Help with OpenVPN Server; .11; AC68U

Skagnola · May 19, 2019

Hello - long time lurker and user of Asuswrt-Merlin!

Need a little help with getting the OpenVPN Server to behave as expected. Kinda new to using it. I have gone through some how-tos with setting up /starting OpenVPN server on the AC68U. This one as an example.

After the VPN Server is enabled and launched, I am not seeing the service actually listening while SSHed into the router. I notice at the bottom of the server list there is a 1194:

# netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:5473 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:18017 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:3394 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com: printer 0.0.0.0:* LISTEN
tcp 0 0 localhost.localdomain:netbios-ssn 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:netbios-ssn 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:7788 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:laserjet 0.0.0.0:* LISTEN
tcp 0 0 localhost.localdomain:www 0.0.0.0:* LISTEN
tcp 0 0 10.8.0.1:domain 0.0.0.0:* LISTEN
tcp 0 0 localhost.localdomain:domain 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:domain 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:ssh 0.0.0.0:* LISTEN
tcp 0 0 localhost.localdomain:8443 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:8443 0.0.0.0:* LISTEN
tcp 0 0 localhost.localdomain:445 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:445 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:3838 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:9999 0.0.0.0:*
udp 0 0 0.0.0.0:42000 0.0.0.0:*
udp 0 0 localhost.localdomain:42032 0.0.0.0:*
udp 0 0 10.8.0.1:domain 0.0.0.0:*
udp 0 0 localhost.localdomain:domain 0.0.0.0:*
udp 0 0 router.asus.com:domain 0.0.0.0:*
udp 0 0 0.0.0.0:bootps 0.0.0.0:*
udp 0 0 0.0.0.0:5474 0.0.0.0:*
udp 0 0 0.0.0.0:18018 0.0.0.0:*
udp 0 0 0.0.0.0:7788 0.0.0.0:*
udp 0 0 0.0.0.0:38000 0.0.0.0:*
udp 0 0 0.0.0.0:59000 0.0.0.0:*
udp 0 0 192.168.1.255:netbios-ns 0.0.0.0:*
udp 0 0 router.asus.com:netbios-ns 0.0.0.0:*
udp 0 0 0.0.0.0:netbios-ns 0.0.0.0:*
udp 0 0 192.168.1.255:netbios-dgm 0.0.0.0:*
udp 0 0 router.asus.com:netbios-dgm 0.0.0.0:*
udp 0 0 0.0.0.0:netbios-dgm 0.0.0.0:*
udp 0 0 localhost.localdomain:38032 0.0.0.0:*
udp 0 0 localhost.localdomain:59032 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp 0 0 0.0.0.0:43000 0.0.0.0:*
udp 0 0 localhost.localdomain:61689 0.0.0.0:*
udp 0 0 0.0.0.0:38394 0.0.0.0:*
udp 0 0 :::1194 :::*
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 1536 /var/nmbd/unexpected
unix 2 [ ACC ] STREAM LISTENING 1571 /var/run/lldpd.socket
unix 2 [ ACC ] STREAM LISTENING 1080 /var/run/nt_center_socket
unix 2 [ ACC ] STREAM LISTENING 3412 /etc/cfgmnt_ipc_socket
unix 2 [ ACC ] STREAM LISTENING 1143 /etc/wlcnt_socket
unix 2 [ ACC ] STREAM LISTENING 1441 /var/run/avahi-daemon/socket
unix 2 [ ACC ] STREAM LISTENING 1191 /var/run/nt_actMail_socket
unix 2 [ ACC ] STREAM LISTENING 1381290 /tmp/dropbear-3c7e9890/auth-307ce569-7
unix 2 [ ACC ] STREAM LISTENING 957 /var/run/protect_srv_socket
unix 2 [ ACC ] STREAM LISTENING 1734 /etc/amas_lib_socket

I see there are a couple proc running

# ps | grep "openvpn*"
6113 4816 S /etc/openvpn/vpnserver1 --cd /etc/openvpn/server1 --config config.ovpn
6115 4708 S /etc/openvpn/vpnserver1 --cd /etc/openvpn/server1 --config config.ovpn

If I probe the router for running services, I don't see the VPN running under 1194

nmap 192.168.1.1
Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-19 13:52 Central Daylight Time
Nmap scan report for router.asus.com (192.168.1.1)
Host is up (0.00031s latency).
Not shown: 993 closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
139/tcp open netbios-ssn
445/tcp open microsoft-ds
515/tcp open printer
8443/tcp open https-alt
9100/tcp open jetdirect
MAC Address: (Asustek Computer)

Nmap done: 1 IP address (1 host up) scanned in 1.24 seconds

Below is the OpenVPN server config

# Automatically generated configuration
daemon ovpn-server1
topology subnet
server 10.8.0.0 255.255.255.0
proto udp
port 1194
dev tun21
txqueuelen 1000
ncp-ciphers AES-128-GCM:AES-256-GCM:AES-128-CBC:AES-256-CBC
comp-lzo adaptive
keepalive 15 60
verb 4
push "route 192.168.1.0 255.255.255.0 vpn_gateway 500"
duplicate-cn
push "dhcp-option DNS 192.168.1.1"
plugin /usr/lib/openvpn-plugin-auth-pam.so openvpn
verify-client-cert none
username-as-common-name
ca ca.crt
dh dh.pem
cert server.crt
key server.key
status-version 2
status status 5

# Custom Configuration

The VPN startup log is attached as syslog.txt. Not sure if there is something I have configured incorrectly or missing, etc.

RMerlin · May 20, 2019

Your server runs on 1194 UDP, but your nmap only scans for TCP.

Thread starter	Title	Forum	Replies	Date
D	Asus GT-AX11000 (3004.388.4_beta3) OPENVPN Server help needed vith Site to Site	Asuswrt-Merlin	14	Aug 22, 2023
	Need help with OpenVPN server configured in non-routing mode	Asuswrt-Merlin	1	Jun 28, 2023
C	Solved Need help with nat-start scripts	Asuswrt-Merlin	3	Yesterday at 2:31 AM
G	Need help with VPN	Asuswrt-Merlin	2	Tuesday at 9:07 AM
P	Help with traffic filtering	Asuswrt-Merlin	0	Friday at 9:08 PM
C	Need some help with a DHCP problem	Asuswrt-Merlin	9	Apr 14, 2024
S	Help Required AC68U (TM-AC1900) troubleshooting after power outage	Asuswrt-Merlin	3	Apr 9, 2024
C	Need help with GT-AXE11000 and DNS Director	Asuswrt-Merlin	0	Apr 5, 2024
	need help with network loop.	Asuswrt-Merlin	9	Apr 1, 2024
J	Help - duckdns has started returning an IPv6 IP address	Asuswrt-Merlin	1	Mar 27, 2024

Search

Search

Help with OpenVPN Server; .11; AC68U

Skagnola

New Around Here

Attachments

RMerlin

Asuswrt-Merlin dev

Similar threads

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Members online