OpenVPN server no longer working

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Atheros WiSOC based Hardware
Author Message
Andr0med
DD-WRT Novice


Joined: 04 Feb 2017
Posts: 10

PostPosted: Wed Aug 05, 2020 12:51    Post subject: OpenVPN server no longer working Reply with quote
Hey guys,

I have a Netgear r7800 and the OpenVPN server has been working fine for past year but that's no longer the case. Is there a fix in the works? I've tried the last 5 firmwares but without any luck. Also noticed this ticket, not sure if it's related: https://svn.dd-wrt.com/ticket/7177#comment:2

I've also inquired on the OpenVPN forums and they said the server software might be too old. The error I'm getting is "no data channel send key available". I've made no changes to any of my settings. Thanks.
Sponsor
burgess85
DD-WRT User


Joined: 22 Sep 2012
Posts: 55

PostPosted: Wed Aug 05, 2020 16:34    Post subject: Reply with quote
Connecting from Lan or wan?
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 7244
Location: Texas, USA

PostPosted: Wed Aug 05, 2020 16:50    Post subject: Reply with quote
On which firmware release build version?
_________________
Official Forum Rules, Guidelines, and Helpful InformationFirmware FAQInstallation WikiWhere Do I Download Firmware?
DON'T use Chromium-based browsersRTFM/STFW - TL;DR is NOT an excuse. • Why Should I Care What Color the Bikeshed Is?
Please DO NOT PM me with questions; Ask in the forum.

---------------------------------------------------------

Linux User #377467 counter.li.org / linuxcounter.net
Andr0med
DD-WRT Novice


Joined: 04 Feb 2017
Posts: 10

PostPosted: Wed Aug 05, 2020 18:40    Post subject: Reply with quote
kernel-panic69 wrote:
On which firmware release build version?


right now on r43381 and have tried all including 08-02-2020-r44048; trying to access it remotely, not on LAN.
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 7244
Location: Texas, USA

PostPosted: Wed Aug 05, 2020 19:05    Post subject: Reply with quote
Did you use the setup guide in the Advanced Networking forum?
_________________
Official Forum Rules, Guidelines, and Helpful InformationFirmware FAQInstallation WikiWhere Do I Download Firmware?
DON'T use Chromium-based browsersRTFM/STFW - TL;DR is NOT an excuse. • Why Should I Care What Color the Bikeshed Is?
Please DO NOT PM me with questions; Ask in the forum.

---------------------------------------------------------

Linux User #377467 counter.li.org / linuxcounter.net
Andr0med
DD-WRT Novice


Joined: 04 Feb 2017
Posts: 10

PostPosted: Wed Aug 05, 2020 19:12    Post subject: Reply with quote
Kernel, I did not. I've set it up according an an online guide about a year ago and went through numerous firmwares since without any problems. Everything has been working fine until couple of weeks ago. Was wondering if anything changed on the OpenVPN side since it just stopped working without making any changes on my end. Should I rebuild it from scratch?
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 7244
Location: Texas, USA

PostPosted: Wed Aug 05, 2020 19:18    Post subject: Reply with quote
Any other guide outside of this forum is irrelevant. There have been changes that may affect configuration, and functionality. Here's the forum thread link:

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795

_________________
Official Forum Rules, Guidelines, and Helpful InformationFirmware FAQInstallation WikiWhere Do I Download Firmware?
DON'T use Chromium-based browsersRTFM/STFW - TL;DR is NOT an excuse. • Why Should I Care What Color the Bikeshed Is?
Please DO NOT PM me with questions; Ask in the forum.

---------------------------------------------------------

Linux User #377467 counter.li.org / linuxcounter.net
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 6360
Location: Netherlands

PostPosted: Thu Aug 06, 2020 7:21    Post subject: Reply with quote
One show stopper can be the use of a key length of 1024 that is not allowed on newer builds.

A reset to defaults and start fresh might be a good idea. @kp69 already pointed you to the relevant setup guide Smile

Otherwise post a picture of your settings page and the OVPN status page so that we can have a look

_________________
Routers:Netgear R7800, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000 (converted WRT320N), WRT54GS v1.
OpenVPN Policy Based Routing: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321686
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN Server Setup:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Wireguard Server setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135
Wireguard Client setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324624
Wireguard Advanced setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324787
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Andr0med
DD-WRT Novice


Joined: 04 Feb 2017
Posts: 10

PostPosted: Thu Aug 06, 2020 19:59    Post subject: Reply with quote
Hey guys, I've installed everything from scratch but no luck. Maybe it's a DDNS issue, according to this some people are having this problem:
https://support.opendns.com/hc/en-us/community/posts/360071971352

I'll try another DDNS Service and if not, rebuild VPN a third time. Keep getting p_CONTROL_HARD_RESET_CLIENT_V2 error in the logs. Thanks again and will come back to update you at a later time.

Getting the same error on freedns:

Thu Jan 1 06:34:52 1970: INADYN:IP: Error '0x16' resolving host name 'freedns.afraid.org'
Thu Jan 1 06:34:52 1970: W:'RC_IP_INVALID_REMOTE_ADDR' (0x12) updating the IPs. (it 0)
Andr0med
DD-WRT Novice


Joined: 04 Feb 2017
Posts: 10

PostPosted: Thu Aug 06, 2020 22:08    Post subject: Reply with quote
Seems the ISP is assigning non-routable IPs to clients (100.103.*.*). That's the latest; will update if I can convince them to give me a different IP or lmk if you have any suggestions...might have to switch ISPs again.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 6360
Location: Netherlands

PostPosted: Fri Aug 07, 2020 6:48    Post subject: Reply with quote
That is what is called carrier grade nat CGNAT.
https://en.m.wikipedia.org/wiki/Carrier-grade_NAT

IF they do not give you a publicly accessible ip address you are in trouble.

One way out is a reverse proxy like ngrok:
https://www.softwaretestinghelp.com/ngrok-alternatives/

I am in the same boat in my summer residence, I use my VPN client to tunnel out and port forward via my VPN provider

_________________
Routers:Netgear R7800, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000 (converted WRT320N), WRT54GS v1.
OpenVPN Policy Based Routing: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321686
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN Server Setup:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Wireguard Server setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135
Wireguard Client setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324624
Wireguard Advanced setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324787
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Atheros WiSOC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum