Jump to content
Not connected, Your IP: 3.147.205.19

Recommended Posts

Firmware: DD-WRT v3.0-r29300M kongac (03/30/16)

 

I have this router plugged into my Apple Airport Extreme which is setup as DHCP and NAT.

 

I get pass-through traffic, however the VPN does not seem to be connecting.

 

Share this post


Link to post

I've the same router and am running DD-WRT w/ no issue using it as an Open VPN client with AirVPN.

 

Differences from your screenshot and my setup:

 

On my settings page, I have both Gateway and Local DNS set to 0.0.0.0

DHCP Server, not Forwarder.

My time settings are different though this is probably a non-issue.

I'm connecting to an actual IP, not a hostname.

TLS Cipher set to 'None'.

 

Try giving those settings a shot though the issue could be your Apple Airport device blocking the VPN.

 

Also check the DD-WRT VPN Status page and see what the logs say.

Share this post


Link to post

From your settings, it looks like you are trying to use TLS-RSA-WITH-AES-128-CBC-SHA.

Switch it to TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 (or none, to negotiate it during the connection).

 

For a complete manual, please look here:

https://airvpn.org/ddwrt/


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

It's still not working, I have attempted to use another server and the ddwrt router is connected straight into my cable modem from Comcast.

 

Clientlog: 
19700101 10:08:52 I OpenVPN 2.3.10 arm-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Mar 30 2016 
19700101 10:08:52 I library versions: OpenSSL 1.0.2g 1 Mar 2016 LZO 2.09 
19700101 10:08:52 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16 
19700101 10:08:52 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 
19700101 10:08:52 W WARNING: file '/tmp/openvpncl/client.key' is group or others accessible 
19700101 10:08:52 W WARNING: Your certificate is not yet valid! 
19700101 10:08:52 W WARNING: file '/tmp/openvpncl/ta.key' is group or others accessible 
19700101 10:08:52 I Control Channel Authentication: using '/tmp/openvpncl/ta.key' as a OpenVPN static key file 
19700101 10:08:52 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 
19700101 10:08:52 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 
19700101 10:08:52 Socket Buffers: R=[180224->180224] S=[180224->180224] 
19700101 10:08:57 N RESOLVE: Cannot resolve host address: ch.vpn.airdns.org: Try again 
19700101 10:09:02 N RESOLVE: Cannot resolve host address: ch.vpn.airdns.org: Try again 
19700101 10:09:02 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19700101 10:09:02 D MANAGEMENT: CMD 'state' 
19700101 10:09:02 MANAGEMENT: Client disconnected 
19700101 10:09:02 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19700101 10:09:02 D MANAGEMENT: CMD 'state' 
19700101 10:09:02 MANAGEMENT: Client disconnected 
19700101 10:09:02 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19700101 10:09:02 D MANAGEMENT: CMD 'state' 
19700101 10:09:02 MANAGEMENT: Client disconnected 
19700101 10:09:03 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19700101 10:09:03 D MANAGEMENT: CMD 'status 2' 
19700101 10:09:03 MANAGEMENT: Client disconnected 
19700101 10:09:03 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19700101 10:09:03 D MANAGEMENT: CMD 'log 500' 
19700101 10:09:03 MANAGEMENT: Client disconnected 
19700101 10:09:12 N RESOLVE: Cannot resolve host address: ch.vpn.airdns.org: Try again 
19700101 10:09:22 N RESOLVE: Cannot resolve host address: ch.vpn.airdns.org: Try again 
19700101 10:09:32 N RESOLVE: Cannot resolve host address: ch.vpn.airdns.org: Try again 
19700101 10:09:42 NOTE: --mute triggered... 
19700101 10:12:52 20 variation(s) on previous 3 message(s) suppressed by --mute 
19700101 10:12:52 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19700101 10:12:52 D MANAGEMENT: CMD 'state' 
19700101 10:12:52 MANAGEMENT: Client disconnected 
19700101 10:12:52 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19700101 10:12:52 D MANAGEMENT: CMD 'state' 
19700101 10:12:52 MANAGEMENT: Client disconnected 
19700101 10:12:52 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19700101 10:12:52 D MANAGEMENT: CMD 'state' 
19700101 10:12:52 MANAGEMENT: Client disconnected 
19700101 10:12:52 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19700101 10:12:52 D MANAGEMENT: CMD 'status 2' 
19700101 10:12:52 MANAGEMENT: Client disconnected 
19700101 10:12:52 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19700101 10:12:52 D MANAGEMENT: CMD 'log 500' 
19691231 19:00:00 

ca /tmp/openvpncl/ca.crt cert /tmp/openvpncl/client.crt key /tmp/openvpncl/client.key management 127.0.0.1 16 management-log-cache 100 verb 3 mute 3 syslog writepid /var/run/openvpncl.pid client resolv-retry infinite nobind persist-key persist-tun script-security 2 dev tun1 proto udp cipher aes-256-cbc auth sha1 remote ch.vpn.airdns.org 443 comp-lzo no tun-mtu 1500 mtu-disc yes ns-cert-type server fast-io tun-ipv6 tls-auth /tmp/openvpncl/ta.key 1

Share this post


Link to post

I still get network unreachable. 

 

19691231 19:03:19 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 
19691231 19:03:19 Socket Buffers: R=[180224->180224] S=[180224->180224] 
19691231 19:03:19 I UDPv4 link local: [undef] 
19691231 19:03:19 I UDPv4 link remote: [AF_INET]46.19.137.114:443 
19691231 19:03:19 N write UDPv4: Network unreachable (code=101) 
19691231 19:03:22 N write UDPv4: Network unreachable (code=101) 
19691231 19:03:23 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19691231 19:03:23 D MANAGEMENT: CMD 'state' 
19691231 19:03:23 MANAGEMENT: Client disconnected 
19691231 19:03:23 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19691231 19:03:23 D MANAGEMENT: CMD 'state' 
19691231 19:03:23 MANAGEMENT: Client disconnected 
19691231 19:03:23 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19691231 19:03:23 D MANAGEMENT: CMD 'state' 
19691231 19:03:23 MANAGEMENT: Client disconnected 
19691231 19:03:23 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19691231 19:03:23 D MANAGEMENT: CMD 'status 2' 
19691231 19:03:23 MANAGEMENT: Client disconnected 
19691231 19:03:23 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19691231 19:03:23 D MANAGEMENT: CMD 'log 500' 
19691231 19:00:00 

Share this post


Link to post

On the settings page, I have DHCP Server turned on and 10.4.0.1 in the Static DNS 1 entry.

Share this post


Link to post

I personally have had many dns issues and nat issues with airvpn .I would suggest this as I have had a similar problem to what I see you having.First check the spec page and depending on your connection port example "443",use the dns in the first static box.For the second 2 boxes use 208.67.222.222 and 208.67.220.220.Then also make sure your ntp sever is set to enable of couse and that your router has the correct time.After all these simple checks and solutions,you should be up and running.Also update the ta cert with a new downloaded version as I have seen this fix the tls errors some get.Hope this helps.

Share this post


Link to post

Hello!
 
First you need to solve the most basic problem and only then a proper troubleshooting can be done, because the first failure may cause all the other apparent problems.

19700101 10:08:52 W WARNING: Your certificate is not yet valid!

Not only this means that your router date is wrong (preventing any successful handshake), but also that the router probably can't even reach an NTP server. Please check.

Kind regards

Share this post


Link to post

I am having an issue with DNS right now.Whenever I set the 10.5.0.1 as static in first slot and whatever other dns in 2nd and 3rd I am getting a tls error and log shows 1969 all the way down to bottom.I deleted the 10.5.0.1 and used just open dns in slot 1 and 2 and the error went away,it connected and date went back to normal except at bottom 1 entry says 1969

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...