Help with OpenVPN Server; .11; AC68U

Skagnola · May 19, 2019

Hello - long time lurker and user of Asuswrt-Merlin!

Need a little help with getting the OpenVPN Server to behave as expected. Kinda new to using it. I have gone through some how-tos with setting up /starting OpenVPN server on the AC68U. This one as an example.

After the VPN Server is enabled and launched, I am not seeing the service actually listening while SSHed into the router. I notice at the bottom of the server list there is a 1194:

# netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:5473 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:18017 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:3394 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com: printer 0.0.0.0:* LISTEN
tcp 0 0 localhost.localdomain:netbios-ssn 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:netbios-ssn 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:7788 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:laserjet 0.0.0.0:* LISTEN
tcp 0 0 localhost.localdomain:www 0.0.0.0:* LISTEN
tcp 0 0 10.8.0.1:domain 0.0.0.0:* LISTEN
tcp 0 0 localhost.localdomain:domain 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:domain 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:ssh 0.0.0.0:* LISTEN
tcp 0 0 localhost.localdomain:8443 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:8443 0.0.0.0:* LISTEN
tcp 0 0 localhost.localdomain:445 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:445 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:3838 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:9999 0.0.0.0:*
udp 0 0 0.0.0.0:42000 0.0.0.0:*
udp 0 0 localhost.localdomain:42032 0.0.0.0:*
udp 0 0 10.8.0.1:domain 0.0.0.0:*
udp 0 0 localhost.localdomain:domain 0.0.0.0:*
udp 0 0 router.asus.com:domain 0.0.0.0:*
udp 0 0 0.0.0.0:bootps 0.0.0.0:*
udp 0 0 0.0.0.0:5474 0.0.0.0:*
udp 0 0 0.0.0.0:18018 0.0.0.0:*
udp 0 0 0.0.0.0:7788 0.0.0.0:*
udp 0 0 0.0.0.0:38000 0.0.0.0:*
udp 0 0 0.0.0.0:59000 0.0.0.0:*
udp 0 0 192.168.1.255:netbios-ns 0.0.0.0:*
udp 0 0 router.asus.com:netbios-ns 0.0.0.0:*
udp 0 0 0.0.0.0:netbios-ns 0.0.0.0:*
udp 0 0 192.168.1.255:netbios-dgm 0.0.0.0:*
udp 0 0 router.asus.com:netbios-dgm 0.0.0.0:*
udp 0 0 0.0.0.0:netbios-dgm 0.0.0.0:*
udp 0 0 localhost.localdomain:38032 0.0.0.0:*
udp 0 0 localhost.localdomain:59032 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp 0 0 0.0.0.0:43000 0.0.0.0:*
udp 0 0 localhost.localdomain:61689 0.0.0.0:*
udp 0 0 0.0.0.0:38394 0.0.0.0:*
udp 0 0 :::1194 :::*
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 1536 /var/nmbd/unexpected
unix 2 [ ACC ] STREAM LISTENING 1571 /var/run/lldpd.socket
unix 2 [ ACC ] STREAM LISTENING 1080 /var/run/nt_center_socket
unix 2 [ ACC ] STREAM LISTENING 3412 /etc/cfgmnt_ipc_socket
unix 2 [ ACC ] STREAM LISTENING 1143 /etc/wlcnt_socket
unix 2 [ ACC ] STREAM LISTENING 1441 /var/run/avahi-daemon/socket
unix 2 [ ACC ] STREAM LISTENING 1191 /var/run/nt_actMail_socket
unix 2 [ ACC ] STREAM LISTENING 1381290 /tmp/dropbear-3c7e9890/auth-307ce569-7
unix 2 [ ACC ] STREAM LISTENING 957 /var/run/protect_srv_socket
unix 2 [ ACC ] STREAM LISTENING 1734 /etc/amas_lib_socket

I see there are a couple proc running

# ps | grep "openvpn*"
6113 4816 S /etc/openvpn/vpnserver1 --cd /etc/openvpn/server1 --config config.ovpn
6115 4708 S /etc/openvpn/vpnserver1 --cd /etc/openvpn/server1 --config config.ovpn

If I probe the router for running services, I don't see the VPN running under 1194

nmap 192.168.1.1
Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-19 13:52 Central Daylight Time
Nmap scan report for router.asus.com (192.168.1.1)
Host is up (0.00031s latency).
Not shown: 993 closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
139/tcp open netbios-ssn
445/tcp open microsoft-ds
515/tcp open printer
8443/tcp open https-alt
9100/tcp open jetdirect
MAC Address: (Asustek Computer)

Nmap done: 1 IP address (1 host up) scanned in 1.24 seconds

Below is the OpenVPN server config

# Automatically generated configuration
daemon ovpn-server1
topology subnet
server 10.8.0.0 255.255.255.0
proto udp
port 1194
dev tun21
txqueuelen 1000
ncp-ciphers AES-128-GCM:AES-256-GCM:AES-128-CBC:AES-256-CBC
comp-lzo adaptive
keepalive 15 60
verb 4
push "route 192.168.1.0 255.255.255.0 vpn_gateway 500"
duplicate-cn
push "dhcp-option DNS 192.168.1.1"
plugin /usr/lib/openvpn-plugin-auth-pam.so openvpn
verify-client-cert none
username-as-common-name
ca ca.crt
dh dh.pem
cert server.crt
key server.key
status-version 2
status status 5

# Custom Configuration

The VPN startup log is attached as syslog.txt. Not sure if there is something I have configured incorrectly or missing, etc.

RMerlin · May 20, 2019

Your server runs on 1194 UDP, but your nmap only scans for TCP.

Thread starter	Title	Forum	Replies	Date
	Help Needed: Configuring OpenVPN Server and Instant Guard on Asus GT-AX11000 with Technicolor CobraXh Modem Router	Asuswrt-Merlin	11	Aug 6, 2024
T	[Help] Problems setting up OpenVPN	Asuswrt-Merlin	7	Oct 16, 2024
	Need help with Namecheap -> Router -> Caddy	Asuswrt-Merlin	10	Oct 15, 2024
P	Asus aimesh node disconnects frequently, corresponding log entries recorded. Need help understanding the log.	Asuswrt-Merlin	5	Aug 22, 2024
V	Asus RT-AX3000 Help	Asuswrt-Merlin	5	Aug 21, 2024
	Need help configuring NextDNS	Asuswrt-Merlin	14	Aug 18, 2024
L	ASUS RT-AX5400 Help	Asuswrt-Merlin	1	Aug 14, 2024
J	Help/advice needed for accessing GT-AX11000 SMB shares from WSL	Asuswrt-Merlin	6	Aug 4, 2024
D	Has Anyone managed to compile r8152.ko driver for the RT-AX86U Pro, help really appreciated	Asuswrt-Merlin	9	Aug 1, 2024
W	Need help to resolve VPN Director issue	Asuswrt-Merlin	27	Jul 24, 2024

Search

Search

Help with OpenVPN Server; .11; AC68U

Skagnola

New Around Here

Attachments

RMerlin

Asuswrt-Merlin dev

Similar threads

Similar threads

Latest threads

Support SNBForums w/ Amazon

Sign Up For SNBForums Daily Digest

Members online