Not able to connect to openvpn server setup on my archer c6

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Not able to connect to openvpn server setup on my archer c6

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Not able to connect to openvpn server setup on my archer c6
Not able to connect to openvpn server setup on my archer c6
2021-08-11 19:49:37
Model: Archer C6  
Hardware Version: V3
Firmware Version: 1.0.5 Build 20201117 rel.41066(5553)

I have archer c6 router which connects to the internet via PPPoE. On this same router I have started the openvpn server. After downloading the config file I edit the .ovpn config file to point the remote to the ddns name I have generated against my public ip address since I do not have a static ip address.

 

remote somedns.tplinkdns.com 1194

 

This is the only change I do in the config file.

 

After which I disconnect my laptop from the wifi and connect it to my mobile hotspot.

Now I try to connect to the vpn server using my openvpn client. I am getting the following error.

 

Thu Aug 12 01:12:28 2021 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
Thu Aug 12 01:12:28 2021 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-128-CBC' to --data-ciphers or change --cipher 'AES-128-CBC' to --data-ciphers-fallback 'AES-128-CBC' to silence this warning.
Thu Aug 12 01:12:28 2021 OpenVPN 2.5.3 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Jun 17 2021
Thu Aug 12 01:12:28 2021 Windows version 10.0 (Windows 10 or greater) 64bit
Thu Aug 12 01:12:28 2021 library versions: OpenSSL 1.1.1k  25 Mar 2021, LZO 2.10
Thu Aug 12 01:12:30 2021 TCP/UDP: Preserving recently used remote address: [AF_INET] [public_ip]:1194
Thu Aug 12 01:12:30 2021 UDP link local: (not bound)
Thu Aug 12 01:12:30 2021 UDP link remote: [AF_INET][public_ip]:1194
Thu Aug 12 01:13:30 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Aug 12 01:13:30 2021 TLS Error: TLS handshake failed
Thu Aug 12 01:13:30 2021 SIGUSR1[soft,tls-error] received, process restarting
Thu Aug 12 01:13:35 2021 TCP/UDP: Preserving recently used remote address: [AF_INET][public_ip]:1194
Thu Aug 12 01:13:35 2021 UDP link local: (not bound)
Thu Aug 12 01:13:35 2021 UDP link remote: [AF_INET][public_ip]:1194

 

 

Can someone please tell me if I am doing anything wrong ? How do I debug this problem ?

  0      
  0      
#1
Options
7 Reply
Re:Not able to connect to openvpn server setup on my archer c6
2021-08-11 23:48:07

@firefly996 

 

Looks like the OpenVPN client can't connect to the OpenVPN server at all.

 

Do you get a response if you do a "ping somedns.tplinkdns.com"?

 

Have you rebooted your Archer C6 after setting up the OpenVPN? (I know this shouldn't be necessary, but just in case ...)

 

Try if disabling and then re-enabling the OpenVPN server on the C6 makes any difference.

 

  0  
  0  
#2
Options
Re:Not able to connect to openvpn server setup on my archer c6
2021-08-12 04:19:55

@woozle Yes I do get a ping on somedns.tplinkdns.com. I have rebooted the router and enabled/disabled the vpn server multiple times. I have also tried from android as well.

Do I need to open port 1194 somewhere, it seems like the server is not accepting the connection at all.

  0  
  0  
#3
Options
Re:Not able to connect to openvpn server setup on my archer c6
2021-08-12 12:23:45

@firefly996 

 

Routers for home use are designed to open the required ports by themselves if you enable certain services that need ports to be open in the firewall.

 

Have you verified that the IP address that is shown in your router's GUI for "Internet" is indeed a public one? It is, if it doesn't fall within any of the following IP address ranges:

 

10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
100.64.0.0 - 100.127.255.255

 

 

For further troubleshooting, could you try out if a PPTP VPN connection to your Archer A6 would work?

  0  
  0  
#4
Options
Re:Not able to connect to openvpn server setup on my archer c6
2021-08-12 15:39:03 - last edited 2021-08-12 17:36:09

@woozle I can see the below details on my status page in router configuration.

 

Internet

Ip address - 172.19.x.x

Subnet Mask - 255.255.255.255

Default gateway - 103.226.x.x

Preferred dns - 175.100.x.x

Secondary dns - 8.8.8.8

Connection Type - PPPoE

 

Lan

Ip Address - 192.168.0.1

Subnet Mask - 255.255.255.0

 

This mean that my ISP uses CGNAT. How do I proceed ?

  0  
  0  
#5
Options
Re:Not able to connect to openvpn server setup on my archer c6
2021-08-12 21:56:55 - last edited 2021-08-12 21:58:32

@firefly996 

 

Really the only thing you can do in this case is to contact your ISP and ask if they have the ability to assign a public IPv4 address to your broadband connection.


Some ISPs will do it upon a user's request (either at no extra cost or by charging an additional fee), but there are also ISP's that don't provide public IPv4 addresses to individual customers at all.

It could also happen that the customer service representative who you get contacted with doesn't even know what a public or a private IP address is. (I've been there before myself)


In any case, normally you are never the only customer who faces this issue. So if you open Google and search for "[My ISP's Name] get public ip address" (or howsoever it is written in your local language) there is always a good chance to find posts of other users about the issue and if you are lucky even the solution.

  0  
  0  
#6
Options
Re:Not able to connect to openvpn server setup on my archer c6
2021-08-13 09:00:58

@woozle I guess that clarifies my problem, now I talk to my ISP and seek appropriate solution. Thank you for you help. smiley

  0  
  0  
#7
Options
Re:Not able to connect to openvpn server setup on my archer c6
2021-08-16 12:20:50

@firefly996 

 

Hi, it seems the same case as the story shared by another customer:

CG-NAT Blocks my OpenVPN and restricks the NAT type

Nice to Meet You in Our TP-Link Community. Check Out the Latest Posts: Connect TP-Link Archer BE550 to Germany's DS-Lite (Dual Stack Lite) Internet via WAN Archer GE550 - BE9300 Tri-Band Wi-Fi 7 Gaming Router EasyMesh Is Available When Wi-Fi Routers Work in AP Mode as A Controller. Archer AX55V2 Supports WireGuard VPN, EasyMesh Ethernet Backhaul, IoT Network, Speed Limit,and More If you found a post or response helpful, please click Helpful (arrow pointing upward icon). If you are the author of a topic, remember to mark a helpful reply as the "Recommended Solution" (star icon) so that others can benefit from it.
  0  
  0  
#8
Options