OpenVPN: State: Client: WAIT

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Author Message
gurtz
DD-WRT Novice


Joined: 12 Nov 2019
Posts: 13

PostPosted: Fri Feb 23, 2024 10:12    Post subject: OpenVPN: State: Client: WAIT Reply with quote
I have dd-wrt configured with OpenVPN to Mullvad. This has worked fine in the past, but this week it just stopped working for some reason. Can someone please help me understand what is going on here? Thank you.
=====

Code:
OpenVPN Status
State
Client: WAIT
Local Address:
Remote Address:

Status
VPN Client Stats
TUN/TAP read bytes   0
TUN/TAP write bytes   0
TCP/UDP read bytes   0
TCP/UDP write bytes   70
Auth read bytes   0

Log
Client Log:
19691231 19:00:19 W WARNING: Using --management on a TCP port WITHOUT passwords is STRONGLY discouraged and considered insecure
19691231 19:00:19 W WARNING: file '/tmp/openvpncl/credentials' is group or others accessible
19691231 19:00:19 Current Parameter Settings:
19691231 19:00:19 config = '/tmp/openvpncl/openvpn.conf'
19691231 19:00:19 mode = 0
19691231 19:00:19 NOTE: --mute triggered...
19691231 19:00:19 237 variation(s) on previous 3 message(s) suppressed by --mute
19691231 19:00:19 I OpenVPN 2.5.7 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec 19 2022
19691231 19:00:19 I library versions: OpenSSL 1.1.1s 1 Nov 2022 LZO 2.10
19691231 19:00:19 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16
19691231 19:00:19 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19691231 19:00:20 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400)
19691231 19:00:20 Control Channel MTU parms [ L:1521 D:1212 EF:38 EB:0 ET:0 EL:3 ]
19691231 19:00:20 Data Channel MTU parms [ L:1521 D:1450 EF:121 EB:389 ET:0 EL:3 ]
19691231 19:00:20 Local Options String (VER=V4): 'V4 dev-type tun link-mtu 1449 tun-mtu 1400 proto UDPv4 cipher AES-256-GCM auth [null-digest] keysize 256 key-method 2 tls-client'
19691231 19:00:20 Expected Remote Options String (VER=V4): 'V4 dev-type tun link-mtu 1449 tun-mtu 1400 proto UDPv4 cipher AES-256-GCM auth [null-digest] keysize 256 key-method 2 tls-server'
19691231 19:00:20 I TCP/UDP: Preserving recently used remote address: [AF_INET]193.32.127.84:1300
19691231 19:00:20 Socket Buffers: R=[262144->262144] S=[262144->262144]
19691231 19:00:20 I UDPv4 link local: (not bound)
19691231 19:00:20 I UDPv4 link remote: [AF_INET]193.32.127.84:1300
19691231 19:00:20 D UDPv4 WRITE [14] to [AF_INET]193.32.127.84:1300: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
20240223 05:00:56 I [UNDEF] Inactivity timeout (--ping-restart) restarting
20240223 05:00:56 TCP/UDP: Closing socket
20240223 05:00:56 I SIGUSR1[soft ping-restart] received process restarting
20240223 05:00:56 Restart pause 5 second(s)
20240223 05:01:01 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20240223 05:01:01 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400)
20240223 05:01:01 Control Channel MTU parms [ L:1521 D:1212 EF:38 EB:0 ET:0 EL:3 ]
20240223 05:01:01 Data Channel MTU parms [ L:1521 D:1450 EF:121 EB:389 ET:0 EL:3 ]
20240223 05:01:01 Local Options String (VER=V4): 'V4 dev-type tun link-mtu 1449 tun-mtu 1400 proto UDPv4 cipher AES-256-GCM auth [null-digest] keysize 256 key-method 2 tls-client'
20240223 05:01:01 Expected Remote Options String (VER=V4): 'V4 dev-type tun link-mtu 1449 tun-mtu 1400 proto UDPv4 cipher AES-256-GCM auth [null-digest] keysize 256 key-method 2 tls-server'
20240223 05:01:01 I TCP/UDP: Preserving recently used remote address: [AF_INET]193.32.127.84:1300
20240223 05:01:01 Socket Buffers: R=[262144->262144] S=[262144->262144]
20240223 05:01:01 I UDPv4 link local: (not bound)
20240223 05:01:01 I UDPv4 link remote: [AF_INET]193.32.127.84:1300
20240223 05:01:01 D UDPv4 WRITE [14] to [AF_INET]193.32.127.84:1300: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
20240223 05:01:03 D UDPv4 WRITE [14] to [AF_INET]193.32.127.84:1300: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
20240223 05:01:07 D UDPv4 WRITE [14] to [AF_INET]193.32.127.84:1300: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
20240223 05:01:15 NOTE: --mute triggered...
20240223 05:02:01 2 variation(s) on previous 3 message(s) suppressed by --mute
20240223 05:02:01 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
20240223 05:02:01 N TLS Error: TLS handshake failed
20240223 05:02:01 TCP/UDP: Closing socket
20240223 05:02:01 I SIGUSR1[soft tls-error] received process restarting
20240223 05:02:01 Restart pause 5 second(s)
20240223 05:02:06 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20240223 05:02:06 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400)
20240223 05:02:06 Control Channel MTU parms [ L:1521 D:1212 EF:38 EB:0 ET:0 EL:3 ]
20240223 05:02:06 Data Channel MTU parms [ L:1521 D:1450 EF:121 EB:389 ET:0 EL:3 ]
20240223 05:02:06 Local Options String (VER=V4): 'V4 dev-type tun link-mtu 1449 tun-mtu 1400 proto UDPv4 cipher AES-256-GCM auth [null-digest] keysize 256 key-method 2 tls-client'
20240223 05:02:06 Expected Remote Options String (VER=V4): 'V4 dev-type tun link-mtu 1449 tun-mtu 1400 proto UDPv4 cipher AES-256-GCM auth [null-digest] keysize 256 key-method 2 tls-server'
20240223 05:02:06 I TCP/UDP: Preserving recently used remote address: [AF_INET]193.32.127.84:1300
20240223 05:02:06 Socket Buffers: R=[262144->262144] S=[262144->262144]
20240223 05:02:06 I UDPv4 link local: (not bound)
20240223 05:02:06 I UDPv4 link remote: [AF_INET]193.32.127.84:1300
20240223 05:02:06 D UDPv4 WRITE [14] to [AF_INET]193.32.127.84:1300: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
20240223 05:02:08 D UDPv4 WRITE [14] to [AF_INET]193.32.127.84:1300: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
20240223 05:02:12 D UDPv4 WRITE [14] to [AF_INET]193.32.127.84:1300: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
20240223 05:02:20 NOTE: --mute triggered...
20240223 05:03:06 2 variation(s) on previous 3 message(s) suppressed by --mute
20240223 05:03:06 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
20240223 05:03:06 N TLS Error: TLS handshake failed
20240223 05:03:06 TCP/UDP: Closing socket
20240223 05:03:06 I SIGUSR1[soft tls-error] received process restarting
20240223 05:03:06 Restart pause 5 second(s)
20240223 05:03:11 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20240223 05:03:11 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400)
20240223 05:03:11 Control Channel MTU parms [ L:1521 D:1212 EF:38 EB:0 ET:0 EL:3 ]
20240223 05:03:11 Data Channel MTU parms [ L:1521 D:1450 EF:121 EB:389 ET:0 EL:3 ]
20240223 05:03:11 Local Options String (VER=V4): 'V4 dev-type tun link-mtu 1449 tun-mtu 1400 proto UDPv4 cipher AES-256-GCM auth [null-digest] keysize 256 key-method 2 tls-client'
20240223 05:03:11 Expected Remote Options String (VER=V4): 'V4 dev-type tun link-mtu 1449 tun-mtu 1400 proto UDPv4 cipher AES-256-GCM auth [null-digest] keysize 256 key-method 2 tls-server'
20240223 05:03:11 I TCP/UDP: Preserving recently used remote address: [AF_INET]193.32.127.84:1300
20240223 05:03:11 Socket Buffers: R=[262144->262144] S=[262144->262144]
20240223 05:03:11 I UDPv4 link local: (not bound)
20240223 05:03:11 I UDPv4 link remote: [AF_INET]193.32.127.84:1300
20240223 05:03:11 D UDPv4 WRITE [14] to [AF_INET]193.32.127.84:1300: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
20240223 05:03:14 D UDPv4 WRITE [14] to [AF_INET]193.32.127.84:1300: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
20240223 05:03:18 D UDPv4 WRITE [14] to [AF_INET]193.32.127.84:1300: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
20240223 05:03:26 NOTE: --mute triggered...
20240223 05:03:57 2 variation(s) on previous 3 message(s) suppressed by --mute
20240223 05:03:57 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20240223 05:03:57 D MANAGEMENT: CMD 'state'
20240223 05:03:58 MANAGEMENT: Client disconnected
20240223 05:03:58 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20240223 05:03:58 D MANAGEMENT: CMD 'state'
20240223 05:03:58 MANAGEMENT: Client disconnected
20240223 05:03:58 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20240223 05:03:58 D MANAGEMENT: CMD 'state'
20240223 05:03:58 MANAGEMENT: Client disconnected
20240223 05:03:58 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20240223 05:03:58 D MANAGEMENT: CMD 'status 2'
20240223 05:03:58 MANAGEMENT: Client disconnected
20240223 05:03:58 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20240223 05:03:58 D MANAGEMENT: CMD 'log 500'
19691231 19:00:00
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 13053
Location: Netherlands

PostPosted: Fri Feb 23, 2024 10:25    Post subject: Reply with quote
Quote:
20240223 05:03:06 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
20240223 05:03:06 N TLS Error: TLS handshake failed


You cannot reach the server so e.g. you do not have internet, the server is down, your subscription is terminated etc.

If you have internet and your subscription is still active start with using a different server.

See the OpenVPN client setup guide: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327398
There is also a paragraph about Mullvad

P.S. why not use Mullvads WireGuard, easy to setup and three times faster than OpenVPN

P.P.S. when posting always start with sharing your router model and buildnumber

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
gurtz
DD-WRT Novice


Joined: 12 Nov 2019
Posts: 13

PostPosted: Sat Feb 24, 2024 21:37    Post subject: Reply with quote
@egc, Thank you for the reply and for the Wireguard suggestion. I appreciate it.

I ended up switching to Wireguard using these instructions: https://support.flashrouters.com/dd-wrt/wireguard-setup/mullvad-wireguard-setup/

Everything seems to be working.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 13053
Location: Netherlands

PostPosted: Sat Feb 24, 2024 21:49    Post subject: Reply with quote
Wrong again.

If you followed the DDWRT instructions, also a sticky in this forum you would have known that you could simply import the mullvad config file.

So setup is just a few mouse clicks

Sad

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
gurtz
DD-WRT Novice


Joined: 12 Nov 2019
Posts: 13

PostPosted: Sat Feb 24, 2024 22:01    Post subject: Reply with quote
Oh well, live and learn I guess.

(I had googled "mullvad wireguard ddwrt" and that was the first result.)
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum