What's new

VPN Client connection issues using ASUS RT-AC86U

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

AliBr0

New Around Here
Dear SNB community,

I am trying to setup a second Wifi network at home, the primary network for normal internet access, the secondary one as a VPN network, connected to my VPN server in the UK.

My UK VPN server uses PiVPN setup on a Raspberry Pi and works fine with my PC and laptop using Open VPN clients via my primary network.

I have now setup my newly purchased ASUS RT-AC86U and configured it to connect to the PiVPN using the config file and username/password. However a connection cannot be established and the icon simply rotates, showing that it is trying to connect but nothing happens. I have done some research and it seems that my primary router (provided by ISP Telekom - model Speedport Smart 3) does not have a menu function to enable VPN passthrough. However, does the functioning of my client on my PC indicate this is no issue? If not, could that be the problem? Can I bypass using port forwarding and if so how do I know which ports to forward etc.?

My secondary router is connected to the primary router via LAN cable from the LAN 4 (primary router) to the WAN connection (secondary router).

It has long been a dream to have a UK VPN network at home in Germany and I would appreciate any help at all to get it running.

Thanks,

Ali
 
VPN passthrough is NOT relevant to OpenVPN. And as long as the OpenVPN server is otherwise accessible from clients on your local network, there's no obvious reason the router shouldn't be just as capable. Port forwarding is irrelevant too (to the extent it was even necessary, it would only be relevant to the OpenVPN server side).

Something else is amiss.

When the VPN is NOT active, does that second router otherwise have normal access to the internet through the primary router?
 
Hi Eibgrad, thanks for the quick reply!

Yes the second router has access and devices connecting via it also work fine.

Is there anything I could trouble shoot?

thanks for your help!
 
The OpenVPN logs (client and server) often reveal the problem(s).
 
Last edited:
Thanks Eibgrad. Here a copy of the log. I am afraid it does not mean a whole lot to me. What do I need to do?

Dec 8 08:33:45 rc_service: httpd 1271:notify_rc restart_vpncall
Dec 8 08:33:49 vpnclient5[2984]: OpenVPN 2.4.7 arm-buildroot-linux-gnueabi [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Oct 12 2020
Dec 8 08:33:49 vpnclient5[2984]: library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.03
Dec 8 08:33:49 vpnclient5[2985]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 8 08:33:49 vpnclient5[2985]: neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Private Key Password:'. If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.
Dec 8 08:33:49 vpnclient5[2985]: Exiting due to fatal error
 
Based on that error message, I'm guessing you specified the auth-user-pass directive (w/o the optional file argument) in the custom config field.

The auth-user-pass directive when specified w/o a file argument tells the OpenVPN client to prompt thr user for the username/password. But since the OpenVPN client is running on the router, it's not an interactive process, so it fails. When run on the router, auth-user-pass needs to specify a file argument that contains the username/password, which is exactly what the username/password fields in the OpenVPN client GUI do. But I suspect you added auth-user-pass to custom config as well, which is incorrect because it ends up overriding the GUI.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top