net\bin\openvpn-gui-1.0.3.exe" --connect personalVPN.ovpn (you need to add "--connect personalVPN.ovpn")
    5. Click "Apply", then "OK"
    6. Next time you reboot, personalVPN should startup automatically.
       
       

27. Looking at the log file, I see "SSL log: ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct. Route addition via IPAPI failed", how do I fix this?

    Answer

    1. Make sure you are logged in with the administrator account on your computer. If you have VISTA or Windows 7, make sure you are right clicking on the personalvpn shortcut on your desktop and choosing "Run as Administrator" each time you launch the vpn. We do advise that you turn off UAC if you have VISTA. The steps to do this are in #9 above.
    2. If this doesn't solve the issue, please try this, not matter what version of Windows you have::

    • Right click on the gui icon, highlight the gateway you want to use - then click EDIT CONFIG.
    • At the bottom of the configuration file, you will see a section that looks like this

    #Uncomment only if instructed to do so by WiTopia Support Staff

    #route-method exe

    #route-delay 2

    • Remove the "#" sign in front of the 2 "route" commands, so it looks like this:

    
route-method exe

    route-delay 2

    • Save the file, answer Yes to replace the file so it keeps the same file name.
    • Finally, restart your vpn and connect to that gateway.

28. None of this addresses the problem I'm having, what next?

    Answer

    E-mail support@witopia.net. Be sure it include your ORD#, product, Operating System, and a description of the problem.