Help with OpenVPN Errors (using Netgear Router)

HomeWPoe · Friday at 6:17 PM

As far as I know, we followed all the Netgear steps for installing/activating OpenVPN on our Windows laptop and Netgear AX4200 router. Turned on DDNS in the router and entered the appropriate user/password info from noip.com (successfully communicated with noip.com using the Netgear router "Show Status" function). Enabled VPN Service inside the router. Installed OpenVPN on our laptop and copied the config files into the OpenVPN config directory. Renamed the OpenVPN Windows Network to "NETGEAR-VPN".

Everything appeared to go well during the installation process. Did have to add "remote-cert-tls server" to the client1.ovpn OpenVPN config file to correct a "WARNING: No server certificate verification method has been enabled" error. Unfortunately, still receiving the following errors in red when trying to manually connect using the OpenVPN Connection GUI in Windows 11:

----------------

With the firewall and antivirus turned off:

TLS Error. TLS Key Negotiation Failed to Occur within 60 sec.
TLS Error. TLS Handshake failed

----------------

With the firewall and antivirus turned on:

TCP/UDP Incoming packet rejected from xxxxxxxxxxx expected peer address (repeats approx. 10 times over a 60 sec. period)
TLS Error. TLS Key Negotiation Failed to Occur within 60 sec.
TLS Error. TLS Handshake failed

----------------

I deleted everything, rebooted and installed everything again, but received the same errors. I have nearly zero networking experience, so have no idea what to try next. Any help would be appreciated! Thx!

looktall · Friday at 7:27 PM

How old is that router?
I used to have a R7000 and when i tried to setup openvpn i found it had an expired cert or something ( i can't quite remember) and the only way i could get it to connect was using legacy mode or whatever it's called.

I decided against that and didn't use it at all.

HomeWPoe · Friday at 7:39 PM

looktall said:
How old is that router?
I used to have a R7000 and when i tried to setup openvpn i found it had an expired cert or something ( i can't quite remember) and the only way i could get it to connect was using legacy mode or whatever it's called.

I decided against that and didn't use it at all.

Thanks for the reply. It's a new Netgear AX4200 router that's still sold everywhere online. Supposedly it's compatible with OpenVPN up to v 2.7.?. We installed OpenVPN v2.6.12.

camdensnyder · Saturday at 6:17 AM

I have the same setup and use OpenVPN. You have to download the OpenVPN app on your IPhone.
1. Login to your router on a computer in your home and setup the OpenVPN on it.
2. While on your WI-FI on your IPhone, go to a web browser and login in your asus router.
3. Go to the OpenVPN under the router settings and download the link to your FILES folder on your IPhone.
4. Open the OpenVPN app on your phone and then find the OpenVPN file that you downloaded and it will create the OpenVPN.

I have the Netgear AX-68U so not sure it’s the exact same interface?

bigredfish · Saturday at 8:20 AM

I recently had a similar problem with a Netgear router for a buddy.

I did this and it fixed it

OpenVPN client issues / cannot connect remotely / Orbi RBR850

I have a weird issue trying to set up the VPN service my new Orbi RBR850 router. Here's what I have configured so far, following the guide found here: I have enabled the VPN service under Advanced tab and set everything to default UDP and port 12973 port. Changed last option to "all sites on...

community.netgear.com

Help with OpenVPN Client on Windows 10

Hello, I have looked through a lot of the posts here and I found a few that talked about this problem but I have tried and tried to get this working and I am having no luck at all. I have searched google and watched a lot of videos but nothing I can find has helped me so far. I have successfully...

community.netgear.com

I opened the /opvn file in notepad
Changed the dev to TUN instead of TAP
Changed the port? from 12974 to 12973

It worked for me - YMMV

HomeWPoe · Sunday at 6:24 PM

@bigredfish, tried the changes to the config files you suggested, but no-go.

Got a couple question ref using VPN's on Asus routers. Again, I have no networking experience

Will an Asus router support OpenVPN, Wireguard, etc. natively? In other words, once installed/activated, will you need a windows computer operating on your network to keep the VPN active? If true, I assume this is why a VPN is so much easier to setup on an Asus?

I'm getting the impression Netgear requires a Windows computer (with OpenVPN installed) be operating on the network in order for OpenVPN to remain active?

Thx!

looktall · Sunday at 6:40 PM

HomeWPoe said:
I'm getting the impression Netgear requires a Windows computer (with OpenVPN installed) be operating on the network in order for OpenVPN to remain active?

My Netgear didn't.
It was all served from the router.

Just to confirm, you're testing this on your windows laptop as the VPN client?
How are you try to connect the laptop to the VPN?
What internet connection are you using for the laptop?

bigredfish · Sunday at 6:51 PM

No, both VPNs server run on the router. No pc necessary

I haven’t seen Netgear natively support WireGuard, maybe the new ones?
A number of Asus models do.

I use the vpn server on my firewall box, it gives me both choices. I’ve found WireGuard to be quite a bit faster

bigredfish · Sunday at 6:54 PM

[Wireless Router] How to set up WireGuard® VPN server? | Official Support | ASUS Global

HomeWPoe · Sunday at 8:27 PM

looktall said:
My Netgear didn't.
It was all served from the router.

Just to confirm, you're testing this on your windows laptop as the VPN client?
How are you try to connect the laptop to the VPN?
What internet connection are you using for the laptop?

Yes, testing everything using my laptop. Have tried connecting to the router via ethernet and wifi with same results. My opening post for this thread pretty much covers everything we're experiencing with the Netgear. If it could make that last connection on port 12974 it would be a go IMO. Posted my problem in the community.netgear.com forum yesterday, but no replies after 70+ views.

Very close to returning the Netgear router and going with Asus.

looktall · Sunday at 8:31 PM

But what internet connection are you using on your laptop to connect to the VPN?

bigredfish · Sunday at 8:37 PM

^^^^^
You made need to be outside of your LAN. Try on your phone with the OpenVPN app with wifi off. On 5g

HomeWPoe · Sunday at 9:51 PM

Thanks for the help!

I've tried connecting using the OpenVPN iOS iphone app using 5g and wifi---no-go. Get the Windows OpenVPN config files loaded to the OpenVPN iOS app, it opens the profile, but the app responds with: "Error message: UKNOWN/UNSUPPORTED OPTIONS: dev -node Unsupported option (ignored): resolv-retry,persist-key,persist-tun

I assumed this was because the Windows OpenVPN app never connected because of the errors noted in my first post. I was under the impression the Windows OpenVPN app must install/connect successfully before you can connect with the OpenVPN iOS app.

bigredfish · Sunday at 9:55 PM

The windows app and phone app have nothing to do with each other

I can't connect inside my own LAN

That message points to the Dev TUN rule I mentioned I think. I'm running it on 4 Netgear routers right now

bigredfish · Sunday at 9:57 PM

HomeWPoe said:
Thanks for the help!

I've tried connecting using the OpenVPN iOS iphone app using 5g and wifi---no-go. Get the Windows OpenVPN config files loaded to the OpenVPN iOS app, it opens the profile, but the app responds with: "Error message: UKNOWN/UNSUPPORTED OPTIONS: dev -node Unsupported option (ignored): resolv-retry,persist-key,persist-tun

I assumed this was because the Windows OpenVPN app never connected because of the errors noted in my first post. I was under the impression the Windows OpenVPN app must install/connect successfully before you can connect with the OpenVPN iOS app.

There are separate OVPN profile files for windows and mobile

HomeWPoe · Sunday at 10:59 PM

Thanks for getting me back on track! After I uploaded the iphone config file, OpenVPN on the iphone successfully connected! Why I uploaded the Windows config file to my iphone is beyond me--lol! Tired, I guess.

After reloading the original Windows config file, then accessing the internet using a hotspot on another iphone, the OpenVPN GUI icon turned green and connected! However, no internet access. Tried @bigredfish's suggestion to swap change dev tap to dev tun, and change the port number for remote xxxx.netgear.com from 12974 to 12973. Wouldn't you know it successfully connected, plus we had internet access! Nice!

Still have one error remaining:

2024-09-22 21:30:37 us=406000 WARNING: No server certificate verification method has been enabled.

Everything I've read says loading "remote-cert-tls server" to the Windows OpenVPN config file should clear this error, but it doesn't. With this entry it won't connect, plus it causes 4 or 5 more errors. I guess for now I can live with this error.

Thanks for all your help, @bigredfish and @looktall. Couldn't have gotten this far without your help!!

bigredfish · Monday at 9:03 AM

Ignore the server cert error

Search

Help with OpenVPN Errors (using Netgear Router)

HomeWPoe

Young grasshopper

looktall

Getting comfortable

HomeWPoe

Young grasshopper

camdensnyder

Pulling my weight

bigredfish

Known around here

OpenVPN client issues / cannot connect remotely / Orbi RBR850

Help with OpenVPN Client on Windows 10

HomeWPoe

Young grasshopper

looktall

Getting comfortable

bigredfish

Known around here

bigredfish

Known around here

HomeWPoe

Young grasshopper

looktall

Getting comfortable

bigredfish

Known around here

HomeWPoe

Young grasshopper

bigredfish

Known around here

bigredfish

Known around here

HomeWPoe

Young grasshopper

bigredfish

Known around here