Menu
What's new
By:
Filters Better Search

VPN Cannot Connect due to Weak Hash Error

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

S

systematic

Regular Contributor
Hi All,



I have an ASUS Router AC86U flashed with Firmware version 386.11 and I have enabled the OpenVPN Server in the router settings as follows:

Screenshot 2023-08-24 at 11.04.45.png




I have downloaded the latest version of the OpenVPN Connect and loaded the tried connect to the router from a remote location and get the following error message:

Screenshot 2023-08-24 at 11.05.25.png




Here are the logs in OpenVPN Connect:

Screenshot 2023-08-24 at 11.07.33.png


Now I read in a previous thread to add a line to the OVPN config file as follows:
Screenshot 2023-08-24 at 11.15.21.png


This still gave the same error message. Any idea what I can do please to get it working?

ive used OpenVPN connect AND Tunnel Blink and both do not connect.
 
Other VPN clients are available ;)
 
Sorry im a newb when you say other VPN clients are available. Do you mean I need to use the PPTP or IPSEC VPN options on the router instead of OpenVPN?
 
I mean there's other software available for windows. Just because it's an openvpn server doesn't mean you have to use openvpn client software.
As an aside, go back into the server settings on the router and select "advanced settings" instead of "general". See what data ciphers are available.
Forget that, this is about your router's SSL cert. I'll wait for some more replies.
 

Attachments

  • 1000036091.jpg
    1000036091.jpg
    12.3 KB · Views: 93
Last edited:
Here are the data ciphers:

AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:CHACHA20-POLY1305

I am using a mac and per original message above, I have used both OpenVPN Client and TunnelBlink. Both do not connect.
 
The problem isn't with ciphers but with the signing algorithm used on the certificates. Earlier versions of the firmware used a SHA1 signature on the certificates, newer versions of OpenVPN (and their bundled TLS libraries) now require at a minimum SHA256.

Re-generating certificates and re-exporting the config file is indeed the best solution.
 
You must log in or register to reply here.

Similar threads

S
One website cannot be accessed when VPN is on
Replies
7
Views
474
sfx2000
sfx2000
P
R9000 with Voxel's Custom firmware Unable to connect via TUN
Replies
5
Views
422
R. Gerrits
R
B
Unable to establish VPN connection to my PiVPN (ovpn) from my Asus RT-AC86U running Asuswrt-Merlin 386.14
Replies
1
Views
191
eibgrad
eibgrad
Chinquapin
Asus RT-AC56U Android Client gives: Error message: X509:parse_perm:error in cert::error:0480006C:PEM routines::no start
Replies
0
Views
629
Chinquapin
Chinquapin
B
Does Asus AC5300 OpenVPN server support connect with IPV6 network?
Replies
2
Views
913
beibeitu
B
Similar threads
Thread starter Title Forum Replies Date
S One website cannot be accessed when VPN is on VPN 7
Paul Short Frustrating VPN Double NAT Issues VPN 5
L VPN service question VPN 9
B VPN router with Wifi to internet router VPN 7
gdgross More VPN server questions VPN 8
pusb87 Which VPN Providers provide Wireguard config files VPN 7
J CVE-2024-3661 Attackers can use TunnelVision to snoop on users’ VPN traffic. VPN 1
gdgross Setting up VPN server (router?) for offsite access VPN 13
C Instant Guard IPsec VPN Log Showing Regular Access Attempts VPN 3
A Best way to set up vpn on router for gaming? VPN 13

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 645 (members: 25, guests: 620)
Top