What's new

ax58u keeps dropping openvpn connection. bug in firmware?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

cooloutac

Very Senior Member
have an issue where my asus ax58u router keeps dropping vpn connection. not sure if i set something up wrong. i see this in the log that is probably related; Oct 3 19:59:09 ovpn-client5[2572]: [nordvpn.com] Inactivity timeout (--ping-restart), restarting

and these;
Oct 3 19:59:15 openvpn-routing: Configuring policy rules for client 5
Oct 3 19:59:15 openvpn-routing: Tunnel down - VPN client access blocked

also related? Oct 3 19:59:15 ovpn-client5[2572]: ERROR: Linux route delete command failed: external program exited with error status: 1

any ideas? its really annoying to have the vpn connection go down multiple times a day. at first i didn't have a skillswitch setup and i didn't have the router ip set as wan in policy rules. i i have multiple devices i set for wan as well. not sure what i'm doing wrong. it reconnects but i want to have a stable connection. i contacted nord tech support and they believe there is a bug in the firmware.

thanks for the help.
 
Last edited:
Having the OpenVPN client perform a restart due to a keepalive failing (which is what the ping-restart is all about) is not that uncommon. All it takes is a few seconds (20, 30?) where the client and server lose communications, and it will attempt to reestablish those communications w/ a soft-restart. But if that can't be done, then the tunnel will come down. And at that point, the VPN's network interface gets removed from the routing tables. And when the router subsequently attempts to remove its own routes that reference the VPN network interface, they produce the error; they're already gone! So in and of itself, that error isn't really the problem. It's just a victim of what happened previously.

It's always possible your *ISP* connection is not reliable, which then affects the VPN. But it's pretty difficult to know the actual sequence of events unless we have a FULL syslog, so we can see the failure in context. I recall about a year or so ago someone having similar failures, only to find out the VPN was killing the connection from their side due to overloaded servers. They refused to acknowledge it initially until presented w/ the syslogs over several days proving they were being less than truthful.

Sometimes the choice of VPN providers makes a big difference. They *all* make the same claims of reliability and performance. But in real world results, they can vary widely.
 
Last edited:
my wan connections are totally fine though. i have fios there is nothing better. i mean if you wanna call me a liar thats cool. you can point to something in logs to place blame elsewhere even if not noticeable in the realworld. but you won't ever be able convince anyone that doesn't have noticeable issues otherwise. for example the log says it reconnects in 9 seconds. but in the 'realword' my devices can take 5 minutes. it does seem to be a common thing with merlins firmware though indeed. and people running their own pfsense firewalls mistakenly running multiple clients from what i can find in my brief googling.

gonna try setting up the vpn in client 1 instead of client 5 maybe that is causing issues. i just put to policy rules strict instead of policy rules. i mean if i have to turn off policy rules or stop setting policies for wan clients to stop it from happening that would suck since its the reason i went to merlins firmware in the first place. i have 5 other clients and its only happening on the asus router.

https://www.snbforums.com/threads/openvpn-inactivity-timeout-ping-restart-restarting.38777/ i see in another snb thread people suggesting some lines for keepalive or dhcp-dns but i will wait on that for now. i think its set in the router to happen every hour man, i'm not entirely sure but it doesn't seem random. i don't think it has anything to do with the isp or the vpn. probably not an issue for most but on some of my devices its noticeable. like my echo devices which take a while to reconnect to the dns or a tv losing connection or a camera.

speaking of isp's killing connections though. my route to amazon was fkd friday night when watching the latest episode of the boys. went on downdetector and it seems it wasn't just me issues starting around the time i was watching to prime video. put the tv behind the vpn, and boom, no buffering no issues. no need to even complain to the isp at that point. issues with the isp to prime seem to be resolved now but just like to throw out reasons for using a vpn since most people think they are only for criminals lol.
 
Last edited:
Decided to return the ax58u and go back to the ac66u_b1. VPN speeds and wireless range are not a big enough upgrade to justify it as a replacement and i feel its less stable. I don't have enough ax devices or fast enough isp speed to make it worth it to me. waste of money.
 
Last edited:
turns out I mispoke. the ac66u_b1 is getting the same vpn restarts and drops. and the 5g wireless range on he ax58u is indeed much better. blow the ac66u out the water. but weirdly the speeds on the ac66u1 are actually better on 5g. like instead of 40-50 all the time. i'm getting up to 50-65Mbs now. bonkers. I feel like throwing the ax58u in the trash can.
 
Last edited:
Turns out it was the vpn. i didn't want to give up so changed to different vpn service with merlin again, and now no issues at all. the log is completely silent now for over 12 hours on my ac66u-b1 no more inactivity time out restarts and no auth fails. no ovpnclient entries at all and no loss of connections. i'm assuming was probably the same issue on the ax58u. nordvpn tech support is not as bad as express vpn but they are pretty bad. lol. I would stay away from both of them. nord either told me to change my password or said the firmware was bugged. sent them my logs photos of my settings. they say they allow 6 devices but it seems flaky and only the router ever had issues probably cause i wasn' using their app. i had a sneaking suspicion it was a multiple devices issue.

how do i mark as solved?

Now i'm thinking of getting the ac86u and popping merlin on there lol. Policy rules is working great thanks Merlin for all your hard work.
 
Last edited:

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top