OpenVPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

OpenVPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
OpenVPN
OpenVPN
2023-04-04 20:17:50
Tags: #VPN
Model: Archer A7  
Hardware Version: V5
Firmware Version:

When I try to setup OpenVPN on my router connection from remnote is refused (TLS rejected) :

I registered *.ddns.net and set it on router (connection succed), then I enabledOpenVPN server, generated certificate and import it to client on Android mobile but when trying to connect it is refused with error "TLS Error: TLS handshake failed" as below

 

2023-04-04 21:21:35 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2023-04-04 21:21:35 TLS Error: TLS handshake failed
2023-04-04 21:21:35 SIGUSR1[soft,tls-error] received, process restarting
 

Time on router is synchronized.

 

Thank you

  1      
  1      
#1
Options
10 Reply
Re:OpenVPN
2023-04-26 13:29:19 - last edited 2023-04-26 13:40:44

 Hi,  I have the same problem and have found no solution.  PLEASE your assistance

 

 

 

  @kotuha.openvpn

 

openvpn2

  0  
  0  
#2
Options
Re:OpenVPN
2023-04-26 17:31:15

  @kotuha 

 

Hi,

 

Please log into your Archer A7's admin webpage and then look up and report back the numbers of the first two segments of your router's Internet IP address. (as pointed out in the screenshot below)

 

  0  
  0  
#3
Options
Re:OpenVPN
2023-04-27 00:39:39

  @woozle Thanks for your reply.  Here the requested

 

  0  
  0  
#4
Options
Re:OpenVPN
2023-04-27 00:40:29

  @lchow 

  0  
  0  
#5
Options
Re:OpenVPN
2023-04-27 17:29:41 - last edited 2023-04-27 17:32:28

  @lchow 

 

Ok. There you can see why it isn't working.

 

As per the logs you posted earlier, the OpenVPN client is sending it's connection requests to the IP address 190.218.49.5.

 

However, the OpenVPN server of the Archer A7 router is listening for incoming connections on the Archer A7's "Internet" port, which has the IP address 192.168.0.2.
Furthermore, this IP address is a so-called private IP address. (to be used in private networks)

This all means that between your Archer A7 and the actual Internet there is at least one more NAT router.

 

In case that additional NAT router is located at your home and directly connected to "Internet" port of the Archer A7 and you also can log into it's configuration webpage, then you may go ahead and configure the so-called "port forwarding" on that additional router and hope that is enough to make your OpenVPN work.

(if such device indeed exists, then let us know the make and model of it and maybe someone here can assist you with the configuration)

 

If that NAT device is not at your home and you have no access to it, then only your Internet Service Provider could help you further with your issue.

 

  0  
  0  
#6
Options
Re:OpenVPN
2023-04-29 15:00:18

  @woozle I was not sure, but you confirm me that. As I can see my IP address is dynamic and CGNAT, so I have to the only possibility to tove this with my ISP. Thank you for info. Pavel

  0  
  0  
#7
Options
Re:OpenVPN
2023-05-02 18:23:16

  @woozle 

 

Hi,

I will check with the ISP and get back to you.

  0  
  0  
#8
Options
Re:OpenVPN
2023-06-07 04:50:29

  @woozle 

Hi

I experience a similar issue.

I did check the adress and it is the same: the openvpn attempt to connect to 100.64.202. 90 while the IP address on the tplink router is 100.64.237.161

However, the log adds :IPv6: false

 

appreciate your help,

thank you

  0  
  0  
#9
Options
Re:OpenVPN
2023-06-08 21:39:55

  @Chenka 

 

Hi,

 

The two IP addresses you mentioned are within the IP address range used for CGNAT. (100.64.0.0 to 100.127.255.255)

 

Therefore a solution to the problem can only be provided by your Internet Service Provider. Just tell them you'd like to be able to access your home network from the Internet and they should know what they need to do.

 

Whether IPv6 is available or not doesn't matter in this case, because the OpenVPN of the Archer router will only work with IPv4. 

  2  
  2  
#10
Options
Re:OpenVPN
2023-06-10 04:04:25
Thank you very much! will contact my internet provider :)
  0  
  0  
#11
Options