404.org 0 Posted ... Hi! After HOURS with BIG frustration i think i'm now only repeating my mistakes in setting up the router with airvpn.No ideas anymore which errors i've done.It's an Archer C7 v2, Firmware Version DD-WRT v3.0-r29837 std (06/06/16)Kernel Version Linux 3.18.33 mips, CPU Model Qualcomm Atheros QCA9558 ver 1 rev 1.0 (0x1130) Below are some shots, reported errors in the status-sheet are reproducible. WTF is wrong? Thank you for reading (+ help!) Quote Share this post Link to post
dj77 6 Posted ... Port? Hash algorithm and nat looks wrong https://airvpn.org/ddwrt/ Quote Share this post Link to post
404.org 0 Posted ... Thanks for advices and the link, so i did some changes: set Server IP/Name (Time Settings) to ca.pool.ntp.orgset Hash Algorithm to SHA1set TLS Cipher to ...GCM-SHA384 +set TLS Cipher (in 2nd try) to Noneset NAT to Enable Port 1194 is the latest try in a bunch of series switching between TCP and UDPand their recommended ports 443/80 to set the router ready for VPN.Also port 1194 in OpenVPN Client is the "Default". Obviously port 1194 was considered in AirVPNs Config Generator to get freshand functional crt's/key's. Every change in the settings was coupled with a restart of the router. There aresome lightly changes in status, but the guiding thread in ALL reported errors is"N TLS Error: TLS key negotiation failed to occur within 60 seconds (check yournetwork connectivity)". Below the latest shot from OpenVPN-Status. Quote Share this post Link to post
dj77 6 Posted ... Please add on basic setup dns 2 google dns 8.8.8.8 or something else like opendns.... and try with port 443 too Did you add all the certs too? Quote Share this post Link to post
404.org 0 Posted ... So I did some changes: got some fresh generatet certs/keys... os: routerServer: planetProtocol: UDP/443ta.key --> TLS Auth Keyca.cert --> CA Certuser.cert --> Public Client CertClient.key --> Private Client Key ...saved + router restartet Below the latest shots Quote Share this post Link to post
go558a83nk 365 Posted ... Have you tried unchecking nscerttype? I don't think that's right. Also, I think you need to select a TLS algorithm. Also, I encourage you to do some reading on what the firewall is there. I don't use dd-wrt but it might be proper to use that. I know when I used asus-wrt automatic firewall was the typical option. Quote Share this post Link to post
404.org 0 Posted ... Thanks for all the engagement! I did the recommenend changes: ...uncheck --> nscerttype + restart (see thumbnail status-2) ...chose --> TLS algorithm TLS-DHE-RSA-WITH-AES-256-GCM-SHA-384 + restart (see thumbnail status-2a) Well, for me it would be acceptable if i make a mistake. This is optimal, because it can be recognized and resolvedlighgty with some help from the community. But in this case something went terrible wrong and apparently the problem isn't visible, and THAT graduallyis driving me crazy. You don't use dd-wrt for specific reasons are given. My intention to switch to open-wrt, gargoyle or something similar exist for quiet some time, but this is a unconditional surrender in face of an unknown problem. Perhaps it's a bug in dd-wrt firmware, deliberately after some early tests and trys i downgraded the firmwareunderneath openvpn 2.4... Or maybe it's corrupted hardware, but the C7 came fresh out of the box... At last there is a faint suspicion in the "direction" of my cable-provider in blocking something, i don't know... Quote Share this post Link to post
Not connected, Your IP: 3.145.41.203
Online: 28122 users - 326856 Mbit/s total BW