Jump to content
Not connected, Your IP: 54.166.223.204
ArcLight

No Internet Connection Once VPN Client Activated

Recommended Posts

I have followed the setup guide here: https://airvpn.org/asuswrt/  - although I chose servers by country and not indiviually when using the OpenVPN Configuration Generator.

 

As soon as I click activate on my router I have no internet connection. I rebooted the router and temporarily had a connection which disconnected immediately. Could this be my ISP blocking OpenVPN? I did check PPTP through my ISP was OK using PortQryUI but don't know how to and if I should for OpenVPN.

 

Any help would be greatly appreciated.

 

Share this post


Link to post

My router RT-N66U, latest ASUS firmware. I have been lead to believe I can, the UI is exactly as it's detailed on the setup guide I linked above.

 

Today I managed to connect to a German server and ran a Speedtest here, sadly after the speedtest the connection stopped.

 

Speedtest result:

 

Down: 19.590 Mbit/s Out, 0.000 Mbit/s In (0%), 20MB - Up: 8.684 Mbit/s Out, 0.000 Mbit/s In (0%), 20MB - Date: Thu, 19 Nov 2015 15:18:53 GMT - Buffers: 20MB/20MB - Laps: 3, Time: 202.34 secs

 

As can be seen above on all three runs I received 0.000 Mbits IN - is this as it should be?

 

I spoken with my ISP, Virgin Media, and was told take categorically they allow vpn.

 

I tested to see whether port 443 is open for both UDP & TCP and assume they are from the following Port Query result:

 

 Starting portqry.exe -n 37.187.0.40 -e 443 -p BOTH ...


Querying target system called:

 37.187.0.40

Attempting to resolve IP address to a name...


IP address resolved to ns2.fr.dns.d0wn.biz

querying...

TCP port 443 (https service): LISTENING

UDP port 443 (https service): LISTENING or FILTERED
portqry.exe -n 37.187.0.40 -e 443 -p BOTH exits with return code 0x00000002.

 

 

To be truthful I am really in the dark about all this and really hope to get it working, so any help would be great.

Share this post


Link to post

I have the same router

I quickly learned that there is not enough horsepower to encrypt and decrypt which causes a bottleneck. I switched to a pfsense setup.

 

Now is the firmware from Asus or Asus merlin? It matters because stock firmware would not work. I would connect and but no Internet. It wasn't until I use third party firmware that it worked but it was slow. The reason for my current setup.

 

Sent from my SAMSUNG-SM-N920A using Tapatalk

Share this post


Link to post

zhang888 & flat4 thanks for responding.

 

Just attempted a connection on Frankfurt - Aquilae - UDP-443

 

Managed a speed test:

Down: 16.803 Mbit/s Out, 0.000 Mbit/s In (0%), 20MB - Up: 9.539 Mbit/s Out, 0.000 Mbit/s In (0%), 20MB - Date: Fri, 20 Nov 2015 15:17:09 GMT - Buffers: 20MB/20MB - Laps: 3, Time: 201.90 secs

 

Download In-Tunnel registered - 0 - Error  (?)

 

After unable to load webpages. 

 

zhang888,

 

Log:

 

Nov 20 15:16:22 rc_service: httpd 244:notify_rc restart_vpncall

Nov 20 15:16:24 openvpn[582]: OpenVPN 2.3.2 mipsel-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [eurephia] [MH] [iPv6] built on Oct 27 2015

Nov 20 15:16:24 openvpn[582]: Control Channel Authentication: using 'static.key' as a OpenVPN static key file

Nov 20 15:16:24 openvpn[582]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

Nov 20 15:16:24 openvpn[582]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

Nov 20 15:16:24 openvpn[582]: Socket Buffers: R=[118784->131072] S=[118784->131072]

Nov 20 15:16:24 openvpn[588]: UDPv4 link local: [undef]

Nov 20 15:16:24 openvpn[588]: UDPv4 link remote: [AF_INET]46.165.208.70:443

Nov 20 15:16:24 openvpn[588]: TLS: Initial packet from [AF_INET]46.165.208.70:443, sid=94b77988 71ea3a09

Nov 20 15:16:24 openvpn[588]: VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org

Nov 20 15:16:24 openvpn[588]: Validating certificate key usage

Nov 20 15:16:24 openvpn[588]: ++ Certificate has key usage  00a0, expects 00a0

Nov 20 15:16:24 openvpn[588]: VERIFY KU OK

Nov 20 15:16:24 openvpn[588]: Validating certificate extended key usage

Nov 20 15:16:24 openvpn[588]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication

Nov 20 15:16:24 openvpn[588]: VERIFY EKU OK

Nov 20 15:16:24 openvpn[588]: VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org

Nov 20 15:16:43 openvpn[588]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Nov 20 15:16:43 openvpn[588]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Nov 20 15:16:43 openvpn[588]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Nov 20 15:16:43 openvpn[588]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Nov 20 15:16:43 openvpn[588]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA

Nov 20 15:16:43 openvpn[588]: [server] Peer Connection Initiated with [AF_INET]46.165.208.70:443

Nov 20 15:16:46 openvpn[588]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

Nov 20 15:16:46 openvpn[588]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.4.0.1,comp-lzo no,route-gateway 10.4.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.4.9.176 255.255.0.0'

Nov 20 15:16:46 openvpn[588]: OPTIONS IMPORT: timers and/or timeouts modified

Nov 20 15:16:46 openvpn[588]: OPTIONS IMPORT: LZO parms modified

Nov 20 15:16:46 openvpn[588]: OPTIONS IMPORT: --ifconfig/up options modified

Nov 20 15:16:46 openvpn[588]: OPTIONS IMPORT: route options modified

Nov 20 15:16:46 openvpn[588]: OPTIONS IMPORT: route-related options modified

Nov 20 15:16:46 openvpn[588]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

Nov 20 15:16:46 openvpn[588]: TUN/TAP device tun15 opened

Nov 20 15:16:46 openvpn[588]: TUN/TAP TX queue length set to 100

Nov 20 15:16:46 openvpn[588]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0

Nov 20 15:16:46 openvpn[588]: /sbin/ifconfig tun15 10.4.9.176 netmask 255.255.0.0 mtu 1500 broadcast 10.4.255.255

Nov 20 15:16:51 openvpn[588]: /sbin/route add -net 46.165.208.70 netmask 255.255.255.255 gw 82.5.124.1

Nov 20 15:16:51 openvpn[588]: /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.4.0.1

Nov 20 15:16:51 openvpn[588]: /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.4.0.1

Nov 20 15:16:51 openvpn[588]: Initialization Sequence Completed

 

Is there anything that indicates the problem? Thank you.

 

Flat4,

 

Thanks for letting me know - it does seem to me what is happening my end is the same as how you described sadly; the RT-N66U not having the power capability and I guess from what you said flashing with a third party firmware will enable a functioning connection but at reduced speeds?

 

My connection is 24/7 160Mbs Down & 12Mbs UP - Silly question I know but what ball park reduction would I see, because I would be happy with a stable reduction like 10-20 Down and 10-12 UP on a consistent vpn connection - or doesn't it work like that?

 

I did once look at the pfsense sometime ago but was daunted by the cost and complexity. May I ask what your setup is?

 

Again thank you both for helping on this.

 

Could anyone suggest a make/model of router that would work out-of-the-box?

Share this post


Link to post

Flat4,

 

Thanks for letting me know - it does seem to me what is happening my end is the same as how you described sadly; the RT-N66U not having the power capability and I guess from what you said flashing with a third party firmware will enable a functioning connection but at reduced speeds?

 

My connection is 24/7 160Mbs Down & 12Mbs UP - Silly question I know but what ball park reduction would I see, because I would be happy with a stable reduction like 10-20 Down and 10-12 UP on a consistent vpn connection - or doesn't it work like that?

 

I did once look at the pfsense sometime ago but was daunted by the cost and complexity. May I ask what your setup is?

 

Again thank you both for helping on this.

 

Could anyone suggest a make/model of router that would work out-of-the-box?

 

pfsense is FREE, if you have a old pc like a duo core or something like that it would work. I believe the ASUS AC68U or something like that had a pretty good setup up for good vpn speed. 

 

What i suggest is that you load Eddie and try it as see what kind of speeds you get while on vpn gives you a better idea. 

Share this post


Link to post

Flat4,

 

I see, just stumbled over a how-to video on tek syndicate - 

 

pfSense: How to Turn an Old PC into an Epic Router

 

I've got an old Dell Tower which I think I'll covert sometime soon. 

 

Could you elaborate on what you mean by loading Eddie please.

 

Many thanks.

 

Appreciate your help on this.

Share this post


Link to post

From your logs, it doesn't seem that there was some kind of disconnection after this attempt.

So we need more logs, if you have.

 

What is your WAN connection method? DHCP? We need some info from that page.

You will also need custom DNS servers, like 10.4.0.1 or at least 8.8.8.8 - your ISP will not allow

you to use it's DNS servers from outside IPs.

 

P.S.

In any case, your router is not capable to provide 100Mbps+ speeds, obviously.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

Hello,

I signed up today; have a 1year subscription and I have exactly the same router.

And I had the problems with the latest Asus firmware. (my router disconnected immediately and was unresponsive)

 

I resolved this problem by downloading the latest firmware from Merlin.

https://www.mediafire.com/folder/bkfq2a6aebq68/Asuswrt-Merlin#2324w3jh7e4q4

 

Maybe this helps...? If it works: please give him a paypal thank you gift (on his website) for his excellent work.

 

some of the cool fixes Merlin added:

- 64K NVRAM for the RT-N66U
- HTTPS webui
- VPN client connection state report
- OpenVPN client and server
- SSHD

Share this post


Link to post

Hello,

I signed up today; have a 1year subscription and I have exactly the same router.

And I had the problems with the latest Asus firmware. (my router disconnected immediately and was unresponsive)

 

I resolved this problem by downloading the latest firmware from Merlin.

https://www.mediafire.com/folder/bkfq2a6aebq68/Asuswrt-Merlin#2324w3jh7e4q4

 

Maybe this helps...? If it works: please give him a paypal thank you gift (on his website) for his excellent work.

 

some of the cool fixes Merlin added:

- 64K NVRAM for the RT-N66U

- HTTPS webui

- VPN client connection state report

- OpenVPN client and server

- SSHD

I am using this firmware even tho i do not use it for the VPN but as a AP for my house.

 

Sent from my SAMSUNG-SM-N920A using Tapatalk

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...