Menu
What's new
By:
Filters
Better Search

OpenVPN Help Please...

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

B

B-HAX

New Around Here
Greetings,

Donator seeking tech support. I was trying to setup OpenVPN connection in my ASUS AC68U with Merlin 380.68_4 loaded up.

Any help, greatly appreciated! Thanks1

-b
Here is what I get from the Log:

Oct 16 14:52:59 openvpn[22286]: OpenVPN 2.4.3 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Oct 4 2017
Oct 16 14:52:59 openvpn[22286]: library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.08
Oct 16 14:52:59 openvpn[22287]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 16 14:52:59 openvpn[22287]: Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Oct 16 14:52:59 openvpn[22287]: Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Oct 16 14:52:59 openvpn[22287]: TCP/UDP: Preserving recently used remote address: [AF_INET6]2001:1af8:4700:a039:8::1:1194
Oct 16 14:52:59 openvpn[22287]: Socket Buffers: R=[122880->122880] S=[122880->122880]
Oct 16 14:52:59 openvpn[22287]: UDP link local: (not bound)
Oct 16 14:52:59 openvpn[22287]: UDP link remote: [AF_INET6]2001:1af8:4700:a039:8::1:1194
Oct 16 14:52:59 openvpn[22287]: write UDP: Network is unreachable (code=101)
Oct 16 14:52:59 openvpn[22287]: Network unreachable, restarting
Oct 16 14:52:59 openvpn[22287]: SIGUSR1[soft,network-unreachable] received, process restarting
Oct 16 14:52:59 openvpn[22287]: Restart pause, 5 second(s)
Oct 16 14:53:04 openvpn[22287]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 16 14:53:04 openvpn[22287]: TCP/UDP: Preserving recently used remote address: [AF_INET]5.79.77.168:1194
Oct 16 14:53:04 openvpn[22287]: Socket Buffers: R=[122880->122880] S=[122880->122880]
Oct 16 14:53:04 openvpn[22287]: UDP link local: (not bound)
Oct 16 14:53:04 openvpn[22287]: UDP link remote: [AF_INET]5.79.77.168:1194
Oct 16 14:53:04 openvpn[22287]: TLS: Initial packet from [AF_INET]5.79.77.168:1194, sid=1650db48 5a705c7a
Oct 16 14:53:04 openvpn[22287]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Oct 16 14:53:05 openvpn[22287]: VERIFY OK: depth=1, C=CA, ST=Ontario, O=Whatbox Inc., CN=OpenVPN
Oct 16 14:53:05 openvpn[22287]: VERIFY KU OK
Oct 16 14:53:05 openvpn[22287]: Validating certificate extended key usage
Oct 16 14:53:05 openvpn[22287]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Oct 16 14:53:05 openvpn[22287]: VERIFY EKU OK
Oct 16 14:53:05 openvpn[22287]: VERIFY OK: depth=0, C=CA, ST=Ontario, O=Whatbox Inc., CN=*.whatbox.ca, emailAddress=support@whatbox.ca
Oct 16 14:53:05 openvpn[22287]: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Oct 16 14:53:05 openvpn[22287]: [*.whatbox.ca] Peer Connection Initiated with [AF_INET]5.79.77.168:1194
Oct 16 14:53:06 openvpn[22287]: SENT CONTROL [*.whatbox.ca]: 'PUSH_REQUEST' (status=1)
Oct 16 14:53:06 openvpn[22287]: PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,redirect-gateway def1,route-ipv6 2000::/3,redirect-gateway ipv6,tun-ipv6,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig-ipv6 2001:1af8:4700:a039:8::1002/112 2001:1af8:4700:a039:8::2,ifconfig 10.8.0.10 10.8.0.9,peer-id 1,cipher AES-256-GCM'
Oct 16 14:53:06 openvpn[22287]: Note: option tun-ipv6 is ignored because modern operating systems do not need special IPv6 tun handling anymore.
Oct 16 14:53:06 openvpn[22287]: OPTIONS IMPORT: timers and/or timeouts modified
Oct 16 14:53:06 openvpn[22287]: OPTIONS IMPORT: --ifconfig/up options modified
Oct 16 14:53:06 openvpn[22287]: OPTIONS IMPORT: route options modified
Oct 16 14:53:06 openvpn[22287]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Oct 16 14:53:06 openvpn[22287]: OPTIONS IMPORT: peer-id set
Oct 16 14:53:06 openvpn[22287]: OPTIONS IMPORT: adjusting link_mtu to 1625
Oct 16 14:53:06 openvpn[22287]: OPTIONS IMPORT: data channel crypto options modified
Oct 16 14:53:06 openvpn[22287]: Data Channel: using negotiated cipher 'AES-256-GCM'
Oct 16 14:53:06 openvpn[22287]: Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Oct 16 14:53:06 openvpn[22287]: Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Oct 16 14:53:06 openvpn[22287]: GDG6: remote_host_ipv6=n/a
Oct 16 14:53:06 openvpn[22287]: TUN/TAP device tun11 opened
Oct 16 14:53:06 openvpn[22287]: TUN/TAP TX queue length set to 100
Oct 16 14:53:06 openvpn[22287]: do_ifconfig, tt->did_ifconfig_ipv6_setup=1
Oct 16 14:53:06 openvpn[22287]: /usr/sbin/ip link set dev tun11 up mtu 1500
Oct 16 14:53:06 openvpn[22287]: /usr/sbin/ip addr add dev tun11 local 10.8.0.10 peer 10.8.0.9
Oct 16 14:53:06 openvpn[22287]: /usr/sbin/ip -6 addr add 2001:1af8:4700:a039:8::1002/112 dev tun11
Oct 16 14:53:06 openvpn[22287]: Linux ip -6 addr add failed: external program exited with error status: 2
Oct 16 14:53:06 openvpn[22287]: Exiting due to fatal error
 
IPv6 failing. Try disabling it. Not sure what options there are on the VPN relating to it but turn off any there, if that doesn’t help disable/enabled (whatever it currently isn’t) it on the router as a whole (at least as an initial fact finding test).

Please post more detail on what problems are including description of your scenario and any related config in the future.


Sent from my iPhone using Tapatalk
 
Exit status 2 is a kernel level error, so maybe ipv6 is not supported/enabled/configured on your router?
Again, include what router you are using!


Sent from my iPhone using Tapatalk
 
Sorry, I had it at the top of my post: ASUS AC68U with Merlin 380.68_4

Turning ON IPv6 did the trick, all connected. Now to try and figure out how to get it working without IPv6 enabled.
 
The OpenVPN client doesn't support ipv6. Add these two lines to the custom configuration section

pull-filter ignore "ifconfig-ipv6"
pull-filter ignore "route-ipv6"
 
john9527, Gold star for you!

Thanks a million! I was trying those without the quotes and I was getting errors!

Cheers!
-b
 
Apologies, very odd tapatalk bug, all I can see is a few lines of log (luckily the important bits!!). If I quote your OP I can see the rest. Glad it’s sorted!
b5e737fe4ed3bd664290db2609d5601d.png


Anyone know how/who to report this bug to!?


Sent from my iPhone using Tapatalk
 
You must log in or register to reply here.

Similar threads

K
WPS connection issues to IoT device with GT-AXE16000 GT-AXE11000
Replies
3
Views
663
glens
G
P
OVPN Problem. Asus rt ax56u (latest merlin firmware
Replies
9
Views
1K
pattox
P
N
Solved Unable to connect to VPN server with self-signed certificate
Replies
0
Views
437
nino_070
N
C
OVPN Timeout "SIGUSR1[soft,ping-restart]"
Replies
0
Views
2K
callefreddan
C
gallahermike
GT-BE98 Pro and OpenVPN problem
Replies
7
Views
860
gallahermike
gallahermike
Similar threads
Thread starter Title Forum Replies Date
D Asus GT-AX11000 (3004.388.4_beta3) OPENVPN Server help needed vith Site to Site Asuswrt-Merlin 14
bengalih Need help with OpenVPN server configured in non-routing mode Asuswrt-Merlin 1
Zigster IPV6 and OpenVPN on Asus Merlin on Asus GT-AXE11000 Asuswrt-Merlin 0
P Openvpn internet access Asuswrt-Merlin 0
E OpenVPN TAP internet access problem Asuswrt-Merlin 0
M OpenVPN clients cannot connect to LAN computers. Asuswrt-Merlin 0
M OpenVPN / site to site with special security/routing constraints Asuswrt-Merlin 7
R OpenVPN keeps on turning itself off Asuswrt-Merlin 40
M Best router for wireguard or openVPN Asuswrt-Merlin 1
W OpenVPN Server set to LAN only allows browsing Asuswrt-Merlin 14

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 566 (members: 15, guests: 551)
Top