Joined: 28 Sep 2018 Posts: 29 Location: Buenos Aires, Argentina
Posted: Sun Feb 19, 2023 13:59 Post subject: [SOLVED] OpenVPN 2.6.0 problem
Estimados
I want to thank Alozaros for his help.
I also want to apologize for my English. If something is not understood please let me know that I try to explain it in another way.
Since the builds with OpenVPN 2.6.0 I cannot use OpenVPN with Torguard VPN. I tried to consult with the Torguard support but they have not been able to solve it.
DD-WRT Builds with OpenVPN 2.5.8 or lower version works ok
DD-WRT Builds with OpenVPN 2.6.0 it does not work.
Status OpenVPN: Client: CONNECTED SUCCESS
But there is no internet connection.
I tried adding to "Additional Configuration" (Thanks Alozaros)
And change
Tunnel Protocol to UDP4
But it still doesn't work
My settings and logs
Gracias
Edit: Response from Torguard support
"play with compression setting please, try setting it to no, and to comp-lzo if any diff"
"with openvpn 2.4 it was negotiating compression with backend, for 2.6 you need to set it to no"
With Compression NO. works ok
Last edited by pupeto on Tue Feb 28, 2023 12:48; edited 2 times in total
--client-cert-not-required (replaced with --verify-client-cert none)
--ifconfig-pool-linear (replaced with --topology p2p)
--ncp-ciphers (renamed to --data-ciphers)
--client-cert-not-required (replaced with --verify-client-cert none)
--ifconfig-pool-linear (replaced with --topology p2p)
--ncp-ciphers (renamed to --data-ciphers)
--key-method
--no-iv
--no-replay
--ns-cert-type
Estimado
I have another problem
Builds DD-WRT OpenVPN 2.5.8 Compression : Disable (everything works ok)
Builds DD-WRT OpenVPN 2.6.0 Compression : Disable(Does not connect)
Builds DD-WRT OpenVPN 2.6.0 Compression : NO (Connects but partially works. Most websites don't load. Streaming not working)
Do you know if it is necessary to change other settings for OpenVPN 2.6.0 and Torguard VPN?
If your not using a TLS Key, change TLS Auth to NONE or put TLS key in correct field!!
Set the Hash Algorithm to SHA256
Not affecting running of your VPN but remove: persist-key & persist-tun, This gets added in config for you.
Hopefully this will get it working correctly again _________________ Netgear R7800 PPPoE Main Router
Network IPV4 - Isolated Vlan's with IoT Devices. Unifi AC-Pro x 3 AP's, Router Wi-Fi Disabled. OVPN Server With Paid Commercial Wireguard Client's. Gateway Mode, DNSMasq, Static Leases & DHCP, Pi-Hole DNS & Running Unbound.
No one can build you the bridge on which you, and only you, must cross the river of life!
Joined: 28 Sep 2018 Posts: 29 Location: Buenos Aires, Argentina
Posted: Thu Feb 23, 2023 14:08 Post subject:
foz111 wrote:
If your not using a TLS Key, change TLS Auth to NONE or put TLS key in correct field!!
Set the Hash Algorithm to SHA256
Not affecting running of your VPN but remove: persist-key & persist-tun, This gets added in config for you.
Hopefully this will get it working correctly again
Estimado foz111:
Thanks for the help.
I forgot to change change TLS Auth to NONE.
Torguard support had me try various configurations. I'm not sure which one is correct anymore.
Torguard support told me to use:
Hash Algorithm SHA1
Compression: Adaptative
With these changes the VPN connects and all the web sites and steraming apps work. Only this error shows the logs:
Feb 23 04:01:57 181.81.XX.XXX openvpn: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Feb 23 04:01:57 181.81.XX.XXX openvpn: SIGUSR1[soft,tls-error] received, process restarting
It's been that long since I used torguard maybe its changed, don't you create your own config (ovpn file) in there UI? These settings must match in your router.
If you can download an OVPN file from torguard, just start a fresh in DD-WRT and use the Import Configuration feature that is now in recent builds at the bottom. (Thanks go to egc Bs and others for this feature) _________________ Netgear R7800 PPPoE Main Router
Network IPV4 - Isolated Vlan's with IoT Devices. Unifi AC-Pro x 3 AP's, Router Wi-Fi Disabled. OVPN Server With Paid Commercial Wireguard Client's. Gateway Mode, DNSMasq, Static Leases & DHCP, Pi-Hole DNS & Running Unbound.
No one can build you the bridge on which you, and only you, must cross the river of life!
Joined: 15 Aug 2016 Posts: 223 Location: Melbourne, Australia
Posted: Tue Feb 28, 2023 5:34 Post subject:
I also experienced connection issue with OpenVPN Client to PIA from r51679.
My search so far points to ipv6 issues as embedded in DDWRT implementation. If i allowed for it, the Client is connected to PIA, but then the Server ignores incoming connection.
I have both OpenVPN Client and Server on the router. They are running fine in r51440. As a result, i have not been able to update to later versions.
In case anyone needs to know, i added to the 'Additional Configuration' box, under OpenVPN Client section on the router:
(The above info is from egc's guide of 'DDWRT OpenVPN Server Setup guide v30') _________________ Life is a journey; travel alone makes it less enjoyable and lonely.
