RT-AС86U OpenVPN Trouble

[Andrew.N]

Hello!
I am facing the following problem:
I have a router RT-AC86U firmware version: 386.7_0
For the second time in 3 weeks, OpenVPN profiles are erased on my own, and so are all routes.
I do not understand what it is connected with, here is what I found in the logs:

Sep  1 07:35:26 ntpd: Initial clock set
Sep  1 07:35:26 rc_service: ntpd_synced 2290:notify_rc restart_diskmon
Sep  1 07:35:26 disk_monitor: Finish
Sep  1 07:35:26 disk_monitor: be idle
Sep  1 07:35:26 openvpn-routing: Configured killswitch on VPN client 4
Sep  1 07:35:26 rc_service: ntpd_synced 2290:notify_rc start_vpnclient4
Sep  1 07:35:26 openvpn-routing: Configured killswitch on VPN client 5
Sep  1 07:35:26 kernel: tun: Universal TUN/TAP device driver, 1.6
Sep  1 07:35:26 kernel: tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
Sep  1 07:35:26 rc_service: ntpd_synced 2290:notify_rc start_vpnclient5
Sep  1 07:35:26 rc_service: waitting "start_vpnclient4" via ntpd_synced ...
Sep  1 07:35:26 ovpn-client4[2346]: --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
Sep  1 07:35:26 ovpn-client4[2346]: Options error: You must define CA file (--ca) or CA path (--capath)
Sep  1 07:35:26 ovpn-client4[2346]: Use --help for more information.
Sep  1 07:35:26 openvpn: Starting OpenVPN client 4 failed!
Sep  1 07:35:26 openvpn-routing: Clearing routing table for VPN client 4
Sep  1 07:35:27 kernel: Init chrdev /dev/idp with major 190
Sep  1 07:35:27 kernel: tdts: tcp_conn_max = 8000
Sep  1 07:35:27 kernel: tdts: tcp_conn_timeout = 300 sec
Sep  1 07:35:27 ovpn-client5[2454]: --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
Sep  1 07:35:27 ovpn-client5[2454]: Options error: You must define CA file (--ca) or CA path (--capath)
Sep  1 07:35:27 ovpn-client5[2454]: Use --help for more information.
Sep  1 07:35:27 openvpn: Starting OpenVPN client 5 failed!
Sep  1 07:35:27 openvpn-routing: Clearing routing table for VPN client 5
Sep  1 07:35:29 kernel: SHN Release Version: 2.0.1 851496c
Sep  1 07:35:29 kernel: UDB Core Version: 0.2.18
Sep  1 07:35:29 kernel: Init chrdev /dev/idpfw with major 191
Sep  1 07:35:29 kernel: IDPfw: flush fc
Sep  1 07:35:29 kernel: IDPfw: IDPfw is ready
Sep  1 07:35:29 kernel: sizeof forward pkt param = 280
Sep  1 07:35:29 BWDPI: fun bitmap = 83
Sep  1 07:35:31 A.QoS: qos_count=0, qos_check=0
Sep  1 07:35:34 rc_service: udhcpc 2160:notify_rc stop_samba
Sep  1 07:35:34 rc_service: udhcpc 2160:notify_rc start_samba
Sep  1 07:35:34 rc_service: waitting "stop_samba" via udhcpc ...
Sep  1 07:35:34 Samba_Server: smb daemon is stopped

Can someone help me figure out what's going on?
Thank you.

 

[ColinTaylor]

Unfortunately that section of the log doesn't tell us anything other than you don't have valid CA files for your VPN profiles.

The certificates are stored in JFFS so if that's full or unmounted it will be a problem. But you'd likely be experiencing other problems as well because of that.

If you upload the complete System Log to pastebin.com and post a link to it we might be able to spot something.

 

[Andrew.N]

Unfortunately that section of the log doesn't tell us anything other than you don't have valid CA files for your VPN profiles.

The certificates are stored in JFFS so if that's full or unmounted it will be a problem. But you'd likely be experiencing other problems as well because of that.

If you upload the complete System Log to pastebin.com and post a link to it we might be able to spot something.

There are CA files, but VPN worked for me all this time.

unfortunately there are no more System logs left, I had to fix the problem by resetting the router to factory settings and setting up the configuration from the very beginning.

But if I have this problem again, I will take all the logs and send you here.

 

[Andrew.N]

Sep 1 07:35:27 openvpn-routing: Clearing routing table for VPN client 5

Here is this line, it is not clear why he cleaned all the routes on his own, what made him do it.

 

[ColinTaylor]

Sep 1 07:35:27 openvpn-routing: Clearing routing table for VPN client 5

Here is this line, it is not clear why he cleaned all the routes on his own, what made him do it.

That's a normal message. The VPN client is shutting down so it removes the routes that it created.