Menu
What's new
By:
Filters Better Search

help...coming from ddwrt and can't get openvpn working...

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

P

Pupster

Occasional Visitor
I copied and pasted my relevant certificates/keys into ASUS Merlin on my RT-AC5300. Here are my settings: (I would like to use TAP and bridged mode for my own reasons).


Advanced Settings
Interface Type TAP
Protocol UDP
Server Port (Default : 1194) 1194
Firewall Auto
Authorization Mode TLS
Username/Password Authentication No
Extra HMAC authorization (TLS-Auth) Disable
Auth digest Default
Allocate from DHCP No
Client Address Pool 192.168.2.125 192.168.2.149
Poll Interval minute(s) (Disable : 0)
Direct clients to redirect Internet traffic No
Respond to DNS No
Encryption cipher AES-256-CBC
Compression Adaptive
TLS Renegotiation Time seconds (Default : -1) -1
Global Log verbosity (Between 0 and 11. Default: 3) 3
Manage Client-Specific Options No

Under custom config, I have the following (which I wonder if it overwrites some of the above??):

# Tunnel options
mode server # Set OpenVPN major mode
proto udp # Setup the protocol (server)
port 1194 # TCP/UDP port number
dev tap0 # TUN/TAP virtual network device
keepalive 15 60 # Simplify the expression of --ping
daemon # Become a daemon after all initialization
verb 3 # Set output verbosity to n
comp-lzo # Use fast LZO compression

# OpenVPN server mode options
client-to-client # tells OpenVPN to internally route client-to-client traffic
duplicate-cn # Allow multiple clients with the same common name

# TLS Mode Options
tls-server # Enable TLS and assume server role during TLS handshake

====

For my connection config file:


client


dev tap
;dev tun


;dev-node MyTap


;proto tcp
proto udp


remote secret.com 1194

route-delay 5

;remote my-server-2 1194


resolv-retry 60


nobind


;user nobody
;group nobody
;auth-user-pass


persist-key
persist-tun


;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]


;mute-replay-warnings


ca ca.crt
cert client1.crt
key client1.key
ns-cert-type server
comp-lzo
verb 3
client


dev tap
;dev tun


;dev-node MyTap


;proto tcp
proto udp


remote pupster.asuscomm.com 1194

route-delay 5

;remote my-server-2 1194


resolv-retry 60


nobind


;user nobody
;group nobody
;auth-user-pass


persist-key
persist-tun


;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]


;mute-replay-warnings


ca ca.crt
cert client1.crt
key client1.key
ns-cert-type server
comp-lzo
verb 3

====
And here's the logfile error from OpenVPN Gui under Windows 10:

Wed Jun 01 01:19:15 2016 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jun 01 01:19:15 2016 TLS Error: TLS handshake failed
Wed Jun 01 01:19:15 2016 SIGUSR1[soft,tls-error] received, process restarting
Wed Jun 01 01:19:15 2016 MANAGEMENT: >STATE:1464758355,RECONNECTING,tls-error,,
Wed Jun 01 01:19:15 2016 Restart pause, 2 second(s)
Wed Jun 01 01:19:17 2016 Socket Buffers: R=[65536->65536] S=[64512->64512]
Wed Jun 01 01:19:17 2016 MANAGEMENT: >STATE:1464758357,RESOLVE,,,
Wed Jun 01 01:19:17 2016 UDPv4 link local: [undef]
Wed Jun 01 01:19:17 2016 UDPv4 link remote: [AF_INET]secret.ip.address.com:1194
Wed Jun 01 01:19:17 2016 MANAGEMENT: >STATE:1464758357,WAIT,,,
Wed Jun 01 01:20:17 2016 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jun 01 01:20:17 2016 TLS Error: TLS handshake failed
Wed Jun 01 01:20:17 2016 SIGUSR1[soft,tls-error] received, process restarting
Wed Jun 01 01:20:17 2016 MANAGEMENT: >STATE:1464758417,RECONNECTING,tls-error,,
Wed Jun 01 01:20:17 2016 Restart pause, 2 second(s)
Wed Jun 01 01:20:19 2016 Socket Buffers: R=[65536->65536] S=[64512->64512]
Wed Jun 01 01:20:19 2016 MANAGEMENT: >STATE:1464758419,RESOLVE,,,
Wed Jun 01 01:20:20 2016 UDPv4 link local: [undef]
Wed Jun 01 01:20:20 2016 UDPv4 link remote: [AF_INET]secret.ip.address.com:1194
Wed Jun 01 01:20:20 2016 MANAGEMENT: >STATE:1464758420,WAIT,,,
Wed Jun 01 01:21:20 2016 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jun 01 01:21:20 2016 TLS Error: TLS handshake failed
Wed Jun 01 01:21:20 2016 SIGUSR1[soft,tls-error] received, process restarting
Wed Jun 01 01:21:20 2016 MANAGEMENT: >STATE:1464758480,RECONNECTING,tls-error,,
Wed Jun 01 01:21:20 2016 Restart pause, 2 second(s)
Wed Jun 01 01:21:22 2016 Socket Buffers: R=[65536->65536] S=[64512->64512]
Wed Jun 01 01:21:22 2016 MANAGEMENT: >STATE:1464758482,RESOLVE,,,
Wed Jun 01 01:21:22 2016 UDPv4 link local: [undef]
Wed Jun 01 01:21:22 2016 UDPv4 link remote: [AF_INET]secret.ip.address.com:1194
Wed Jun 01 01:21:22 2016 MANAGEMENT: >STATE:1464758482,WAIT,,,
Wed Jun 01 01:22:22 2016 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jun 01 01:22:22 2016 TLS Error: TLS handshake failed
Wed Jun 01 01:22:22 2016 SIGUSR1[soft,tls-error] received, process restarting
Wed Jun 01 01:22:22 2016 MANAGEMENT: >STATE:1464758542,RECONNECTING,tls-error,,
Wed Jun 01 01:22:22 2016 Restart pause, 2 second(s)
Wed Jun 01 01:22:24 2016 Socket Buffers: R=[65536->65536] S=[64512->64512]
Wed Jun 01 01:22:24 2016 MANAGEMENT: >STATE:1464758544,RESOLVE,,,
Wed Jun 01 01:22:25 2016 UDPv4 link local: [undef]
Wed Jun 01 01:22:25 2016 UDPv4 link remote: [AF_INET]secret.ip.address.com:1194
Wed Jun 01 01:22:25 2016 MANAGEMENT: >STATE:1464758545,WAIT,,,
Wed Jun 01 01:23:25 2016 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jun 01 01:23:25 2016 TLS Error: TLS handshake failed
Wed Jun 01 01:23:25 2016 SIGUSR1[soft,tls-error] received, process restarting
Wed Jun 01 01:23:25 2016 MANAGEMENT: >STATE:1464758605,RECONNECTING,tls-error,,
Wed Jun 01 01:23:25 2016 Restart pause, 2 second(s)
Wed Jun 01 01:23:27 2016 Socket Buffers: R=[65536->65536] S=[64512->64512]
Wed Jun 01 01:23:27 2016 MANAGEMENT: >STATE:1464758607,RESOLVE,,,
Wed Jun 01 01:23:27 2016 UDPv4 link local: [undef]
Wed Jun 01 01:23:27 2016 UDPv4 link remote: [AF_INET]secret.ip.address.com:1194
Wed Jun 01 01:23:27 2016 MANAGEMENT: >STATE:1464758607,WAIT,,,
Wed Jun 01 01:24:27 2016 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jun 01 01:24:27 2016 TLS Error: TLS handshake failed
Wed Jun 01 01:24:27 2016 SIGUSR1[soft,tls-error] received, process restarting
Wed Jun 01 01:24:27 2016 MANAGEMENT: >STATE:1464758667,RECONNECTING,tls-error,,
Wed Jun 01 01:24:27 2016 Restart pause, 2 second(s)
Wed Jun 01 01:24:29 2016 Socket Buffers: R=[65536->65536] S=[64512->64512]
Wed Jun 01 01:24:29 2016 MANAGEMENT: >STATE:1464758669,RESOLVE,,,
Wed Jun 01 01:24:29 2016 UDPv4 link local: [undef]
Wed Jun 01 01:24:29 2016 UDPv4 link remote: [AF_INET]secret.ip.address.com:1194
Wed Jun 01 01:24:29 2016 MANAGEMENT: >STATE:1464758669,WAIT,,,
Wed Jun 01 01:25:29 2016 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jun 01 01:25:29 2016 TLS Error: TLS handshake failed
Wed Jun 01 01:25:29 2016 SIGUSR1[soft,tls-error] received, process restarting
Wed Jun 01 01:25:29 2016 MANAGEMENT: >STATE:1464758729,RECONNECTING,tls-error,,
Wed Jun 01 01:25:29 2016 Restart pause, 2 second(s)
Wed Jun 01 01:25:31 2016 Socket Buffers: R=[65536->65536] S=[64512->64512]
Wed Jun 01 01:25:31 2016 MANAGEMENT: >STATE:1464758731,RESOLVE,,,
Wed Jun 01 01:25:31 2016 UDPv4 link local: [undef]
Wed Jun 01 01:25:31 2016 UDPv4 link remote: [AF_INET]secret.ip.address.com:1194
Wed Jun 01 01:25:31 2016 MANAGEMENT: >STATE:1464758731,WAIT,,,
Wed Jun 01 01:26:31 2016 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jun 01 01:26:31 2016 TLS Error: TLS handshake failed
Wed Jun 01 01:26:31 2016 SIGUSR1[soft,tls-error] received, process restarting
Wed Jun 01 01:26:31 2016 MANAGEMENT: >STATE:1464758791,RECONNECTING,tls-error,,
Wed Jun 01 01:26:31 2016 Restart pause, 2 second(s)
Wed Jun 01 01:26:33 2016 Socket Buffers: R=[65536->65536] S=[64512->64512]
Wed Jun 01 01:26:33 2016 MANAGEMENT: >STATE:1464758793,RESOLVE,,,
Wed Jun 01 01:26:33 2016 UDPv4 link local: [undef]
Wed Jun 01 01:26:33 2016 UDPv4 link remote: [AF_INET]secret.ip.address.com:1194
Wed Jun 01 01:26:33 2016 MANAGEMENT: >STATE:1464758793,WAIT,,,
Wed Jun 01 01:27:33 2016 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jun 01 01:27:33 2016 TLS Error: TLS handshake failed
Wed Jun 01 01:27:33 2016 SIGUSR1[soft,tls-error] received, process restarting
Wed Jun 01 01:27:33 2016 MANAGEMENT: >STATE:1464758853,RECONNECTING,tls-error,,
Wed Jun 01 01:27:33 2016 Restart pause, 2 second(s)
Wed Jun 01 01:27:35 2016 Socket Buffers: R=[65536->65536] S=[64512->64512]
Wed Jun 01 01:27:35 2016 MANAGEMENT: >STATE:1464758855,RESOLVE,,,
Wed Jun 01 01:27:35 2016 UDPv4 link local: [undef]
Wed Jun 01 01:27:35 2016 UDPv4 link remote: [AF_INET]secret.ip.address.com:1194
Wed Jun 01 01:27:35 2016 MANAGEMENT: >STATE:1464758855,WAIT,,,



====

Any ideas why this is not working when connecting to Tomato/AsusMerlin? It connects just fine if I use DDWRT, but I prefer the Merlin interface.
 
Remove all the extra settings you've added, most of them will conflict with the firmware configuration, and the dev setting itself will most likely completely break your tunnel (the firmware uses a completely different interface name).

Also, use the Export button to generate your client's config file, to ensure the two are matching.
 
You must log in or register to reply here.

Similar threads

C
Loss of Internet and Red Light after a few days when one particular computer is on
Replies
16
Views
1K
cgrey8
C
P
openvpn connection problems
Replies
1
Views
792
ColinTaylor
C
J
Chaotic UTC and local time in merlin
2
Replies
22
Views
2K
Jiang
J
R
Solved At Wits End. OpenVPN Certificate Connection issue with Asus Router
Replies
4
Views
1K
Clark Griswald
Clark Griswald
W
[HELP] Asus RT-AC86U Merlin V386.3_2 VPN stopped working
Replies
7
Views
2K
archiel
A
Similar threads
Thread starter Title Forum Replies Date
C Solved Need help with nat-start scripts Asuswrt-Merlin 3
G Need help with VPN Asuswrt-Merlin 2
P Help with traffic filtering Asuswrt-Merlin 0
C Need some help with a DHCP problem Asuswrt-Merlin 9
S Help Required AC68U (TM-AC1900) troubleshooting after power outage Asuswrt-Merlin 3
C Need help with GT-AXE11000 and DNS Director Asuswrt-Merlin 0
Spydawg need help with network loop. Asuswrt-Merlin 9
J Help - duckdns has started returning an IPv6 IP address Asuswrt-Merlin 1
A Help Required Upgrading AC68U from Stock FW to Merlin Please? Asuswrt-Merlin 15
F ASUS RT-AC86U (merlin Current Version : 386.12_6): jffs2: Argh. No free space left for GC. Can you help me troubleshoot this please? Asuswrt-Merlin 6

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 860 (members: 15, guests: 845)
Top