Posted: Fri Aug 05, 2022 17:16 Post subject: Cannot connect from DD-WRT to AWS VPN server
I have a Linksys WRT3200 ACM with DD-WRT v3.0-r48432 std (03/01/22) installed.
I also have my own OpenVPN server in Digital Ocean (DO) to which I connect from the router and it works just fine. However DO IP address is in some black lists and many services (e.g. my online banking) refuse to work with it. So I decided to spin up another VPN server in AWS.
I used so-called AWS Client VPN, configured everything in AWS and downloaded a *.ovpn config file which works just fine when I connect with a OpenVPN client from my Windows laptop, so I am sure that all the certificates are in order, all the config is correct on the server side and the *.ovpn file is fine. However when I try to connect from the router, it does not work.
Attached are:
1. router settings (for all the ciphers, I looked into (much more detailed) OpenVPN Windows client logs and copy-pasted them as well as I could) and router VPN connection log
2. *.ovpn file that works fine with OpenVPN Windows client
3. logs of a successful connection to AWS server from OpenVPN Win client using that *.ovpn file
Joined: 18 Mar 2014 Posts: 12917 Location: Netherlands
Posted: Sat Aug 06, 2022 6:39 Post subject:
OK now at least we can see the error:
TLS Error: TLS key negotiation failed to occur within 60 seconds
Server is not reachable i.e. you have a network connection error (unless you are using TLS-crypt which is not setup correctly):
• Check server address/DDNS
• Check DDNS,
• Check port,
• Check Port Forward if server is not on the primary router.
• Check /disable firewall
• Sometimes an ISP blocks often used ports, Check with your ISP and/or use TCP port 443, this is not blocked.
• Older DDWRT version block UDP ports when SFE is enabled, so when in doubt disable SFE
Are you having any routes or firewall rules added to the router?
Furthermore your tun mtu is to high lower it from 1500 to 1400 (1400 is the recent default).