I am trying to set up OpenVPN on an RT-AC3200 running Asuswrt-Merlin firmware 384.5 and in router mode.
The VPN server (OpenVPN Server 1 configured on the Asus) is on and marked as running while the OpenVPN client (running on Windows 8.1 Pro and connected to an iPhone hotspot for testing) shows as being Connected. The client log is repeating this:
Mon Jul 23 14:19:59 2018 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
Mon Jul 23 14:19:59 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]24.177.198.247:1194
Mon Jul 23 14:19:59 2018 UDP link local: (not bound)
Mon Jul 23 14:19:59 2018 UDP link remote: [AF_INET]24.177.198.247:1194
Mon Jul 23 14:20:59 2018 [UNDEF] Inactivity timeout (--ping-restart), restarting
Mon Jul 23 14:20:59 2018 SIGUSR1[soft,ping-restart] received, process restarting
The server is showing:
The RT-AC3200 is sitting behind a HITRON cable modem/router with a dynamic IP provided by our ISP. Does it matter that we're not using the router on the modem?
Possibly related is the yellow exclamation point by the DDNS label on the Network Map page. When I click it, I get an empty pop-up.
On the DDNS tab of the WAN page, I see this:
The wireless router currently uses a private WAN IP address.
This router may be in the multiple-NAT environment and DDNS service cannot work in this environment.
Which looks related.
I was not getting this error when setting the Asus up initially, probably due to the previous modem being without router capability.
As an aside, I'm getting "Invalid IP Address!" when I try changing the DDNS Host name, though the displayed name is changed after I close the error dialog.
I tried enabling port forwarding on the WAN page, but it won't let me select Open VPN from the Famous Server List.
Other things:
The VPN server (OpenVPN Server 1 configured on the Asus) is on and marked as running while the OpenVPN client (running on Windows 8.1 Pro and connected to an iPhone hotspot for testing) shows as being Connected. The client log is repeating this:
Mon Jul 23 14:19:59 2018 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
Mon Jul 23 14:19:59 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]24.177.198.247:1194
Mon Jul 23 14:19:59 2018 UDP link local: (not bound)
Mon Jul 23 14:19:59 2018 UDP link remote: [AF_INET]24.177.198.247:1194
Mon Jul 23 14:20:59 2018 [UNDEF] Inactivity timeout (--ping-restart), restarting
Mon Jul 23 14:20:59 2018 SIGUSR1[soft,ping-restart] received, process restarting
The server is showing:
The wireless router currently uses a private WAN IP address (192.168.x.x, 10.x.x.x or 172.16.x.x). Please refer to the FAQ and set up the port forwarding.
The RT-AC3200 is sitting behind a HITRON cable modem/router with a dynamic IP provided by our ISP. Does it matter that we're not using the router on the modem?
Possibly related is the yellow exclamation point by the DDNS label on the Network Map page. When I click it, I get an empty pop-up.
On the DDNS tab of the WAN page, I see this:
The wireless router currently uses a private WAN IP address.
This router may be in the multiple-NAT environment and DDNS service cannot work in this environment.
Which looks related.
I was not getting this error when setting the Asus up initially, probably due to the previous modem being without router capability.
As an aside, I'm getting "Invalid IP Address!" when I try changing the DDNS Host name, though the displayed name is changed after I close the error dialog.
I tried enabling port forwarding on the WAN page, but it won't let me select Open VPN from the Famous Server List.
Other things:
- icanhzip.com is showing a different address (24.177.198.92) than on the Network Map (192.168.44.2).