OpenVPN TAP Client Causes AX88U Server Reboot

[DigitizedMe]

I'm fishing around to see if anyone else has ran across something similar using an AX88U as a TAP OpenVPN server. I can't pin down when it started happening, but I can verify it didn't knock the router out in the past.

When I try to connect home with a Windows 10 client with the latest version of OpenVPN with GUI, it eventually causes the router to reboot. Usually I can connect, run a consistent ping to the gateway, and everything will work fine for a bit until it spontaneously reboots. Sometimes I can't and it causes an immediate reboot. The system logs don't show anything out of the ordinary before the reboot.

I can't find a pattern, except this only happens with Windows 10. It doesn't happen using Android or Ubuntu on the same dual boot laptop. I have also reset and restored the router to default configuration and reloaded the OpenVPN setup with all other settings as default.

Certificates were created using the Easy RSA tool and copied them into the OpenVPN > Advanced > Keys and certificates on my AX88U.

 

[DigitizedMe]

Following up for future use. This is now a bug report with OpenVPN. The culprit appears to be BitLocker drive encryption enabled on a Windows 10 PC using TAP.
https://community.openvpn.net/openvpn/ticket/1339#ticket

I found I could not knock the router out by connecting with any other devices, same certificates, same configuration, including another Windows 10 device. I suspended BitLocker protection on the offending laptop, and all is well once again. I cannot cause an OpenVPN disconnect or router reboot anymore.

I'm going to throw a dart and say AES-NI acceleration on the client CPU is causing some crazy conflict with the TAP adapter that the AX88U host doesn't know how to interpret, causing it to reboot.

 

[netware5]

I am using OpenVPN server with TAP on Asus Merlin since 2013. First on RT-N66 and during last year on RT-AX88U. I am using Windows 10 2004 OpenVPN client. Never experienced server reboots, but I don't use Bitlocker on my Windows client. So probably you are right regarding Bitlocker conflict.

 

[DigitizedMe]

I ran my trusty N66U for a pretty long time with Merlin and OpenVPN TAP too. Tried and true.

I have been using IPSEC with the AX88U to take advantage of the coprocessor with crypto acceleration. I hadn't used OpenVPN in about a year and tried to switch back and kept crashing the router at home. (Wife is about to strangle me). Couldn't figure out what changed that could possibly affect the router on site.

In the meantime, I had purchased an NVMe drive, reformatted and enabled BitLocker with XTS-AES encryption. I couldn't have imagined this had anything to do with the VPN host crashing.

 

[DigitizedMe]

After testing for a week, I can confirm it is NOT BitLocker. Although it does appear to be related somehow, the forced restarts began to happen over time and are now persistent again with BitLocker entirely disabled.

It has to be something with the virtual TAP adapter on this specific Dell Precision 3510 laptop with Windows 10 version 2004 installed. I have no problems with Ubuntu dual boot on this same device, so I don't believe it's hardware related.

I've tried AX88U hard resets, different versions of Merlin, reconfigured all AX88U and Windows OpenVPN settings with nothing else activated outside of defaults, and different client devices to include a Dell Latitude 5480 with Windows 10 version 1909 installed.

So far the only solution is using TUN on this device/OS combination.

 

[sojomy]

Did anyone else ever have or fix this issue? I have a brand new Asus RT-AX86U PRO with the newest Merlin firmware on it (until 30 minutes ago it had 388.2_2 on it, but no difference), and I have one client that every time she connects to the TAP VPN server in this router, the entire router reboots. I can connect from my computer with no issues, and we're both using the same client config file and the same version of OpenVPN client. Here's the weird part... if I disable the 2.4GHz radio on the router, the problem goes away! I only found that on accident because I was trying to compare the system log, and with the 2.4GHz turned on, I kept getting WiFi device connection info in the log, so I disabled the radios temporarily so I could get clean comparisons on the log files. I have replicated this problem repeatedly by enabling and disabling the 2.4GHz radio, and every time it's disabled, there are no issues, but every time it's enabled, the client connecting to the VPN reboots the entire router. When the 2.4GHz is disabled the client can connect, disconnect, stay connected for 30 minutes with no issue.

Does anyone know what the 2.4GHz radio would have to do with the OpenVPN server?!?