This is my first time trying to use a vpn through a router so bear with my ignorance please. I keep getting the "reconnecting init_instance" error. From what I've gathered on this forum, it seems to be because I can't get the time right. I'm not sure if it's the NTP or the DNS causing the issue. If I set the NTP to my time zone (GMT+9), it's just wrong. I can set it to a different time zone and get the time within a few minutes but I get the same error. Every time I reset the time and router, it starts the time on the hour exactly and not what the live time is. I've tried different time zones and different Server IP's (pool.ntp.org, jp.pool.ntp.org) including just leaving it blank.
Some threads with similar problems say it's the DNS. I've tried Nord's (103.86.96.100/103.86.99.100) and OpenDNS (208.67.222.222/208.67.220.220).
I tried 2 different servers through Nord, same outcome.
Client Log:
19700101 09:00:23 W DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
19700101 09:00:23 W WARNING: Using --management on a TCP port WITHOUT passwords is STRONGLY discouraged and considered insecure
19700101 09:00:23 W WARNING: file '/tmp/openvpncl/credentials' is group or others accessible
19700101 09:00:23 I OpenVPN 2.5.8 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 21 2022
19700101 09:00:23 I library versions: OpenSSL 1.1.1s 1 Nov 2022 LZO 2.10
19700101 09:00:23 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16
19700101 09:00:23 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:00:23 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:00:23 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:00:28 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:00:33 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:00:33 W Could not determine IPv4/IPv6 protocol
19700101 09:00:33 I SIGUSR1[soft init_instance] received process restarting
19700101 09:00:33 Restart pause 5 second(s)
19700101 09:00:38 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:00:38 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:00:38 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:00:43 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:00:48 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:00:48 W Could not determine IPv4/IPv6 protocol
19700101 09:00:48 I SIGUSR1[soft init_instance] received process restarting
19700101 09:00:48 Restart pause 5 second(s)
19700101 09:00:53 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:00:53 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:00:53 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:00:58 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:03 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:03 W Could not determine IPv4/IPv6 protocol
19700101 09:01:03 I SIGUSR1[soft init_instance] received process restarting
19700101 09:01:03 Restart pause 5 second(s)
19700101 09:01:08 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:01:08 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:01:08 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:01:13 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:18 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:18 W Could not determine IPv4/IPv6 protocol
19700101 09:01:18 I SIGUSR1[soft init_instance] received process restarting
19700101 09:01:18 Restart pause 5 second(s)
19700101 09:01:23 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:01:23 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:01:23 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:01:28 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:33 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:33 W Could not determine IPv4/IPv6 protocol
19700101 09:01:33 I SIGUSR1[soft init_instance] received process restarting
19700101 09:01:33 Restart pause 10 second(s)
19700101 09:01:43 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:01:43 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:01:43 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
19700101 09:01:48 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:53 N RESOLVE: Cannot resolve host address: us9973.nordvpn.com:1194 (Try again)
19700101 09:01:53 W Could not determine IPv4/IPv6 protocol
19700101 09:01:53 I SIGUSR1[soft init_instance] received process restarting
19700101 09:01:53 Restart pause 20 second(s)
19700101 09:01:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19700101 09:01:53 D MANAGEMENT: CMD 'state'
19700101 09:01:53 MANAGEMENT: Client disconnected
19700101 09:01:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19700101 09:01:53 D MANAGEMENT: CMD 'state'
19700101 09:01:53 MANAGEMENT: Client disconnected
19700101 09:01:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19700101 09:01:53 D MANAGEMENT: CMD 'state'
19700101 09:01:53 MANAGEMENT: Client disconnected
19700101 09:01:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19700101 09:01:53 D MANAGEMENT: CMD 'status 2'
19700101 09:01:53 MANAGEMENT: Client disconnected
19700101 09:01:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19700101 09:01:53 D MANAGEMENT: CMD 'log 500'
19700101 09:00:00
Last edited by TerryTowers on Sat Nov 26, 2022 7:25; edited 4 times in total
Joined: 18 Mar 2014 Posts: 12881 Location: Netherlands
Posted: Fri Nov 25, 2022 15:38 Post subject:
Welcome to the forum
I will move this thread to the more appropriate Advanced Networking forum, see the forum guidelines with helpful pointers about how to research your router, where and what firmware to download, where and how to post and many other helpful tips:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Nowadays you can start with importing the client config and check with the settings from the guide (all described there).
But your no 1 priority is getting the right time on your router.
Beste leave the Server IP/Name blank and only set the time zone,
For Static DNS 1 and 2 use DNS server like 9.9.9.9 and 1.0.0.1
After that reboot and check your time it can take a minute or two before the time is set.
Thanks for helping, I've been reading these guides and learning a lot. Unfortunately I still can't get the time fixed. I tried your advice, a few other configs, and a few other DNS's. Every time I select my time zone it's always 15:00, hopefully that's a clue to a solution. Idk if that's how it's supposed to be but no matter what time zone I pick, they always stay the same time respectively.
They all give different times, but each time zone will always be the same time as it was before. So time zone A will always give me 15:00 and time zone B always gives 19:00, I tried different time zones for hours and this was true for all of them. It doesn’t matter what time it actually is, it’ll always be top of the hour like (XX:00). Any idea what would cause this? It’s like the router or the configuration can’t detect what the real time is so it just spits out a static time.
I've read the troubleshooting on this page https://wiki.dd-wrt.com/wiki/index.php/Network_Time_Protocol and I believe my problem is A or B. My router is connected to a modem, I've tried the gateway 0.0.0.0 and my modems IP address, they both give the same result. What should the gateway and local DNS be set as?
I finally got it to connect! It's not perfect but it's working! I changed the Local IP from 192.168.1.1 to 192.168.2.2 and that seemed to have done the trick! Not sure why that worked though. Now my next issue is that my internet speed has dropped quite a bit. Went from about 250mb/s to 30mb/s.
Joined: 18 Mar 2014 Posts: 12881 Location: Netherlands
Posted: Sat Nov 26, 2022 7:03 Post subject:
Basically all routers are behind a modem, a router is never directly connected to copper, coax or fibre cable so that does not tell us very much.
As the default NTP setting has both a domain name and hard coded IP addresses it should work right out of the box.
My advice reset the router to defaults (press reset button for approx 7-10 sec while the router is running) after the router has restarted you willbe asked to give a name and password, this indicates that the router has reset.
You should have internet and correct time out of the box after a reset unless your modem is also on IP address 192.168.1.1, in that case change the routers "Local IP Address" on Basic Startup page to 192.168.2.1 (provided you have put the ethernet cable in the WAN/interport of the router and you have verified with your PC/laptop that this cable indeed gives you internet from the modem)
For a router in default gateway mode the default settings for Gateway and Local DNS (0.0.0.0) should be fine as are the default time servers because it has a domain name and hard coded IP addresses in case the DNS is not working (but DNS should work right out of the box as it will set your ISP DNS server)
I just tested etc/GMT+9 here, as you can see from the log it works fine.
If you set any timezone e.g. GMT+9 and the router starts at 15 o'clock and stays at 15 o'clock then the time is NOT updated.
The log entries of the "ntpclient" will tell you what is not working.
Code:
Dec 31 15:01:09 DD-WRT daemon.debug ntpclient[2061]: Connecting to 3.de.pool.ntp.org [188.40.142.18] ...
Nov 25 22:01:50 DD-WRT daemon.info ntpclient[2061]: Time set from 3.de.pool.ntp.org [188.40.142.18].
Nov 25 22:01:50 DD-WRT daemon.info process_monitor[2060]: Cyclic NTP Update success (servers 3.de.pool.ntp.org)
Nov 25 22:01:50 DD-WRT daemon.info process_monitor[2060]: Local timer delta is 1669446041
Joined: 18 Mar 2014 Posts: 12881 Location: Netherlands
Posted: Sat Nov 26, 2022 7:09 Post subject:
Our posts crossed
30 MB/s is normal for OpenVPN on your router.
For these routers running VPN WireGuard is the better option, I have the same router and it gives me 35 MB/s on OpenVPN and slightly over 100 Mb/s using WireGuard.
Almost all Providers support WireGuard on the router NordVPN is one the few exceptions, you can get it running but it is a hassle to do so _________________ Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399 Install guide R7800/XR500:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614 Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Thanks to both of you so much for the help! Also it appears I'm a bit of an idiot because I had the GMT time backwards. Japan is GMT+9 but I need to set it the NTP to GMT-9 for it reflect properly. Not sure if that's standard or not but I'm just happy I got it working!
Nov 26 16:29:31 DD-WRT daemon.info ntpclient[2096]: Time set from 2.pool.ntp.org [193.203.3.170].
Nov 26 16:29:31 DD-WRT daemon.info process_monitor[2094]: Cyclic NTP Update success (servers 2.pool.ntp.org 212.18.3.19 88.99.174.22)
Nov 26 16:29:31 DD-WRT daemon.info process_monitor[2094]: Local timer delta is 1669447702