Posted: Mon Feb 11, 2019 15:00 Post subject: OpenVPN not working over UDP
Hello guys,
What can i do to make OpenVPN work over UDP, it works fine from LAN(192.168.1.1) but not from outside. TCP works fine from outside.
I tried with the firewall disabled on both devices, different settings and firewall setting but nothing worked.
Since it works from LAN and i don't think the ONT is blocking, i feel like it needs some settings to pass the UDP data from the WAN to the LAN but i don't know networking so..
My network:
I have a ONT and a router, the OpenVPN is on the router.
The router is behind the ONT, linked using cable and gets the IP using Auto DHCP.
I added the router IP to the ONT DMZ so i can have all the ports open.
ONT FiberHome AN5506-02-FG - 10.10.10.9
Router Linksys e900 - 192.168.1.1 / OpenVpn 192.168.100.0
DD-WRT v3.0-r38570M mega (02/04/19), but i also tried with a slightly older build.
Ok, i ditched the firewall rules and only let the POSTROUTING.
I tried the MTU thing yesterday, and now again with different combinations and values but didn't work.
When the client is trying to connect i can see the bold line in syslog, then fails with the TLS error.
Feb 11 17:18:50 DD-WRT daemon.notice openvpn[19600]: 10.10.10.12:53736 TLS: Initial packet from [AF_INET]10.10.10.12:53736, sid=2be051c7 d30d4741
Feb 11 17:19:50 DD-WRT daemon.err openvpn[19600]: 10.10.10.12:53736 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Feb 11 17:19:50 DD-WRT daemon.err openvpn[19600]: 10.10.10.12:53736 TLS Error: TLS handshake failed
We got fiber to the door, the ONT is in the apartment.
The ONT WAN IP is Public, in the picture bellow you can see how the network looks.
I'm using the Public IP(5.13.221.xxx) to reach the OpenVPN on the router.
It might be ONT blocking, but the software is locked by the ISP and have limited access.
I don't know, i waste 2 days trying to get the UDP working because i get slightly better speeds than TCP but unless you guys have some ideas I'm kinda over it.
Posted: Fri Apr 05, 2019 19:51 Post subject: Re: OpenVPN not working over UDP
chiosc wrote:
Hello guys,
What can i do to make OpenVPN work over UDP, it works fine from LAN(192.168.1.1) but not from outside. TCP works fine from outside.
I tried with the firewall disabled on both devices, different settings and firewall setting but nothing worked.
Since it works from LAN and i don't think the ONT is blocking, i feel like it needs some settings to pass the UDP data from the WAN to the LAN but i don't know networking so..
Hi chiosc,
You get any luck with this situation ?
I have the same problem today with E900 with v3.0-r33525 mega.
I've tried MANY different builds and configurations and nothing.
But my main problem is to certify if the OpenVPN daemon has been started or not. I do not find it in /var/run/openvpn.pid (as described in /tmp/openvpn.conf) and there are no processes running under their name (ps aux | grep -i openvpn).
I also tried to start daemon manually by the scripts that are in "/tmp/openvpn" via ssh, but nothing happens ...
neither how to boot through WAN nor how to boot through the system.
I do not think there is something wrong in my configuration, but I will check the parameters again and see if there are even "dirty" (copy & paste effects) in the advanced configuration.
this build is a bit older:
DD-WRT v3.0-r33525 mega (10/17/17)
I pulled it straight from the FTP of "dd-wrt.com" and he is not published on last release, if you look in "Router Database" by the E900.
I choose him, after searching the forum for fix the issues on the E900's Wifi, from some builds (including the newest one) and I came to the conclusion that this was the last stable, and indeed it is...at least on Wifi point.