Menu
What's new
By:
Filters Better Search

Can't connect to Internet with OpenVPN Client on RT-AC68U (behind Fios Quantum Gateway G1100)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

T

techguy12

Occasional Visitor
Hello,

My setup is currently:

1.Verizon Fios Quantum Gateway G1100 (connection shared via ethernet cord) to 2.ASUS RT-AC68U running asuswrt-merlin 384.7. I usually have Express VPN (OpenVPN) via manually setup running in the VPN Client section of my router via default ASUS Router firmware (which works fine).

After upgrading my default ASUS firmware to asuswrt-merlin 384.7, I'm unable to connect to the Internet with the OpenVPN Client Service State ON. <- Says Connected (Local: 10.xx.x.xx - Public: unknown). I'm using a ExpressVPN OpenVPN file. When I turn the OpenVPN Client Service State OFF, my internet comes back on and starts working fine!

WAN Connection Type: Static IP (which I set for my router)
DNS Server: Open DNS (208.67.222.222)

Custom Configuration (from ExpressVPN site)
remote-cert-tls server
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping-timer-rem
reneg-sec 0
# log /tmp/vpn.log


Is there something that I'm doing wrong here? Please let me know if there is anything I need to look into. I hope I'm not overdoing anything in regards to my setup.
 

Attachments

  • Screen Shot 2018-10-20 at 10.54.52 AM.png
    Screen Shot 2018-10-20 at 10.54.52 AM.png
    321.7 KB · Views: 566
  • Screen Shot 2018-10-20 at 10.55.11 AM.png
    Screen Shot 2018-10-20 at 10.55.11 AM.png
    296.9 KB · Views: 642
Last edited:
Check your System Log for any information.
 
RMerlin said:
Check your System Log for any information.
Click to expand...

I see alot of this going on when I turn OpenVPN Client ON and switch to that ASUS WiFI via laptop

Oct 20 11:36:33 ovpn-client1[13232]: write to TUN/TAP : Invalid argument (code=22)
Oct 20 11:36:43 ovpn-client1[13232]: write to TUN/TAP : Invalid argument (code=22)
Oct 20 11:36:53 ovpn-client1[13232]: write to TUN/TAP : Invalid argument (code=22)
Oct 20 11:37:03 ovpn-client1[13232]: write to TUN/TAP : Invalid argument (code=22)
Oct 20 11:37:13 ovpn-client1[13232]: write to TUN/TAP : Invalid argument (code=22)
Oct 20 11:37:23 ovpn-client1[13232]: write to TUN/TAP : Invalid argument (code=22)
 
Try removing these options to see if it helps:

Code: 
nobind
tun-mtu 1500
tun-mtu-extra 32
persist-tun
 
RMerlin said:
Try removing these options to see if it helps:

Code: 
nobind
tun-mtu 1500
tun-mtu-extra 32
persist-tun
Click to expand...

Unfortunately that didn't work. I'm seeing this if this means anything

Oct 20 11:54:16 ovpn-client1[16781]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1601', remote='link-mtu 1606'
Oct 20 11:54:16 ovpn-client1[16781]: WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
Oct 20 11:54:16 ovpn-client1[16781]: WARNING: 'mtu-dynamic' is present in remote config but missing in local config, remote='mtu-dynamic'
Oct 20 11:54:16 ovpn-client1[16781]: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
 
RMerlin said:
Try removing these options to see if it helps:

Code: 
nobind
tun-mtu 1500
tun-mtu-extra 32
persist-tun
Click to expand...

Also seeing this

Oct 20 12:00:13 ovpn-client1[16781]: VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-4012-0a, emailAddress=support@expressvpn.com
Oct 20 12:00:13 ovpn-client1[16781]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1601', remote='link-mtu 1606'
Oct 20 12:00:13 ovpn-client1[16781]: WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
Oct 20 12:00:13 ovpn-client1[16781]: WARNING: 'mtu-dynamic' is present in remote config but missing in local config, remote='mtu-dynamic'
Oct 20 12:00:13 ovpn-client1[16781]: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Oct 20 12:00:13 ovpn-client1[16781]: [Server-4012-0a] Peer Connection Initiated with [AF_INET]104.194.218.29:1195
Oct 20 12:00:14 ovpn-client1[16781]: SENT CONTROL [Server-4012-0a]: 'PUSH_REQUEST' (status=1)
Oct 20 12:00:14 ovpn-client1[16781]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.88.0.1,route 10.88.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.88.0.86 10.88.0.85,peer-id 13,cipher AES-256-GCM'
Oct 20 12:00:14 ovpn-client1[16781]: OPTIONS IMPORT: timers and/or timeouts modified
Oct 20 12:00:14 ovpn-client1[16781]: OPTIONS IMPORT: --ifconfig/up options modified
Oct 20 12:00:14 ovpn-client1[16781]: OPTIONS IMPORT: route options modified
Oct 20 12:00:14 ovpn-client1[16781]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Oct 20 12:00:14 ovpn-client1[16781]: OPTIONS IMPORT: peer-id set
Oct 20 12:00:14 ovpn-client1[16781]: OPTIONS IMPORT: adjusting link_mtu to 1624
Oct 20 12:00:14 ovpn-client1[16781]: OPTIONS IMPORT: data channel crypto options modified
Oct 20 12:00:14 ovpn-client1[16781]: Data Channel: using negotiated cipher 'AES-256-GCM'
Oct 20 12:00:14 ovpn-client1[16781]: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Oct 20 12:00:14 ovpn-client1[16781]: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Oct 20 12:00:14 ovpn-client1[16781]: Preserving previous TUN/TAP instance: tun11
Oct 20 12:00:14 ovpn-client1[16781]: Initialization Sequence Completed
Oct 20 12:00:23 ovpn-client1[16781]: write to TUN/TAP : Invalid argument (code=22)
Oct 20 12:00:34 ovpn-client1[16781]: write to TUN/TAP : Invalid argument (code=22)
Oct 20 12:00:44 ovpn-client1[16781]: write to TUN/TAP : Invalid argument (code=22)
Oct 20 12:00:54 ovpn-client1[16781]: write to TUN/TAP : Invalid argument (code=22)
Oct 20 12:01:04 ovpn-client1[16781]: write to TUN/TAP : Invalid argument (code=22)
Oct 20 12:01:13 ovpn-client1[16781]: write to TUN/TAP : Invalid argument (code=22)
Oct 20 12:01:24 ovpn-client1[16781]: write to TUN/TAP : Invalid argument (code=22)
Oct 20 12:01:34 ovpn-client1[16781]: write to TUN/TAP : Invalid argument (code=22)
Oct 20 12:01:43 ovpn-client1[16781]: write to TUN/TAP : Invalid argument (code=22)
Oct 20 12:01:54 ovpn-client1[16781]: write to TUN/TAP : Invalid argument (code=22)
 
According to a Google search done with your error message, this usually indicates a mismatch in configuration between your end and their server. I would double check the configuration.
 
techguy12 said:
Oct 20 12:00:13 ovpn-client1[16781]: WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
Click to expand...

That would be my primary suspect. Enable compression in your client.
 
RMerlin said:
That would be my primary suspect. Enable compression in your client.
Click to expand...
I enabled the compression LZO ... these are the results (Still unable to have successful internet activity)


Oct 20 14:49:31 ovpn-client1[24965]: Initialization Sequence Completed
Oct 20 14:50:24 roamast: eth2: add client [20:c9:d0:cf:b5:eb] to monitor list
Oct 20 14:50:31 ovpn-client1[24965]: [Server-2388-0a] Inactivity timeout (--ping-restart), restarting
Oct 20 14:50:31 ovpn-client1[24965]: SIGUSR1[soft,ping-restart] received, process restarting
Oct 20 14:50:31 ovpn-client1[24965]: Restart pause, 5 second(s)
Oct 20 14:50:36 ovpn-client1[24965]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 20 14:50:36 ovpn-client1[24965]: TCP/UDP: Preserving recently used remote address: [AF_INET]45.56.154.3:1195
Oct 20 14:50:36 ovpn-client1[24965]: Socket Buffers: R=[122880->122880] S=[122880->122880]
Oct 20 14:50:36 ovpn-client1[24965]: UDP link local: (not bound)
Oct 20 14:50:36 ovpn-client1[24965]: UDP link remote: [AF_INET]45.56.154.3:1195
Oct 20 14:50:36 ovpn-client1[24965]: TLS: Initial packet from [AF_INET]45.56.154.3:1195, sid=221a7fed ea64ed82
Oct 20 14:50:36 ovpn-client1[24965]: VERIFY OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA, emailAddress=support@expressvpn.com
Oct 20 14:50:36 ovpn-client1[24965]: VERIFY KU OK
Oct 20 14:50:36 ovpn-client1[24965]: Validating certificate extended key usage
Oct 20 14:50:36 ovpn-client1[24965]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Oct 20 14:50:36 ovpn-client1[24965]: VERIFY EKU OK
Oct 20 14:50:36 ovpn-client1[24965]: VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-2388-0a, emailAddress=support@expressvpn.com
Oct 20 14:50:36 ovpn-client1[24965]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1602', remote='link-mtu 1606'
Oct 20 14:50:36 ovpn-client1[24965]: WARNING: 'mtu-dynamic' is present in remote config but missing in local config, remote='mtu-dynamic'
Oct 20 14:50:36 ovpn-client1[24965]: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Oct 20 14:50:36 ovpn-client1[24965]: [Server-2388-0a] Peer Connection Initiated with [AF_INET]45.56.154.3:1195
Oct 20 14:50:37 ovpn-client1[24965]: SENT CONTROL [Server-2388-0a]: 'PUSH_REQUEST' (status=1)
Oct 20 14:50:37 ovpn-client1[24965]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.170.0.1,route 10.170.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.170.32.218 10.170.32.217'
Oct 20 14:50:37 ovpn-client1[24965]: OPTIONS IMPORT: timers and/or timeouts modified
Oct 20 14:50:37 ovpn-client1[24965]: OPTIONS IMPORT: --ifconfig/up options modified
Oct 20 14:50:37 ovpn-client1[24965]: OPTIONS IMPORT: route options modified
Oct 20 14:50:37 ovpn-client1[24965]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Oct 20 14:50:37 ovpn-client1[24965]: Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Oct 20 14:50:37 ovpn-client1[24965]: Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Oct 20 14:50:37 ovpn-client1[24965]: Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Oct 20 14:50:37 ovpn-client1[24965]: Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Oct 20 14:50:37 ovpn-client1[24965]: Preserving previous TUN/TAP instance: tun11
Oct 20 14:50:37 ovpn-client1[24965]: Initialization Sequence Completed
 
techguy12 said:
Oct 20 14:50:36 ovpn-client1[24965]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1602', remote='link-mtu 1606'
Oct 20 14:50:36 ovpn-client1[24965]: WARNING: 'mtu-dynamic' is present in remote config but missing in local config, remote='mtu-dynamic'
Click to expand...
Isn't this the main problem?
 
Grisu said:
Isn't this the main problem?
Click to expand...

This is what I'm now seeing

Oct 21 08:47:28 ovpn-client1[24965]: [Server-2388-0a] Inactivity timeout (--ping-restart), restarting
Oct 21 08:47:28 ovpn-client1[24965]: SIGUSR1[soft,ping-restart] received, process restarting
Oct 21 08:47:28 ovpn-client1[24965]: Restart pause, 5 second(s)
Oct 21 08:47:33 ovpn-client1[24965]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 21 08:47:33 ovpn-client1[24965]: TCP/UDP: Preserving recently used remote address: [AF_INET]45.56.154.3:1195
Oct 21 08:47:33 ovpn-client1[24965]: Socket Buffers: R=[122880->122880] S=[122880->122880]
Oct 21 08:47:33 ovpn-client1[24965]: UDP link local: (not bound)
Oct 21 08:47:33 ovpn-client1[24965]: UDP link remote: [AF_INET]45.56.154.3:1195
Oct 21 08:47:33 ovpn-client1[24965]: TLS: Initial packet from [AF_INET]45.56.154.3:1195, sid=86cf56c8 f26899dc
Oct 21 08:47:33 ovpn-client1[24965]: VERIFY OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA, emailAddress=support@expressvpn.com
Oct 21 08:47:33 ovpn-client1[24965]: VERIFY KU OK
Oct 21 08:47:33 ovpn-client1[24965]: Validating certificate extended key usage
Oct 21 08:47:33 ovpn-client1[24965]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Oct 21 08:47:33 ovpn-client1[24965]: VERIFY EKU OK
Oct 21 08:47:33 ovpn-client1[24965]: VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-2388-0a, emailAddress=support@expressvpn.com
Oct 21 08:47:33 ovpn-client1[24965]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1602', remote='link-mtu 1606'
Oct 21 08:47:33 ovpn-client1[24965]: WARNING: 'mtu-dynamic' is present in remote config but missing in local config, remote='mtu-dynamic'
Oct 21 08:47:33 ovpn-client1[24965]: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Oct 21 08:47:33 ovpn-client1[24965]: [Server-2388-0a] Peer Connection Initiated with [AF_INET]45.56.154.3:1195
Oct 21 08:47:34 ovpn-client1[24965]: SENT CONTROL [Server-2388-0a]: 'PUSH_REQUEST' (status=1)
Oct 21 08:47:34 ovpn-client1[24965]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.170.0.1,route 10.170.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.170.32.218 10.170.32.217'
Oct 21 08:47:34 ovpn-client1[24965]: OPTIONS IMPORT: timers and/or timeouts modified
Oct 21 08:47:34 ovpn-client1[24965]: OPTIONS IMPORT: --ifconfig/up options modified
Oct 21 08:47:34 ovpn-client1[24965]: OPTIONS IMPORT: route options modified
Oct 21 08:47:34 ovpn-client1[24965]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Oct 21 08:47:34 ovpn-client1[24965]: Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Oct 21 08:47:34 ovpn-client1[24965]: Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Oct 21 08:47:34 ovpn-client1[24965]: Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Oct 21 08:47:34 ovpn-client1[24965]: Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Oct 21 08:47:34 ovpn-client1[24965]: Preserving previous TUN/TAP instance: tun11
Oct 21 08:47:34 ovpn-client1[24965]: Initialization Sequence Completed
Oct 21 08:48:34 ovpn-client1[24965]: [Server-2388-0a] Inactivity timeout (--ping-restart), restarting
Oct 21 08:48:34 ovpn-client1[24965]: SIGUSR1[soft,ping-restart] received, process restarting
Oct 21 08:48:34 ovpn-client1[24965]: Restart pause, 5 second(s)
Oct 21 08:48:39 ovpn-client1[24965]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 21 08:48:39 ovpn-client1[24965]: TCP/UDP: Preserving recently used remote address: [AF_INET]45.56.154.3:1195
Oct 21 08:48:39 ovpn-client1[24965]: Socket Buffers: R=[122880->122880] S=[122880->122880]
Oct 21 08:48:39 ovpn-client1[24965]: UDP link local: (not bound)
Oct 21 08:48:39 ovpn-client1[24965]: UDP link remote: [AF_INET]45.56.154.3:1195
Oct 21 08:48:39 ovpn-client1[24965]: TLS: Initial packet from [AF_INET]45.56.154.3:1195, sid=bfea4d10 9683eb85
Oct 21 08:48:39 ovpn-client1[24965]: VERIFY OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA, emailAddress=support@expressvpn.com
Oct 21 08:48:39 ovpn-client1[24965]: VERIFY KU OK
Oct 21 08:48:39 ovpn-client1[24965]: Validating certificate extended key usage
Oct 21 08:48:39 ovpn-client1[24965]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Oct 21 08:48:39 ovpn-client1[24965]: VERIFY EKU OK
Oct 21 08:48:39 ovpn-client1[24965]: VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-2388-0a, emailAddress=support@expressvpn.com
Oct 21 08:48:39 ovpn-client1[24965]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1602', remote='link-mtu 1606'
Oct 21 08:48:39 ovpn-client1[24965]: WARNING: 'mtu-dynamic' is present in remote config but missing in local config, remote='mtu-dynamic'
Oct 21 08:48:39 ovpn-client1[24965]: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Oct 21 08:48:39 ovpn-client1[24965]: [Server-2388-0a] Peer Connection Initiated with [AF_INET]45.56.154.3:1195
Oct 21 08:48:40 ovpn-client1[24965]: SENT CONTROL [Server-2388-0a]: 'PUSH_REQUEST' (status=1)
Oct 21 08:48:40 ovpn-client1[24965]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.170.0.1,route 10.170.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.170.32.218 10.170.32.217'
Oct 21 08:48:40 ovpn-client1[24965]: OPTIONS IMPORT: timers and/or timeouts modified
Oct 21 08:48:40 ovpn-client1[24965]: OPTIONS IMPORT: --ifconfig/up options modified
Oct 21 08:48:40 ovpn-client1[24965]: OPTIONS IMPORT: route options modified
Oct 21 08:48:40 ovpn-client1[24965]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Oct 21 08:48:40 ovpn-client1[24965]: Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Oct 21 08:48:40 ovpn-client1[24965]: Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Oct 21 08:48:40 ovpn-client1[24965]: Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Oct 21 08:48:40 ovpn-client1[24965]: Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Oct 21 08:48:40 ovpn-client1[24965]: Preserving previous TUN/TAP instance: tun11
Oct 21 08:48:40 ovpn-client1[24965]: Initialization Sequence Completed
 
Here are my resu
RMerlin said:
According to a Google search done with your error message, this usually indicates a mismatch in configuration between your end and their server. I would double check the configuration.
Click to expand...

Here are my results with Compression LZO and the following custom config

remote-cert-tls server
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping-timer-rem
reneg-sec 0
# log /tmp/vpn.log


Oct 21 09:02:54 ovpn-client1[22203]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 21 09:02:54 ovpn-client1[22203]: TCP/UDP: Preserving recently used remote address: [AF_INET]173.239.197.229:1195
Oct 21 09:02:54 ovpn-client1[22203]: Socket Buffers: R=[122880->122880] S=[122880->122880]
Oct 21 09:02:54 ovpn-client1[22203]: UDP link local: (not bound)
Oct 21 09:02:54 ovpn-client1[22203]: UDP link remote: [AF_INET]173.239.197.229:1195
Oct 21 09:02:54 ovpn-client1[22203]: TLS: Initial packet from [AF_INET]173.239.197.229:1195, sid=b9d93b8c b65ab883
Oct 21 09:02:54 ovpn-client1[22203]: VERIFY OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA, emailAddress=support@expressvpn.com
Oct 21 09:02:54 ovpn-client1[22203]: VERIFY KU OK
Oct 21 09:02:54 ovpn-client1[22203]: Validating certificate extended key usage
Oct 21 09:02:54 ovpn-client1[22203]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Oct 21 09:02:54 ovpn-client1[22203]: VERIFY EKU OK
Oct 21 09:02:54 ovpn-client1[22203]: VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-3290-0a, emailAddress=support@expressvpn.com
Oct 21 09:02:54 ovpn-client1[22203]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1634', remote='link-mtu 1606'
Oct 21 09:02:54 ovpn-client1[22203]: WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
Oct 21 09:02:54 ovpn-client1[22203]: WARNING: 'mtu-dynamic' is present in remote config but missing in local config, remote='mtu-dynamic'
Oct 21 09:02:54 ovpn-client1[22203]: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Oct 21 09:02:54 ovpn-client1[22203]: [Server-3290-0a] Peer Connection Initiated with [AF_INET]173.239.197.229:1195
Oct 21 09:02:55 ovpn-client1[22203]: SENT CONTROL [Server-3290-0a]: 'PUSH_REQUEST' (status=1)
Oct 21 09:02:55 ovpn-client1[22203]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.25.0.1,route 10.25.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.25.0.114 10.25.0.113'
Oct 21 09:02:55 ovpn-client1[22203]: OPTIONS IMPORT: timers and/or timeouts modified
Oct 21 09:02:55 ovpn-client1[22203]: OPTIONS IMPORT: --ifconfig/up options modified
Oct 21 09:02:55 ovpn-client1[22203]: OPTIONS IMPORT: route options modified
Oct 21 09:02:55 ovpn-client1[22203]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Oct 21 09:02:55 ovpn-client1[22203]: Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Oct 21 09:02:55 ovpn-client1[22203]: Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Oct 21 09:02:55 ovpn-client1[22203]: Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Oct 21 09:02:55 ovpn-client1[22203]: Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Oct 21 09:02:55 ovpn-client1[22203]: Preserving previous TUN/TAP instance: tun11
Oct 21 09:02:55 ovpn-client1[22203]: NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.
Oct 21 09:02:55 ovpn-client1[22203]: vpnrouting.sh tun11 1500 1634 10.25.0.18 10.25.0.17 init
Oct 21 09:02:55 openvpn-routing: Configuring policy rules for client 1
Oct 21 09:02:55 ovpn-client1[22203]: /usr/sbin/ip route del 10.25.0.1/32
Oct 21 09:02:55 ovpn-client1[22203]: ERROR: Linux route delete command failed: external program exited with error status: 2
Oct 21 09:02:55 ovpn-client1[22203]: /usr/sbin/ip route del 173.239.197.229/32
Oct 21 09:02:55 ovpn-client1[22203]: /usr/sbin/ip route del 0.0.0.0/1
Oct 21 09:02:55 ovpn-client1[22203]: ERROR: Linux route delete command failed: external program exited with error status: 2
Oct 21 09:02:55 ovpn-client1[22203]: /usr/sbin/ip route del 128.0.0.0/1
Oct 21 09:02:55 ovpn-client1[22203]: ERROR: Linux route delete command failed: external program exited with error status: 2
Oct 21 09:02:55 ovpn-client1[22203]: Closing TUN/TAP interface
Oct 21 09:02:55 ovpn-client1[22203]: /usr/sbin/ip addr del dev tun11 local 10.25.0.18 peer 10.25.0.17
Oct 21 09:02:55 ovpn-client1[22203]: updown.sh tun11 1500 1634 10.25.0.18 10.25.0.17 init
Oct 21 09:02:56 rc_service: service 23839:notify_rc updateresolv
Oct 21 09:02:57 ovpn-client1[22203]: TUN/TAP device tun11 opened
Oct 21 09:02:57 ovpn-client1[22203]: TUN/TAP TX queue length set to 100
Oct 21 09:02:57 ovpn-client1[22203]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Oct 21 09:02:57 ovpn-client1[22203]: /usr/sbin/ip link set dev tun11 up mtu 1500
Oct 21 09:02:57 ovpn-client1[22203]: /usr/sbin/ip addr add dev tun11 local 10.25.0.114 peer 10.25.0.113
Oct 21 09:02:57 ovpn-client1[22203]: updown.sh tun11 1500 1634 10.25.0.114 10.25.0.113 init
Oct 21 09:02:58 rc_service: service 23889:notify_rc updateresolv
Oct 21 09:03:01 ovpn-client1[22203]: /usr/sbin/ip route add 173.239.197.229/32 via 192.168.1.1
Oct 21 09:03:01 ovpn-client1[22203]: /usr/sbin/ip route add 0.0.0.0/1 via 10.25.0.113
Oct 21 09:03:01 ovpn-client1[22203]: /usr/sbin/ip route add 128.0.0.0/1 via 10.25.0.113
Oct 21 09:03:01 ovpn-client1[22203]: /usr/sbin/ip route add 10.25.0.1/32 via 10.25.0.113
Oct 21 09:03:02 openvpn-routing: Configuring policy rules for client 1
Oct 21 09:03:02 ovpn-client1[22203]: Initialization Sequence Completed
 
This is the results when Compression LZO is ON
 

Attachments

  • Screen Shot 2018-10-21 at 11.45.22 AM.png
    Screen Shot 2018-10-21 at 11.45.22 AM.png
    153.7 KB · Views: 407
Here is the results when I open the udp.ovpn file from expressvpn in text editor (IMAGE). Should I add something from there in the ASUS Merlin firmware custom configuration?

Here is the expressvpn custom config settings

remote-cert-tls server
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping-timer-rem
reneg-sec 0
# log /tmp/vpn.log
 

Attachments

  • Screen Shot 2018-10-21 at 11.54.00 AM.png
    Screen Shot 2018-10-21 at 11.54.00 AM.png
    51.5 KB · Views: 640
You must log in or register to reply here.

Similar threads

T
[Help] Problems setting up OpenVPN
Replies
7
Views
306
Thookie
T
N
Solved Unable to connect to VPN server with self-signed certificate
Replies
0
Views
788
nino_070
N
B
OpenVPN TLS Error: tls-crypt unwrapping failed
Replies
1
Views
3K
brzvlg
B
A
Devices connect to my openvpn server correctly but no traffic from server to client
Replies
6
Views
1K
ragtap
R
N
RT-AX86U-Pro, WAN disconnect every 36 hours
2
Replies
25
Views
2K
Nick24
N
Similar threads
Thread starter Title Forum Replies Date
D False alert for "Unable to connect to the Internet" Asuswrt-Merlin 3
S some iot devices can't connect to internet after a NAS give a static ip Asuswrt-Merlin 4
S [AC88U] How to connect 2 separated networks into 1 VLAN Asuswrt-Merlin 2
6 VPN Director ok, device no connect. Asuswrt-Merlin 20
N AiMesh, router stock asus, wired AP merlin. Cant connect to AP 5ghz Asuswrt-Merlin 4
fenguix Wireguard server: can't connect SMB volumes Asuswrt-Merlin 6
C RT-AX86U 3004.388.8_2 . pet feeder app cannot connect to wifi why? Asuswrt-Merlin 6
C Can't connect to DYNDNS when Unbound is enabled ! Asuswrt-Merlin 10
B Solved What VPN Director rule should i use to be able to connect outside my home to my VPN provider? Asuswrt-Merlin 2
B How to connect into TOR as VPN with Wireguard? Asuswrt-Merlin 1

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 695 (members: 18, guests: 677)
Top