[SOLVED] r7000 with openVPN, RECONNECTING init_instance

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Author Message
TerryTowers
DD-WRT Novice


Joined: 25 Nov 2022
Posts: 6

PostPosted: Fri Nov 25, 2022 15:20    Post subject: [SOLVED] r7000 with openVPN, RECONNECTING init_instance Reply with quote
Netgear r7000, build V3.0-50927.

I've been trying to figure this out for hours, found a lot of similar threads but no luck with the solutions. I started with this guide from NordVPN, https://support.nordvpn.com/Connectivity/Router/1047410342/DD-WRT-setup-with-NordVPN.htm

This is my first time trying to use a vpn through a router so bear with my ignorance please. I keep getting the "reconnecting init_instance" error. From what I've gathered on this forum, it seems to be because I can't get the time right. I'm not sure if it's the NTP or the DNS causing the issue. If I set the NTP to my time zone (GMT+9), it's just wrong. I can set it to a different time zone and get the time within a few minutes but I get the same error. Every time I reset the time and router, it starts the time on the hour exactly and not what the live time is. I've tried different time zones and different Server IP's (pool.ntp.org, jp.pool.ntp.org) including just leaving it blank.

Some threads with similar problems say it's the DNS. I've tried Nord's (103.86.96.100/103.86.99.100) and OpenDNS (208.67.222.222/208.67.220.220).

I tried 2 different servers through Nord, same outcome.

I also tried this config https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=328049&highlight=reconnecting with no luck.

Thanks in advance, here's the log as well.

Client Log:
19700101 09:00:23 W DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
19700101 09:00:23 W WARNING: Using --management on a TCP port WITHOUT passwords is STRONGLY discouraged and considered insecure
19700101 09:00:23 W WARNING: file '/tmp/openvpncl/credentials' is group or others accessible
19700101 09:00:23 I OpenVPN 2.5.8 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 21 2022
19700101 09:00:23 I library versions: OpenSSL 1.1.1s 1 Nov 2022 LZO 2.10
19700101 09:00:23 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16
19700101 09:00:23 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:00:23 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:00:23 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:00:28 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:00:33 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:00:33 W Could not determine IPv4/IPv6 protocol
19700101 09:00:33 I SIGUSR1[soft init_instance] received process restarting
19700101 09:00:33 Restart pause 5 second(s)
19700101 09:00:38 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:00:38 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:00:38 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:00:43 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:00:48 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:00:48 W Could not determine IPv4/IPv6 protocol
19700101 09:00:48 I SIGUSR1[soft init_instance] received process restarting
19700101 09:00:48 Restart pause 5 second(s)
19700101 09:00:53 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:00:53 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:00:53 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:00:58 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:03 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:03 W Could not determine IPv4/IPv6 protocol
19700101 09:01:03 I SIGUSR1[soft init_instance] received process restarting
19700101 09:01:03 Restart pause 5 second(s)
19700101 09:01:08 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:01:08 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:01:08 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:01:13 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:18 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:18 W Could not determine IPv4/IPv6 protocol
19700101 09:01:18 I SIGUSR1[soft init_instance] received process restarting
19700101 09:01:18 Restart pause 5 second(s)
19700101 09:01:23 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:01:23 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:01:23 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:01:28 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:33 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:33 W Could not determine IPv4/IPv6 protocol
19700101 09:01:33 I SIGUSR1[soft init_instance] received process restarting
19700101 09:01:33 Restart pause 10 second(s)
19700101 09:01:43 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:01:43 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:01:43 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:01:48 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:53 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:53 W Could not determine IPv4/IPv6 protocol
19700101 09:01:53 I SIGUSR1[soft init_instance] received process restarting
19700101 09:01:53 Restart pause 20 second(s)
19700101 09:01:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19700101 09:01:53 D MANAGEMENT: CMD 'state'
19700101 09:01:53 MANAGEMENT: Client disconnected
19700101 09:01:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19700101 09:01:53 D MANAGEMENT: CMD 'state'
19700101 09:01:53 MANAGEMENT: Client disconnected
19700101 09:01:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19700101 09:01:53 D MANAGEMENT: CMD 'state'
19700101 09:01:53 MANAGEMENT: Client disconnected
19700101 09:01:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19700101 09:01:53 D MANAGEMENT: CMD 'status 2'
19700101 09:01:53 MANAGEMENT: Client disconnected
19700101 09:01:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19700101 09:01:53 D MANAGEMENT: CMD 'log 500'
19700101 09:00:00


Last edited by TerryTowers on Sat Nov 26, 2022 7:25; edited 4 times in total
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Fri Nov 25, 2022 15:38    Post subject: Reply with quote
Welcome to the forum Smile

I will move this thread to the more appropriate Advanced Networking forum, see the forum guidelines with helpful pointers about how to research your router, where and what firmware to download, where and how to post and many other helpful tips:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087

The Advanced Networking forum also has stickies with setup instructions for OpenVPN:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327398
You need the Client setup which also has a paragraph about NordVPN

Nowadays you can start with importing the client config and check with the settings from the guide (all described there).

But your no 1 priority is getting the right time on your router.
Beste leave the Server IP/Name blank and only set the time zone,
For Static DNS 1 and 2 use DNS server like 9.9.9.9 and 1.0.0.1
After that reboot and check your time it can take a minute or two before the time is set.

Without correct time no VPN Sad

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
TerryTowers
DD-WRT Novice


Joined: 25 Nov 2022
Posts: 6

PostPosted: Fri Nov 25, 2022 18:17    Post subject: Reply with quote
Thanks for helping, I've been reading these guides and learning a lot. Unfortunately I still can't get the time fixed. I tried your advice, a few other configs, and a few other DNS's. Every time I select my time zone it's always 15:00, hopefully that's a clue to a solution. Idk if that's how it's supposed to be but no matter what time zone I pick, they always stay the same time respectively.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Fri Nov 25, 2022 19:32    Post subject: Reply with quote
What happens if you choose another time zone?
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
TerryTowers
DD-WRT Novice


Joined: 25 Nov 2022
Posts: 6

PostPosted: Sat Nov 26, 2022 1:38    Post subject: Reply with quote
They all give different times, but each time zone will always be the same time as it was before. So time zone A will always give me 15:00 and time zone B always gives 19:00, I tried different time zones for hours and this was true for all of them. It doesn’t matter what time it actually is, it’ll always be top of the hour like (XX:00). Any idea what would cause this? It’s like the router or the configuration can’t detect what the real time is so it just spits out a static time.
TerryTowers
DD-WRT Novice


Joined: 25 Nov 2022
Posts: 6

PostPosted: Sat Nov 26, 2022 3:32    Post subject: Reply with quote
I've read the troubleshooting on this page https://wiki.dd-wrt.com/wiki/index.php/Network_Time_Protocol and I believe my problem is A or B. My router is connected to a modem, I've tried the gateway 0.0.0.0 and my modems IP address, they both give the same result. What should the gateway and local DNS be set as?
TerryTowers
DD-WRT Novice


Joined: 25 Nov 2022
Posts: 6

PostPosted: Sat Nov 26, 2022 6:59    Post subject: Reply with quote
UPDATE

I finally got it to connect! It's not perfect but it's working! I changed the Local IP from 192.168.1.1 to 192.168.2.2 and that seemed to have done the trick! Not sure why that worked though. Now my next issue is that my internet speed has dropped quite a bit. Went from about 250mb/s to 30mb/s.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Sat Nov 26, 2022 7:03    Post subject: Reply with quote
Basically all routers are behind a modem, a router is never directly connected to copper, coax or fibre cable so that does not tell us very much.

As the default NTP setting has both a domain name and hard coded IP addresses it should work right out of the box.

My advice reset the router to defaults (press reset button for approx 7-10 sec while the router is running) after the router has restarted you willbe asked to give a name and password, this indicates that the router has reset.
You should have internet and correct time out of the box after a reset unless your modem is also on IP address 192.168.1.1, in that case change the routers "Local IP Address" on Basic Startup page to 192.168.2.1 (provided you have put the ethernet cable in the WAN/interport of the router and you have verified with your PC/laptop that this cable indeed gives you internet from the modem)

For a router in default gateway mode the default settings for Gateway and Local DNS (0.0.0.0) should be fine as are the default time servers because it has a domain name and hard coded IP addresses in case the DNS is not working (but DNS should work right out of the box as it will set your ISP DNS server)

For troubleshooting purposes send screenshots of your setting pages and output of the syslog.

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 2927
Location: Germany

PostPosted: Sat Nov 26, 2022 7:06    Post subject: Reply with quote
I just tested etc/GMT+9 here, as you can see from the log it works fine.

If you set any timezone e.g. GMT+9 and the router starts at 15 o'clock and stays at 15 o'clock then the time is NOT updated.

The log entries of the "ntpclient" will tell you what is not working.


Code:
Dec 31 15:01:09 DD-WRT daemon.debug ntpclient[2061]: Connecting to 3.de.pool.ntp.org [188.40.142.18] ...
Nov 25 22:01:50 DD-WRT daemon.info ntpclient[2061]: Time set from 3.de.pool.ntp.org [188.40.142.18].
Nov 25 22:01:50 DD-WRT daemon.info process_monitor[2060]: Cyclic NTP Update success (servers 3.de.pool.ntp.org)
Nov 25 22:01:50 DD-WRT daemon.info process_monitor[2060]: Local timer delta is 1669446041
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Sat Nov 26, 2022 7:09    Post subject: Reply with quote
Our posts crossed Smile

30 MB/s is normal for OpenVPN on your router.

For these routers running VPN WireGuard is the better option, I have the same router and it gives me 35 MB/s on OpenVPN and slightly over 100 Mb/s using WireGuard.
Almost all Providers support WireGuard on the router NordVPN is one the few exceptions, you can get it running but it is a hassle to do so

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
TerryTowers
DD-WRT Novice


Joined: 25 Nov 2022
Posts: 6

PostPosted: Sat Nov 26, 2022 7:20    Post subject: Reply with quote
Thanks to both of you so much for the help! Also it appears I'm a bit of an idiot because I had the GMT time backwards. Japan is GMT+9 but I need to set it the NTP to GMT-9 for it reflect properly. Not sure if that's standard or not but I'm just happy I got it working!
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 2927
Location: Germany

PostPosted: Sat Nov 26, 2022 7:31    Post subject: Reply with quote
Nov 26 16:29:31 DD-WRT daemon.info ntpclient[2096]: Time set from 2.pool.ntp.org [193.203.3.170].
Nov 26 16:29:31 DD-WRT daemon.info process_monitor[2094]: Cyclic NTP Update success (servers 2.pool.ntp.org 212.18.3.19 88.99.174.22)
Nov 26 16:29:31 DD-WRT daemon.info process_monitor[2094]: Local timer delta is 1669447702

https://www.timeanddate.com/worldclock/japan/tokyo

Apparently the GMT settings do not work properly
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum