Solution 'Authentication failed, Server TLS version is too low' appears when connecting OpenVPN of DSL Modem
This Article Applies to:
Archer VR2100 V1, VR2100v V1, VR600 V3, VR400 V3, VR2800 V1
Issue Description:
After updating the OpenVPN client version, some users might be unable to connect to the OpenVPN server of DSL modem router, and OpenVPN client prompts "Authentication failed, and Server TLS version is too low".
Solutions:
1. For Archer VR2100 V1 and VR400 V3, please try installing the following beta firmware:
For VR2100 V1: Archer_VR2100_V1_1.8.0_Build_231114
For VR400 V3: Archer_VR400_V3_1.6.0_Build_231024
Note: Please be sure you have read the Terms and Conditions for TP-Link Beta Firmware before proceeding.
2. For all models, please open the OpenVPN Connect client >> click the three-line symbol in the upper left corner >> Settings >> Slide to the bottom to find the Advanced Settings >> Set Minimum TLS Version to TLS1.0, then test if it will be able to connect the OpenVPN Server properly.
If there is any further issue, please leave us your comment and provide the following information:
1) Model no., hardware and firmware version of your TP-Link DSL modem router
2) The version of your OpenVPN Client software
3) Screenshot of the error message and also the Minimum TLS Version
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Settings Dialog in actual Client (3.4.2) is different!
You have to switch to "Insecure", this allows TLS 1.0.
Connection is working with this Setting.
- Copy Link
- Report Inappropriate Content
Thanks a lot for sharing the new settings image on your Client (3.4.2), which will help others a lot.
- Copy Link
- Report Inappropriate Content
unfortunately the Beta Firmware for the VR2100v1 is rejected by the device with Error 4503.
update to the latest V 1.17 was no problem
so FW is now: 1.17.0 0.9.1 v009e.0 Build 230831 Rel.3356n
HW is: Archer VR2100v v1 00000000
- Copy Link
- Report Inappropriate Content
Hi, upon checking, 1.17.0 0.9.1 v009e.0 Build 230831 Rel.3356n is a firmware for Archer VR2100v(DE) V1, which is actually a different model from Archer VR2100 V1, that is why your VR2100v cannot install the beta firmware for VR2100, you could try the solution 2 to modify the OpenVPN Client settings.
- Copy Link
- Report Inappropriate Content
Thank you for the link of the latest beta version of the VR2100v DSL router.
I was wondering if there's a resolution implemented that allows accessing the router via OpenVPN but without activating the remote management option. I read quite a few posts regarding this issue and this request and I am myself of the opinion that OpenVPN alone allows a safe access to the router. But having the remote management option being enabled is much more a safety hazard because the webinterface is then being accessible from anywhere over the internet and only protected by a password. I rather prefer to allow a connection by OpenVPN and not allowing my router to respond at all from anywhere else on the internet.
Apologies for my short essay but it would be really, really great if such a resolution was implemented in this beta version and, of course, in the next stable :-)
TIA!
- Copy Link
- Report Inappropriate Content
My workaround is to connect to VPN and use remote desktop to a computer local to router and access the router settings there. Not ideal, and requires a PC to be on but at least it is more secure.
- Copy Link
- Report Inappropriate Content
Any update on when this new firmware for Archer VR2100 will be in the "stable" release? I would prefer not to install beta firmware for a production router.
Also an option to have a client list of username / passwords to log into the OpenVPN would be nice.
- Copy Link
- Report Inappropriate Content
Is there no fix for the Archer VR 2800 coming? I see it's still listed as a current product on TP-Link's website and remains for sale. Enabling insecure protocols is not a suitable long term workaround for a VPN, TLS 1.0 has been deprecated for 3+ years now due to vulnerabilities and the current version TLS 1.3 has been in available for 5 years. Do TP-Link have plans to provide firmware that supports TLS 1.3?
- Copy Link
- Report Inappropriate Content
@Sunshine Hi, The above files do not install on VR600. I have downloaded the latest firmware from TP Link web site but it does not fix TLS problem.
Can you please help?
- Copy Link
- Report Inappropriate Content
@stu1234 Hi,
stu1234 wrote
Is there no fix for the Archer VR 2800 coming? I see it's still listed as a current product on TP-Link's website and remains for sale. Enabling insecure protocols is not a suitable long term workaround for a VPN, TLS 1.0 has been deprecated for 3+ years now due to vulnerabilities and the current version TLS 1.3 has been in available for 5 years. Do TP-Link have plans to provide firmware that supports TLS 1.3?
VR600 Fix is not available either,
Regards
- Copy Link
- Report Inappropriate Content
Information
Helpful: 4
Views: 12353
Replies: 26