What's new

Open VPN not working anymore

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

jra505

Occasional Visitor
Hi,

I've been using Open VPN successfully on my R7800 for years. I have a USB drive connected to my router, and when away from home I can access it from my phone by connecting via Open VPN. I use a No-IP DDNS account which ensures that it all works OK if even my IP address changes, which it does periodically.

For the last month or so, it has stopped working. I can seemingly connect to the VPN from my phone, and get an initial surge in the "connection stats" part of the Open VPN app - however I cannot access the USB drive. If I try to log into the router using a browser on my phone, by going to 192.168.0.1, it gets as far as asking me for my username and password, but goes no further - it won't actually load the router admin page. But, previously, this also worked without a problem.

I have tried creating a new No IP account, to no avail - I get the same symptoms.

I have tried resetting my router, performing a factory reset, setting up again from scratch etc. etc. but with nothing making any difference.

Can anyone can think of a reason why this should suddenly stop working? My phone is a Samsung S21+ (just in case that is relevant).

Thanks,

jra505
 
Update:

I just got it working by rolling back to an earlier firmware that I happened to have in my downloads folder: V1.0.2.100SF

Looks like this feature got broken at some point in the last few months.

@Voxel - I was wondering if this is something you are aware of?
 
@Voxel - I was wondering if this is something you are aware of?
You must first download a new config file for your OpenVPN client from the WebGUI, i.e. for your Samsung smartphone. Have you tried this on the latest firmware versions?

Voxel.
 
You must first download a new config file for your OpenVPN client from the WebGUI, i.e. for your Samsung smartphone. Have you tried this on the latest firmware versions?

Voxel.
Hi @Voxel ,

I have tried that, sorry I should have said - and I'm afraid it still doesn't work 😞

jra505
 
I tested OpenVPN access to the R7800 for a smartphone (smart_phone.ovpn downloaded right before the test) from my iPhone and from a Windows laptop (using smart_phone.ovpn on the laptop). I had no problems for both devices. I was able to log into the router's WebGUI and access the USB drive via SMB. My R7800 has a static external IP. The firmware version is 1.0.2.109SF.

I don't know what problem you are having. Try to post your smartphone log file here.

Maybe some other users will check the operability of the OpenVPN server for R7800. I was unable to reproduce the problem.

Voxel.
 
Hi @Voxel,

Thanks for this. I will try on another phone.

The log file just generated from my Samsung shows this:

[Aug 06, 2024, 12:22:59] ----- OpenVPN Start -----

[Aug 06, 2024, 12:22:59] EVENT: CORE_THREAD_ACTIVE

[Aug 06, 2024, 12:22:59] OpenVPN core 3.8.5connectQA3(3.git::11d19f67:RelWithDebInfo) android arm64 64-bit PT_PROXY

[Aug 06, 2024, 12:22:59] Frame=512/2112/512 mssfix-ctrl=1250

[Aug 06, 2024, 12:22:59] NOTE: This configuration contains options that were not used:

[Aug 06, 2024, 12:22:59] Unsupported option (ignored)

[Aug 06, 2024, 12:22:59] 0 [resolv-retry] [infinite]

[Aug 06, 2024, 12:22:59] 1 [persist-key]

[Aug 06, 2024, 12:22:59] 2 [persist-tun]

[Aug 06, 2024, 12:22:59] 3 [data-ciphers] [CHACHA20-POLY1305:AES-128-GCM:AES-256-GCM:AES-128-CBC:AES-256-CB...]

[Aug 06, 2024, 12:22:59] EVENT: RESOLVE

[Aug 06, 2024, 12:22:59] Contacting 82.0.54.92:12973 via UDP

[Aug 06, 2024, 12:22:59] EVENT: WAIT

[Aug 06, 2024, 12:22:59] Connecting to [axeman4.mynetgear.com]:12973 (82.0.54.92) via UDPv4

[Aug 06, 2024, 12:23:00] Client terminated, reconnecting in 1...

[Aug 06, 2024, 12:23:00] UDP send exception: send: Network is unreachable

[Aug 06, 2024, 12:23:01] Client terminated, reconnecting in 1...

[Aug 06, 2024, 12:23:01] UDP send exception: send: Network is unreachable

[Aug 06, 2024, 12:23:02] EVENT: RECONNECTING

[Aug 06, 2024, 12:23:02] EVENT: RESOLVE

[Aug 06, 2024, 12:23:02] Endpoint address family (IPv6) is incompatible with transport protocol (udp4)

[Aug 06, 2024, 12:23:02] Contacting 82.0.54.92:12973 via UDP

[Aug 06, 2024, 12:23:02] EVENT: WAIT

[Aug 06, 2024, 12:23:02] Connecting to [axeman4.mynetgear.com]:12973 (82.0.54.92) via UDPv4

[Aug 06, 2024, 12:23:02] EVENT: CONNECTING

[Aug 06, 2024, 12:23:02] Tunnel Options:V4,dev-type tun,link-mtu 1523,tun-mtu 1500,proto UDPv4,comp-lzo,cipher CHACHA20-POLY1305,auth [null-digest],keysize 256,key-method 2,tls-client

[Aug 06, 2024, 12:23:02] Creds: UsernameEmpty/PasswordEmpty

[Aug 06, 2024, 12:23:02] Sending Peer Info:
IV_VER=3.8.5connectQA3
IV_PLAT=android
IV_NCP=2
IV_TCPNL=1
IV_PROTO=990
IV_MTU=1600
IV_CIPHERS=AES-128-CBC:AES-192-CBC:AES-256-CBC:AES-128-GCM:AES-192-GCM:AES-256-GCM:CHACHA20-POLY1305
IV_LZ4v2=1
IV_AUTO_SESS=1
IV_GUI_VER=net.openvpn.connect.android_3.4.2-9909
IV_SSO=webauth,openurl,crtext


[Aug 06, 2024, 12:23:02] VERIFY OK: depth=1, /C=TW/ST=TW/L=Taipei/O=netgear/OU=netgear/CN=netgear/name=changeme/emailAddress=mail@netgear.com, signature: RSA-SHA1

[Aug 06, 2024, 12:23:02] VERIFY OK: depth=0, /C=TW/ST=TW/L=Taipei/O=netgear/OU=netgear/CN=netgear/name=changeme/emailAddress=mail@netgear.com, signature: RSA-SHA256

[Aug 06, 2024, 12:23:02] SSL Handshake: peer certificate: CN=netgear, 1024 bit RSA, cipher: TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD


[Aug 06, 2024, 12:23:02] Session is ACTIVE

[Aug 06, 2024, 12:23:02] EVENT: WARN info='TLS: received certificate signed with SHA1. Please inform your admin to upgrade to a stronger algorithm. Support for SHA1 signatures will be dropped in the future'

[Aug 06, 2024, 12:23:02] Sending PUSH_REQUEST to server...

[Aug 06, 2024, 12:23:02] EVENT: GET_CONFIG

[Aug 06, 2024, 12:23:03] Sending PUSH_REQUEST to server...

[Aug 06, 2024, 12:23:03] OPTIONS:
0 [compress] [lz4-v2]
1 [dhcp-option] [DNS] [192.168.0.1]
2 [sndbuf] [786432]
3 [rcvbuf] [786432]
4 [route-gateway] [192.168.1.1]
5 [topology] [subnet]
6 [ping] [10]
7 [ping-restart] [120]
8 [route-delay] [10]
9 [route] [192.168.0.0] [255.255.255.0]
10 [route] [192.168.1.0] [255.255.255.0]
11 [ifconfig] [192.168.1.2] [255.255.255.0]
12 [peer-id] [0]
13 [cipher] [CHACHA20-POLY1305]
14 [protocol-flags] [cc-exit] [tls-ekm] [dyn-tls-crypt]
15 [tun-mtu] [1500]
16 [block-ipv6]
17 [block-ipv4]


[Aug 06, 2024, 12:23:03] PROTOCOL OPTIONS:
cipher: CHACHA20-POLY1305
digest: NONE
key-derivation: TLS Keying Material Exporter [RFC5705]
compress: LZ4v2
peer ID: 0
control channel: dynamic tls-crypt enabled

[Aug 06, 2024, 12:23:03] EVENT: ASSIGN_IP

[Aug 06, 2024, 12:23:03] Connected via tun

[Aug 06, 2024, 12:23:03] LZ4v2 init asym=1

[Aug 06, 2024, 12:23:03] EVENT: CONNECTED info='xxxxxx.mynetgear.com:12973 (xx.0.54.92) via /UDPv4 on tun/192.168.1.2/ gw=[192.168.1.1/] mtu=1500' trans=TO_CONNECTED

[Aug 06, 2024, 12:23:03] EVENT: COMPRESSION_ENABLED info='Asymmetric compression enabled. Server may send compressed data. This may be a potential
 
The plot thickens.

I just tried it using my daughters phone, also a Samsung but on a different network, and it works! Using the latest Voxel firmware.

So, I can either use my daughter's phone for this sort of thing, or revert back to older router firmware and continue to be able to do it on my own phone. I'm at a loss as to why my phone (or maybe my network?) has a problem when using newer firmware.
 
That's great.

I'm at a loss as to why my phone (or maybe my network?) has a problem when using newer firmware.

OpenVPN has been updated (firmware version 1.0.2.106SF and above) from 2.5.x to 2.6.x. This is the most up-to-date version of OpenVPN. You may have a problem with an outdated OpenVPN client on your smartphone and you can try to update it on Google Play.

I'm not sure, but it's worth a try.

Voxel.
 
Hi Voxel,

Thanks for your post. I tried uninstalling and reinstalling OpenVPN on my phone, but it made no difference.

I am now thinking that it may be down to my network operator (EE) blocking connection to VPNs. I have just been reading stuff on their forum which implies that they are clamping down on this for some reason.

Update: This seems to be confirmed, I've just successfully got it work with my phone connected to my work WiFi, rather than using the 5G connection from EE.
 
Still confused about why it worked with older firmware though. The talk on the EE forum went a bit over my head, but some people were saying the problem is to do with IP4 versus IP6 connections. If you can force your phone to use IP4 then it works OK, apparently. Unfortunately I can't change my settings because they are greyed out and apparently locked by EE.
 
@Voxel

In case you're interested - I just got this working, after coming across this thread:


With a new APN set up, configured to only use IPv4, it is working again! :)
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top