Menu
What's new
By:
Filters Better Search

Configuring Open VPN RT-AC68U

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

L

lydnsn

Occasional Visitor
Good evening. If anyone has detailed instructions on setting up open vpn on the rt-ac68u could you kindly post it here. I have tried to do it following their instructions and using their default settings. It connects ok but i cant access anything remotely . I also cant access the internet while i'm connected. I am thinking it might be a problem with ip conflicts but i dont know enough about it to be sure Thank You.
 
please be more specific. your router supports openvpn client and server. are you saying openvpn client connecting to a VPN provider doesn't work? or are you saying that when you connect to an openvpn server you've created it doesn't work?
 
I am using the open vpn server and client within the router. I set up the client and server as per the instructions using the default settings. It says it creates an ovpn configuration file based on my settings.I set up the server and then I exported the file and saved it. Once i finished doing that i uploaded the ovpn file to the client and then turned it on . Then i installed open vpn on the computer i want to use to connect to the server . On my computer i added the opvn file to the config folder as per the instructions. It appears to connect ok but i cant access anything or get on the internet. I can connect to my router just fine though, thats how i know its connected.
 
Tried those settings and still not working.


Here are log files from router.



Jun 13 19:15:02 openvpn[1046]: 70.50.139.229:60906 TLS: Username/Password authentication succeeded for username 'vivian'
Jun 13 19:15:02 openvpn[1046]: 70.50.139.229:60906 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Jun 13 19:15:02 openvpn[1046]: 70.50.139.229:60906 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun 13 19:15:02 openvpn[1046]: 70.50.139.229:60906 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Jun 13 19:15:02 openvpn[1046]: 70.50.139.229:60906 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun 13 19:15:02 openvpn[1046]: 70.50.139.229:60906 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Jun 13 19:15:02 openvpn[1046]: 70.50.139.229:60906 [client] Peer Connection Initiated with [AF_INET]70.50.139.229:60906
Jun 13 19:15:02 openvpn[1046]: client/70.50.139.229:60906 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Jun 13 19:15:02 openvpn[1046]: client/70.50.139.229:60906 MULTI: Learn: 10.8.0.6 -> client/70.50.139.229:60906
Jun 13 19:15:02 openvpn[1046]: client/70.50.139.229:60906 MULTI: primary virtual IP for client/70.50.139.229:60906: 10.8.0.6
Jun 13 19:15:05 openvpn[1046]: client/70.50.139.229:60906 PUSH: Received control message: 'PUSH_REQUEST'
Jun 13 19:15:05 openvpn[1046]: client/70.50.139.229:60906 send_push_reply(): safe_cap=940
Jun 13 19:15:05 openvpn[1046]: client/70.50.139.229:60906 SENT CONTROL [client]: 'PUSH_REPLY,route 192.168.192.0 255.255.255.0,route 10.8.0.1,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Jun 13 19:20:22 openvpn[1046]: 70.50.139.229:61101 TLS: Initial packet from [AF_INET]70.50.139.229:61101, sid=065a915f 7f7bd77f
Jun 13 19:20:22 openvpn[1046]: 70.50.139.229:61101 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC68U, emailAddress=me@myhost.mydomain
Jun 13 19:20:22 openvpn[1046]: 70.50.139.229:61101 VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=ASUS, CN=client, emailAddress=me@myhost.mydomain
Jun 13 19:20:23 openvpn[1046]: 70.50.139.229:61101 PLUGIN_CALL: POST /usr/lib/openvpn-plugin-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=0
Jun 13 19:20:23 openvpn[1046]: 70.50.139.229:61101 TLS: Username/Password authentication succeeded for username 'vivian'
Jun 13 19:20:23 openvpn[1046]: 70.50.139.229:61101 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Jun 13 19:20:23 openvpn[1046]: 70.50.139.229:61101 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun 13 19:20:23 openvpn[1046]: 70.50.139.229:61101 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Jun 13 19:20:23 openvpn[1046]: 70.50.139.229:61101 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun 13 19:20:23 openvpn[1046]: 70.50.139.229:61101 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Jun 13 19:20:23 openvpn[1046]: 70.50.139.229:61101 [client] Peer Connection Initiated with [AF_INET]70.50.139.229:61101
Jun 13 19:20:23 openvpn[1046]: client/70.50.139.229:61101 MULTI_sva: pool returned IPv4=10.8.0.10, IPv6=(Not enabled)
Jun 13 19:20:23 openvpn[1046]: client/70.50.139.229:61101 MULTI: Learn: 10.8.0.10 -> client/70.50.139.229:61101
Jun 13 19:20:23 openvpn[1046]: client/70.50.139.229:61101 MULTI: primary virtual IP for client/70.50.139.229:61101: 10.8.0.10
Jun 13 19:20:25 openvpn[1046]: client/70.50.139.229:61101 PUSH: Received control message: 'PUSH_REQUEST'
Jun 13 19:20:25 openvpn[1046]: client/70.50.139.229:61101 send_push_reply(): safe_cap=940
Jun 13 19:20:25 openvpn[1046]: client/70.50.139.229:61101 SENT CONTROL [client]: 'PUSH_REPLY,route 192.168.192.0 255.255.255.0,route 10.8.0.1,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.10 10.8.0.9' (status=1)
Jun 13 19:20:58 openvpn[1046]: client/70.50.139.229:60906 [client] Inactivity timeout (--ping-restart), restarting
Jun 13 19:20:58 openvpn[1046]: client/70.50.139.229:60906 SIGUSR1[soft,ping-restart] received, client-instance restarting
Jun 13 19:30:20 openvpn[1046]: client/70.50.139.229:61101 [client] Inactivity timeout (--ping-restart), restarting
Jun 13 19:30:20 openvpn[1046]: client/70.50.139.229:61101 SIGUSR1[soft,ping-restart] received, client-instance restarting
Jun 13 19:44:33 dnsmasq-dhcp[483]: DHCPREQUEST(br0) 192.168.192.60 28:e3:47:28:36:60
Jun 13 19:44:33 dnsmasq-dhcp[483]: DHCPACK(br0) 192.168.192.60 28:e3:47:28:36:60 Lenovo-PC
Jun 13 19:48:44 dnsmasq-dhcp[483]: DHCPREQUEST(br0) 192.168.192.60 28:e3:47:28:36:60
Jun 13 19:48:44 dnsmasq-dhcp[483]: DHCPACK(br0) 192.168.192.60 28:e3:47:28:36:60 Lenovo-PC



upload_2015-6-13_22-26-55.png
 
Last edited:
I think I am having a similar problem. Just upgraded my 68U to the Merlin 378.54_2 firmware and made the siwtch from PPTP VPN to OpenVPN. With the PPTP VPN, I could connect to my router while out on the road and access resources inside my network...worked flawlessly. With the new OpenVPN...I can connect fine but once connected...I can't access anything inside my network. What am I doing wrong?
 
It would help if you specified what client/app you are using to connect to the server.
 
direct clients to redirect internet traffic should be on?

also this doesnt look good.

un 13 19:20:58 openvpn[1046]: client/70.50.139.229:60906 [client] Inactivity timeout (--ping-restart), restarting
Jun 13 19:20:58 openvpn[1046]: client/70.50.139.229:60906 SIGUSR1[soft,ping-restart] received, client-instance restarting
Jun 13 19:30:20 openvpn[1046]: client/70.50.139.229:61101 [client] Inactivity timeout (--ping-restart), restarting
Jun 13 19:30:20 openvpn[1046]: client/70.50.139.229:61101 SIGUSR1[soft,ping-restart] received, client-instance restarting
 
I am no expert, my server config on the router is different then martinr and yours. Here is what I did different:
I used TAP instead of TUN, (push lan to clients will be missing)
Firewall - External only
Allocate from DHCP = Yes,
Respond to DNS = No,
Manage Client-Specific Options = Yes --> Allow Client -Client = Yes, Allow only specified clients = No

I should mention my android with 4.1.? could not use TAP natively. I had to purchase a app on google play that has OpenVPN with TAP. My laptop with openvpn (client) connects just fine (TAP).
Also I should mention last year when I was messing around with being double NAT'd I tried using a raspi to run openvpn server. Setting it up and depending on the encryption it would take aprox 10-20 minutes to generate keys. I would like to know how the AC68U generates it so fast. :)
EDIT: nevermind already answered by RMerlin http://www.snbforums.com/threads/asuswrt-merlin-378-54_2-is-now-available.24902/page-12#post-188330
 
Last edited:
You must log in or register to reply here.

Similar threads

P
  • Locked
WPS functionality RT-AC68U
2
Replies
20
Views
2K
RMerlin
RMerlin
D
Nord Open VPN client connected but not secure?
Replies
1
Views
289
Dougj
D
R
ASUS RT-AX86 Open VPN No LAN Access
Replies
18
Views
1K
Celo
C
P
Cannot access internet on asus vpn server Openvpn
Replies
17
Views
649
eibgrad
eibgrad
J
Open VPN not working anymore
Replies
10
Views
754
jra505
J
Similar threads
Thread starter Title Forum Replies Date
StrikerXXX Need help configuring NextDNS Asuswrt-Merlin 14
Sunny786 Help Needed: Configuring OpenVPN Server and Instant Guard on Asus GT-AX11000 with Technicolor CobraXh Modem Router Asuswrt-Merlin 11
Wobbo Configuring USB-Connected HDD for FTP Sharing via NordVPN Dedicated IP on AC86U Asuswrt-Merlin 3
A Open NAT game profiles Asuswrt-Merlin 8
D Nord Open VPN client connected but not secure? Asuswrt-Merlin 1
J Max number of open NAT connections on GT-AXE16000 and GT-BE98 Asuswrt-Merlin 9
R ASUS RT-AX86 Open VPN No LAN Access Asuswrt-Merlin 18
T Open ports on WAN for service running on the router Asuswrt-Merlin 8
S Open ports query on AX88U Asuswrt-Merlin 6
John Tetreault How to open ipv6 firewall to a port on the router? Asuswrt-Merlin 7

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 505 (members: 17, guests: 488)
Top