ExpressVPN anyone?

Started by cloudfrog, June 03, 2024, 12:34:03 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 03, 2024, 12:34:03 AM Last Edit: June 03, 2024, 01:00:48 AM by cloudfrog
Signed up for expressvpn, and trying to get it working on OPNsense 24.1.8.

Express doesn't have opnsense in there list of supported platforms so their support immediately showed me the door.

I found a few threads on others using this combo.   Overall it seems some people have it working, but haven't seen anything recent.


I downloaded the generic linux openvpn client config and tried to apply the settings in the gui.  It is complaining about certs no matter what i do.   

In the open vpn config i have these:
<cert>,  <key>,  <ca>,   and <tls-auth>

I went to
1. System -> Trust -> Authorities.   Added a new authority.  (copy paste the <ca>  cert). and left the key blank.

2. System -> Trust -> Certificaes.  Add new cert   using the <cert> and <key> from the config.

3. VPN-> OpenVPN -> Instances -> Static Keys tab.   Added a new static key using the <tls-auth> cert.   For mode i chose "auth".. other option was crypt

4. VPN-> OpenVPN -> Instances -> Instances tab. and added a new  instances. 
* Trust -> Certificate:    Chose the client cert i added earlier
* TLS Static key,  i chose the static key i imported.

When i go to save,  it ways "Unable to locate a CA for this certificate."  next to the trust certificate field.
February 03, 2025, 03:12:47 PM #1
Hello! I know this has been dormant for a very long time, but I figured out the answer, and wanted to post to make sure that others finding this found a solution.

OPNsense Version: 24.7.5-amd64
While configuring the OpenVPN instance, there is a toggle in the top left "Advanced Mode". Toggling this will show an additional drop down in the "Trust" section that has the CA to use.

March 26, 2026, 04:05:52 AM #2
Can someone send the entire configuration as I have all of this and it just wont connect.
System: Trust: Authorities: ExpressVPN CA Created
System: Trust: Certificates: ExpressVPN CA Certificate Created
System: Trust: Certificates: ExpressVPN Client Certificate Created

VPN: OpenVPN: Instances: ExpressVPN

Role: Client
Protocol: UDP
Port: 1195
Bind: Blank
Type: TUN
Remote: dominicanrepublic-ca-version-2.expressnetw.com
Depend on CARP: None
Trust/Certificate: ExpressVPN CA Certificate
Verify Remote Certificate: Checked
TLS Static Key: ExpressVPN TLS Key
Username: From ExpressVPN
Password: From ExpressVPN

Saves/ Applied

Status: Wait
None of the other fields under status have any values...

Please help, cannot for the life of me get this working!

Today at 12:43:18 AM #3
Hey Scott. I don't have any advice for you right now just some info.
I've been using ExpressVPN with OpenVPN for years now and just noticed it not working anymore.
ExpressVPN has changed their connection requirements and OpenVPN is no longer current enough to work with their systems.

https://www.reddit.com/r/Express_VPN/comments/1rpwkzf/reminder_to_update_your_expressvpn_app_before/

It appears that it will no longer work without their GUI interface so CLI and systems like OPNsense will no longer work. Booo!
Today at 01:10:36 AM #4
Am i hearing that after 8 years of using ExpressVPN I am going to have to change?
That sucks!
Today at 02:29:55 AM #5
I think so. I've just finished following two or three different tutorials on how to set up the CLI interface but they're all from 2023 and 2024. Spent about an hour on chat with somebody from ExpressVPN going over their most recent post and even that isn't working. After an hour my session was disconnected so I think they just gave up. In the morning I'm going to start looking for a new provider. Very basic googling I might go with Nord but I got to do my research first. Make sure they will work with open sense or Linux command line.

I think I've been with them almost 10 years now. I wonder how many other clients they're going to lose with this upgrade.
Print
Go Up Pages1
User actions