[ Solved ] Good Setting to OpenVPN Client working

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
Nicolas86
DD-WRT Novice


Joined: 01 Jul 2019
Posts: 4
PostPosted: Thu Jul 04, 2019 17:41    Post subject: [ Solved ] Good Setting to OpenVPN Client working Reply with quote
English.

I try to configure an OpenVPN Client on a Linksys E1700 DD-WRT v3.0-r37305 std.

I've dowload an .OVPN file from my VPN provider and have Setting my Router with the different Setting found in it.

(in attachement the OPVN File and the Router Setting.)

But the router will not connect and restart the connection continiously

(in attachement the log file.)

can you help me to find where is the wrong parameter?

Thank to all for your futur answers
_________________
Linksys E1700 DD-WRT v3.0-r37305 std

Last edited by Nicolas86 on Mon Jul 08, 2019 18:35; edited 1 time in total
Back to top View user's profile Send private message
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12915
Location: Netherlands
PostPosted: Fri Jul 05, 2019 17:23    Post subject: Reply with quote
Begin with removing everything from additional config and then restart the router.
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Back to top View user's profile Send private message
Nicolas86
DD-WRT Novice


Joined: 01 Jul 2019
Posts: 4
PostPosted: Fri Jul 05, 2019 21:11    Post subject: Reply with quote
HiI egc and thanks for your help.

I've deleted all the paramters in additionnal config field.

Now the OpenVPN log show:

Code:
Client: TCP_CONNECT Local Address:
Remote Address:

Status
VPN Client Stats
TUN/TAP read bytes   0
TUN/TAP write bytes   0
TCP/UDP read bytes   0
TCP/UDP write bytes   0
Auth read bytes   0

Log
Clientlog:
19700101 01:00:14 W WARNING: Using --management on a TCP port WITHOUT passwords is STRONGLY discouraged and considered insecure
19700101 01:00:14 W WARNING: file '/tmp/openvpncl/client.key' is group or others accessible
19700101 01:00:14 W WARNING: file '/tmp/openvpncl/ta.key' is group or others accessible
19700101 01:00:14 W WARNING: file '/tmp/openvpncl/credentials' is group or others accessible
19700101 01:00:14 I OpenVPN 2.4.6 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Oct 10 2018
19700101 01:00:14 I library versions: OpenSSL 1.1.1 11 Sep 2018 LZO 2.09
19700101 01:00:14 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16
19700101 01:00:14 W WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
19700101 01:00:14 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 01:00:14 W WARNING: Your certificate is not yet valid!
19700101 01:00:14 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
19700101 01:00:14 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
19700101 01:00:14 I TCP/UDP: Preserving recently used remote address: [AF_INET]195.20.51.180:443
19700101 01:00:14 Socket Buffers: R=[87380->87380] S=[16384->16384]
19700101 01:00:14 I Attempting to establish TCP connection with [AF_INET]195.20.51.180:443 [nonblock]
20190705 22:42:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190705 22:42:48 D MANAGEMENT: CMD 'state'
20190705 22:42:48 MANAGEMENT: Client disconnected
20190705 22:42:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190705 22:42:48 D MANAGEMENT: CMD 'state'
20190705 22:42:48 MANAGEMENT: Client disconnected
20190705 22:42:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190705 22:42:48 D MANAGEMENT: CMD 'state'
20190705 22:42:48 MANAGEMENT: Client disconnected
20190705 22:42:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190705 22:42:48 D MANAGEMENT: CMD 'status 2'
20190705 22:42:48 MANAGEMENT: Client disconnected
20190705 22:42:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190705 22:42:48 D MANAGEMENT: CMD 'log 500'
20190705 22:42:48 MANAGEMENT: Client disconnected
20190705 22:43:58 N TCP: connect to [AF_INET]195.20.51.180:443 failed: Operation timed out
20190705 22:43:58 I SIGUSR1[connection failed(soft) init_instance] received process restarting
20190705 22:43:58 Restart pause 5 second(s)
20190705 22:44:03 W WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
20190705 22:44:03 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20190705 22:44:03 I TCP/UDP: Preserving recently used remote address: [AF_INET]195.20.51.180:443
20190705 22:44:03 Socket Buffers: R=[87380->87380] S=[16384->16384]
20190705 22:44:03 I Attempting to establish TCP connection with [AF_INET]195.20.51.180:443 [nonblock]
20190705 22:46:11 N TCP: connect to [AF_INET]195.20.51.180:443 failed: Operation timed out
20190705 22:46:11 I SIGUSR1[connection failed(soft) init_instance] received process restarting
20190705 22:46:11 Restart pause 5 second(s)
20190705 22:46:17 W WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
20190705 22:46:17 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20190705 22:46:17 I TCP/UDP: Preserving recently used remote address: [AF_INET]195.20.51.180:443
20190705 22:46:17 Socket Buffers: R=[87380->87380] S=[16384->16384]
20190705 22:46:17 I Attempting to establish TCP connection with [AF_INET]195.20.51.180:443 [nonblock]
20190705 22:48:25 N TCP: connect to [AF_INET]195.20.51.180:443 failed: Operation timed out
20190705 22:48:25 I SIGUSR1[connection failed(soft) init_instance] received process restarting
20190705 22:48:25 Restart pause 5 second(s)
20190705 22:48:30 W WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
20190705 22:48:30 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20190705 22:48:30 I TCP/UDP: Preserving recently used remote address: [AF_INET]195.20.51.180:443
20190705 22:48:30 Socket Buffers: R=[87380->87380] S=[16384->16384]
20190705 22:48:30 I Attempting to establish TCP connection with [AF_INET]195.20.51.180:443 [nonblock]
20190705 22:50:39 N TCP: connect to [AF_INET]195.20.51.180:443 failed: Operation timed out
20190705 22:50:39 I SIGUSR1[connection failed(soft) init_instance] received process restarting
20190705 22:50:39 Restart pause 5 second(s)
20190705 22:50:44 W WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
20190705 22:50:44 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20190705 22:50:44 I TCP/UDP: Preserving recently used remote address: [AF_INET]195.20.51.180:443
20190705 22:50:44 Socket Buffers: R=[87380->87380] S=[16384->16384]
20190705 22:50:44 I Attempting to establish TCP connection with [AF_INET]195.20.51.180:443 [nonblock]
20190705 22:51:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190705 22:51:48 D MANAGEMENT: CMD 'state'
20190705 22:51:48 MANAGEMENT: Client disconnected
20190705 22:51:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190705 22:51:48 D MANAGEMENT: CMD 'state'
20190705 22:51:48 MANAGEMENT: Client disconnected
20190705 22:51:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190705 22:51:48 D MANAGEMENT: CMD 'state'
20190705 22:51:48 MANAGEMENT: Client disconnected
20190705 22:51:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190705 22:51:48 D MANAGEMENT: CMD 'status 2'
20190705 22:51:48 MANAGEMENT: Client disconnected
20190705 22:51:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20190705 22:51:48 D MANAGEMENT: CMD 'log 500'
19700101 01:00:00


with always this identification failure.
Question Exclamation Question

I've trying with an OpenVPN client GUI it's appearts than without all the certification code its is non possible to etablishing the tunnel...

any other idea?

put the Certification code in a file? but where?

i'm lost with it

thanks for the helping in the futur
_________________
Linksys E1700 DD-WRT v3.0-r37305 std
Back to top View user's profile Send private message
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12915
Location: Netherlands
PostPosted: Sat Jul 06, 2019 9:04    Post subject: Reply with quote
You can try the following:
Start with adding the following to the additional config:
remote-cert-tls server
verb 4
key-direction 1

Set TLS cipher to None, LZO compression to Adaptive

Check if the keys and certificates are correct you only should put everything and including:
----BEGIN -------
blaBLa
----END -------

It is often very challenging to translate an .ovpn config file in DDWRT Sad

Ask Zenmate for instructions?
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Back to top View user's profile Send private message
Nicolas86
DD-WRT Novice


Joined: 01 Jul 2019
Posts: 4
PostPosted: Sun Jul 07, 2019 7:37    Post subject: Reply with quote
Hi egc, first of all thanks to you for trying solving my problem.

I've try to contact the Zenmate service before commin here but there are not solve my probleme... there said " this parameters works for a lot of user... " ok for a lot of user and for the reste?!? since a have no other feedback from her.

I have try with your recommandation of parameters but it's no solving...

I have also try with an UDP connection... nothing.

but i don't lost hope. Very Happy

If some one with a Zenmate connection have this issue or have solve the probleme of connection there can said us how to.

To the next episod...

Zenmate VPN Saga

Nicolas
_________________
Linksys E1700 DD-WRT v3.0-r37305 std
Back to top View user's profile Send private message
Nicolas86
DD-WRT Novice


Joined: 01 Jul 2019
Posts: 4
PostPosted: Mon Jul 08, 2019 18:34    Post subject: Reply with quote
Hi everyone,

This evening the saga is ending...

The Zenmate team have give me the good link to download the paramaters.


Spécial thank to EGC you are really the Guru.

If some one as some difficulties too download VPN parameters, I was enjoyng to help im too.
_________________
Linksys E1700 DD-WRT v3.0-r37305 std
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum