Menu
What's new
By:
Filters Better Search

ASUS AC68U (merlin 378.56 beta2) - auth sha256 / auth sha512

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

W

winter

New Around Here
Hi, I tried to change the default auth sha1 to either auth sha256 or auth sha512 on both the client and server side. Neither will connect and the same error message will appear on the router log: TLS Error: cannot locate HMAC in incoming packet from [AF_INET]

When I add auth sha256 or auth sha512, the server seems to start up just fine as if use default auth sha1. However, when add the same line to clients (windows openvpn client & ios openvpn connect app), neither client will connect and give same error as listed above. If I remove the command from server and client sides, the connection will work just fine as auth sha1.

I am not sure if I am missing something here or there is an issue on server.

Please help. thanks.
 
378.56 Beta 2 is now dead. 378.56 final has been released for your model.

Upgrade to that and do a complete and proper reset to factory defaults if you want to track down any remaining bugs in the 378.56 series. For all we know, the final may have fixed your issue already.
 
Works for me. I added "auth SHA256" to both the server's custom config field and to my client:

Code: 
Oct 26 15:16:40 openvpn[11761]: 60.60.60.60:49365 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Oct 26 15:16:40 openvpn[11761]: 60.60.60.60:49365 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Oct 26 15:16:40 openvpn[11761]: 60.60.60.60:49365 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Oct 26 15:16:40 openvpn[11761]: 60.60.60.60:49365 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication

Also make sure your client does support it. I'm using the Win32 OpenVPN 2.3.7 client here.
 
Finally figured out what went wrong. The auth sha256 command line has to be add right after the server address part before others. I was put it at end and that is what made it fail and said the error listed in the original post. Didn't know the location matters within the client configuration file. Solved and case closed. Thanks to all.


Sent from my iPhone using Tapatalk
 
You must log in or register to reply here.

Similar threads

N
Solved Unable to connect to VPN server with self-signed certificate
Replies
0
Views
406
nino_070
N
F
Site To Site VPN between Debian VM and AsusWRT-Merlin router, no routes exists
Replies
2
Views
633
Freewill0592
F
T
Smart Life Device Keeps Disconnecting Daily
Replies
1
Views
176
techdiver
T
S
Explicit oVPN routing
Replies
4
Views
704
ZebMcKayhan
Z
M
merlin 386.1, ovpn client 3.4.1, "error:0A00018E:SSLroutines::ca mtd too week [ERR]"
Replies
3
Views
343
Ripshod
Ripshod
Similar threads
Thread starter Title Forum Replies Date
C Wireguard on Asus: Can only see router, not LAN Devices! VPN 2
B Just got Nord ruuning on Asus now have one more issue VPN 2
M Asus- Open VPN and reaching network drives VPN 8
I Hardening Asus Merlin built in OpenVPN server VPN 1
B Does Asus AC5300 OpenVPN server support connect with IPV6 network? VPN 2
Diablo99 Asus RT-AX86U Router & VPN VPN 8
R allowing direct WAN access on Asus RT-AX86U VPN 7
A Port forwarding over proton VPN on Asus Merlin router. VPN 9
P Cannot get VPN to function properly from ASUS router to Apple TV VPN 3
J Asus AX88U VPN VPN 7

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 768 (members: 12, guests: 756)
Top