Menu
What's new
By:
Filters Better Search

asus rt-ac68u openvpn client fails to connect over UDP

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

U

uniquethis

New Around Here
Hello,

I have asus rt-ac68u with asuswrt-merlin 380.57. OpenVpn server is enabled and works fine with TCP protocol and custom port number. DDNS is enabled (via jffs and 'custom' ddns server name option in GUI), client machine is located inside routers LAN (connected via WiFi). But, as soon as I change protocol to UDP (on server and in client config) vpn client fails to establish connection:
server logs
Code: 
Jan  4 22:30:27 openvpn[1514]: 192.168.1.250:39950 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan  4 22:30:27 openvpn[1514]: 192.168.1.250:39950 TLS Error: TLS handshake failed
Jan  4 22:30:27 openvpn[1514]: 192.168.1.250:39950 SIGUSR1[soft,tls-error] received, client-instance restarting

client logs:
Code: 
Mon Jan  4 22:29:27 2016 UDPv4 link local: [undef]
Mon Jan  4 22:29:27 2016 UDPv4 link remote: [AF_INET]xxx.x.xx.xx:3145
Mon Jan  4 22:29:27 2016 TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.1:3145[2], expected peer address: [AF_INET]xxx.x.xx.xx:3145 (allow this incoming source address/port by removing --remote or adding --float)
Mon Jan  4 22:29:29 2016 TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.1:3145[2], expected peer address: [AF_INET]xxx.x.xx.xx:3145 (allow this incoming source address/port by removing --remote or adding --float)
Mon Jan  4 22:29:29 2016 TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.1:3145[2], expected peer address: [AF_INET]xxx.x.xx.xx:3145 (allow this incoming source address/port by removing --remote or adding --float)

It looks like that outgoing connection reaches external IP (xxx.x.xx.xx:3145), but response comes from inside LAN... For TCP protocol (leaving all other parameters the same) everything works fine:

Code: 
Mon Jan  4 22:52:44 2016 TCP connection established with [AF_INET]xxx.x.xx.xx:3145
Mon Jan  4 22:52:44 2016 TCPv4_CLIENT link local: [undef]
Mon Jan  4 22:52:44 2016 TCPv4_CLIENT link remote: [AF_INET]xxx.x.xx.xx:3145
Mon Jan  4 22:52:44 2016 TLS: Initial packet from [AF_INET]xxx.x.xx.xx:3145, sid=...
Mon Jan  4 22:52:44 2016 VERIFY OK: ...


Adding float option to client config solves connection problem. Connecting from outside routers LAN (another network) via UDP also works ok.
But I'd like to know why it works out of the box for TCP but not UDP inside routers LAN?

P.S. I am new to networking and probably missing some simple detail or fact here (probably it works as expected in this scenario).
 
Last edited:
Same issue. I couldn't figure out why I couldn't test my setup until finding this.
 
Hi,

No problem with my VPN provider: I downloaded the UDP config files for routers (same as for Android phones) and it works on both like a charm! ;)

Can you go back to your VPN provider and ask for a specific router/Android UDP OpenVPN config file? :rolleyes:
 
Last edited:
You must log in or register to reply here.

Similar threads

N
Solved Unable to connect to VPN server with self-signed certificate
Replies
0
Views
411
nino_070
N
B
OpenVPN TLS Error: tls-crypt unwrapping failed
Replies
1
Views
2K
brzvlg
B
R
Solved At Wits End. OpenVPN Certificate Connection issue with Asus Router
Replies
4
Views
1K
Clark Griswald
Clark Griswald
R
VPN between Asus RT cannot communicate
Replies
3
Views
1K
raynaud
R
P
OVPN Problem. Asus rt ax56u (latest merlin firmware
Replies
9
Views
1K
pattox
P
Similar threads
Thread starter Title Forum Replies Date
S How to auto-restart remote clients (an Asus RT-AC68U) OpenVPN client Asuswrt-Merlin 45
J In asus rt-ac68u router under VPN Client - VPN Server List missing OpenVPN Asuswrt-Merlin 30
C Where to Download GNUton's Asus Merlin For DSL-AC68U Asuswrt-Merlin 5
dbaser ASUS RT-AC68U not working after Merlin firmware update, did I brick it? Asuswrt-Merlin 15
H Asus RT-AC68U SSH not responsive after time, reboot not helping. Asuswrt-Merlin 4
Run5k Solved ASUS RT-AC68U router can't reach specific website - known issue? Asuswrt-Merlin 6
J Solved *SOLVED* Asus RT-AX86U Pro on latest Merlin 3004.388.4, cannot get RT-AC68U (on any firmware) to connect as a AI Mesh Node Asuswrt-Merlin 3
P asus ac68u firewall Asuswrt-Merlin 26
B Two Asus RT-AC68U routers with Merlin software, connected via VPN - dhcp problem. Asuswrt-Merlin 5
Turgut Kalfaoglu Setting ASUS DSL-N17U and RT-AC68U in Bridge Mode Asuswrt-Merlin 9

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 929 (members: 25, guests: 904)
Top