Home Network Community > All Threads > Failed OpenVPN Server on AX11000 router
< All Threads

Failed OpenVPN Server on AX11000 router

Failed OpenVPN Server on AX11000 router

Failed OpenVPN Server on AX11000 router
Failed OpenVPN Server on AX11000 router
Thursday
Tags: #OpenVPN configuration
Model: Archer AX11000  
Hardware Version: V1
Firmware Version: 1.3.4 Build 20230906 rel.74809(5553)

Does OpenVPN Server on the AX11000 work?

 

An external VPN device behind the router does. I am unable to configure OpenVPN server on the router to work on a MS Windows or Ubuntu Linux client. The instructions in the User manual https://www.tp-link.com/us/user-guides/archer-ax11000_v1/chapter-11-vpn-server are incomplete. A post in the forum  https://www.tp-link.com/ca/support/faq/3317/ indicated a change was needed in the configuration file. I branched out to using this procedure https://community.tp-link.com/en/home/forum/topic/653446 still no success.

 

I have tried numerous configuration changes and took the network down as the router was rebooted with no success.

 

I have tried different OpenVPN clients. The client on a MS WIndows PC worked with one OpenVPN device behind this router but will not work direct connect to the router.

 

Does OpenVPN server work on my hardware and firmware version?

If yes, can you share the configuration required?

 

  0      
 
  0      
 
#1
Options
2 Reply
Re:Failed OpenVPN Server on AX11000 router
Friday

Hi  @colporteur,

 

It seems that you have referred to this thread to do troubleshooting.

 

Is the router's WAN IP a public IP? Refer to the following information for judgment:

1) Private IPv4 addresses have the following class configurations:

Class A IP addresses: from 10.0.0.0 to 10.255.255.255

Class B IP addresses: from 172.16.0.0 to 172.31.255.255

Class C IP addresses: from 192.168.0.0 to 192.168.255.255

2) Apart from the private IP addresses in the above 3 classes, there is another range of IP addresses, which looks like public IP address, but Carrier Grade NAT (CGNAT) address. They are from 100.64.0.0 to 100.127.255.255, which are usually not real public IP address either.

3) Or you could also google your public IP address on a client device connected to the Router, then compare it with the Router WAN IP address. If they are the same, it means the Router WAN IP is a real public IP address, if not, it means it is private IP address or the CGNAT address.

 

For OpenVPN, you could refer to this guide: How do I troubleshoot if the OpenVPN is not connecting

 

If the above steps still cannot solve the problem, please provide the following information for further troubleshooting:
1.    Model no., hardware and firmware version of your TP-Link router, model no. of the VPN client device
2.    Your specific network topology and what you want to achieve via VPN
3.    The current problem phenomenon
4.    The .ovpn file for OpenVPN, and screenshots of all VPN Settings
5.    Log file of the VPN client if you have

 

 

You can email support.forum@tp-link.com, attaching Forum ID 762126 and details, and we will have a dedicated person to assist in analysis and follow-up.

 

 

Check Out the Latest Posts: Connect TP-Link Archer BE550 to Germany's DS-Lite (Dual Stack Lite) Internet via WAN Archer GE550 - BE9300 Tri-Band Wi-Fi 7 Gaming Router Archer BE550 New Firmware Added Support for EasyMesh in AP Mode, DoH&DoT, ECO Mode, and More Archer AX90 New Firmware Added Support for EasyMesh and Ethernet Backhaul
  0  
  0  
#2
Options
Re:Failed OpenVPN Server on AX11000 router
Friday

  @Joseph-TP Thank you for the response

 

The OpenVPN Server is the scenario I attempted to describe. The scenario can be found here: https://community.tp-link.com/en/home/forum/topic/648406

 

Funny, the hardware and firmware versions questions I answered to establish the post but it didn't get included in the message. Here it is again.

 

Firmware Version 1.3.4 Build 20230906 rel.74809(5553)
Hardware Version Archer AX11000 v1.0

 

top lines of config file generated on AX11000 OpenVPN server

 

client
dev tun
proto udp
float
nobind
cipher AES-128-CBC
comp-lzo adaptive
resolv-retry infinite
remote-cert-tls server
persist-key
persist-tun
remote <dynamic DNS entry> 1194

///below this are the certs are in the original client file///

 

I wanted to confirm my understanding of the operation of a VPN server so I did some testing. I place a VPN server device in the private network side of the AX11000 and setup port forwarding from the public side. When I OpenVPN client to the public facing IP of the router, port forwarding connected me to the VPN server behind the router. I believe I understand the nuances of OpenVPN Server and client. I just can't get the AX11000 to work as an OpenVPN server.

 

The above test gives me confidence I have an OpenVPN client that works. It doesn't work when I pull in the config file generated from the AX11000 router.

 

  0  
  0  
#3
Options

Information

Helpful: 0

Views: 46

Replies: 2

Tags

OpenVPN configuration
Related Articles
No openvpn client option on Archer AX11000?
19124 10
OpenVPN for Archer AX11000
791 0
Unable to connect OpenVPN client to OpenVPN server (router)
352 0
Just Purchased Archer AX11000 Router Wifi Speeds
2056 0
AX11000 router cannot connect to Singtel broadband
1906 0
VX1800v failed connecting to ANY openVPN server!
594 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.