RT-AC68U OpenVPN server stopped working

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

alan54

New Around Here
OpenVPN server on my Asus RT-AC68U router has stopped working. I have tried rebooting, stop/starting the server, changing the config settings and a firmware upgrade (3.9.9.4.386_43129 installed) with no success. When I try to generate new client.ovpn files the 'Export OpenVPN configuration file' window continually shows "Initialinzing the settings of OpenVPN server now, please wait a few minutes to let the server to setup completed before VPN clients establish the connection." with a spinning wheel.

When stop/starting the server the system log shows:

Aug 20 11:14:20 rc_service: httpd 809:notify_rc stop_openvpnd;restart_samba
Aug 20 11:14:22 Samba Server: smb daemon is stoped
Aug 20 11:14:22 kernel: gro disabled
Aug 20 11:14:45 rc_service: httpd 809:notify_rc restart_openvpnd;restart_chpass;restart_samba
Aug 20 11:14:48 vpnserver1[25346]: Multiple --up scripts defined. The previously configured script is overridden.
Aug 20 11:14:48 vpnserver1[25346]: OpenVPN 2.4.7 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on May 8 2021
Aug 20 11:14:48 vpnserver1[25346]: library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.03
Aug 20 11:14:48 vpnserver1[25347]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Aug 20 11:14:48 vpnserver1[25347]: PLUGIN_INIT: POST /usr/lib/openvpn-plugin-auth-pam.so '[/usr/lib/openvpn-plugin-auth-pam.so] [openvpn]' intercepted=PLUGIN_AUTH_USER_PASS_VERIFY
Aug 20 11:14:48 vpnserver1[25347]: Diffie-Hellman initialized with 2048 bit key
Aug 20 11:14:48 vpnserver1[25347]: TUN/TAP device tun21 opened
Aug 20 11:14:48 vpnserver1[25347]: TUN/TAP TX queue length set to 100
Aug 20 11:14:48 vpnserver1[25347]: /sbin/ifconfig tun21 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Aug 20 11:14:48 vpnserver1[25347]: /bin/sh /jffs/etc/profile tun21 1500 1622 10.8.0.1 10.8.0.2 init
Aug 20 11:14:48 vpnserver1[25347]: WARNING: Failed running command (--up/--down): external program exited with error status: 2
Aug 20 11:14:48 vpnserver1[25347]: Exiting due to fatal error
Aug 20 11:14:48 Samba Server: smb daemon is stoped
Aug 20 11:14:48 kernel: gro disabled

Any ideas how to resolve this?
 

alan54

New Around Here
Thank you Adooni. As your link suggested, a Factory Default reset and complete manual configuration (using a different VPN port) was necessary. This is the response I received from Asus:

"After analyzing your log thoroughly, we have found a suspicious malicious attack from unknown source attempting to intrude your OpenVPN server and deploy malwares to the router. This incident was successfully targeted and blocked by our protection mechanism embedded in ASUS router. This is why you might see the OpenVPN server keeps showing a status of “Initializing” on Web GUI. To solve the issue, we highly suggest you reset the router and do not use OpenVPN server default port 1194 in the future configuration. To further enhance the security level for your network, best practices are recommended in this FAQ [How to make my router more secure?]."
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top