NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
OpenVPN Not connecting in Orbi system
Hi, i have a brandnew ORBI RBK23 system (1 router, 2 satellites), router connected to cable modem. The ORBI router as replacement for a Nighthawk R7000, on which a VPN service worked flawlessly. Conn...
FOUND IT! Thanks to you. I changed the settings of TUN back to UDP and now it is working all right! I forgot that I initially tested it over the home network and as you said, that does not work (but it did on my previous router, so that caused my confusion). When I set the wifi on my iPad to my smart phone 4G hotspot, it works fine now!!
The only thing that is still bothering me is the lg in the windows client (notebook with windows 10). Connection is achieved all right, but in the log I see this:
Tue Nov 20 10:03:33 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Nov 20 10:03:44 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent thisShould I start a new topic on this, or may I ask your opinion about this too? (I tried to understand what is explained in the provided openvpn.net link, but can't get a grip on the contents; seems that I have to do a lot of programming, which seems very difficult).
But anyhow, by this conversation with you, my problems with the connection, anyway on my iPad as well as my android smart phone, are completely solved! Thank you very much!
Did that after the initial udp option did not work (same problem), and on the former router Nighthawk R7000, this was the working setting...
FOUND IT! Thanks to you. I changed the settings of TUN back to UDP and now it is working all right! I forgot that I initially tested it over the home network and as you said, that does not work (but it did on my previous router, so that caused my confusion). When I set the wifi on my iPad to my smart phone 4G hotspot, it works fine now!!
The only thing that is still bothering me is the lg in the windows client (notebook with windows 10). Connection is achieved all right, but in the log I see this:
Tue Nov 20 10:03:33 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Nov 20 10:03:44 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Should I start a new topic on this, or may I ask your opinion about this too? (I tried to understand what is explained in the provided openvpn.net link, but can't get a grip on the contents; seems that I have to do a lot of programming, which seems very difficult).
But anyhow, by this conversation with you, my problems with the connection, anyway on my iPad as well as my android smart phone, are completely solved! Thank you very much!
Glad that this helped. Good luck :)
and to be complete for all readers of this topic, about the added questions concerning the log file of the windows client connection:
the line about the warning of certificates vanishes if one adds the line "remote-cert-tls server" to the .OVPN config file
the second warning, about the passwords cache, is of no real siginificance and can be ignored.
again many thanks to ekhalil!
I'm having the same issue...I cant seem to connect to my VPN on windows 10. I am able to connect to it no problem on my iphone and ipad. But on windows 10, I'm getting this in the log file:
Enter Management Password:
Tue Nov 20 14:47:48 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Nov 20 14:48:53 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Nov 20 14:49:58 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Nov 20 14:51:05 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Nov 20 14:52:11 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.Any help would be appreciated. Thanks in advance
_______________________________________________________________________________________________________________
UPDATE: I was trying to connect while on my home network (not sure if that matters). I tried while on my iphone hotspot and his is what i get:
Enter Management Password:
Tue Nov 20 15:02:04 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Nov 20 15:02:06 2018 TAP-Windows adapter 'NETGEAR-VPN' not foundOk, UPDATE #2: After researching the last log file entry, I renamed the TAP Windows Adapter to "NETGEAR-VPN". Now I'm getting:
Enter Management Password:
Tue Nov 20 15:12:08 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Nov 20 15:12:08 2018 Could not determine IPv4/IPv6 protocol
Tue Nov 20 15:12:13 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.I just cant win!! I already researched that as well and cant seem to find info on it. Now any help would be appreciated. Sorry, and thanks in advance
Well, since I got it running, you should be able to run it too, especially with your equipment!
I suppose you have the newest ORBI firmware, and you have a valid mynetgear.com account. And you downloaded the right files (those for Windows) from the router.
In VPN settings, leave the TUN service mode and TAP service mode as it is (so leave TUN to UPD and do not change it, like I tried to no avail, to TCP)
You already renamed the TAP adapter to NETGEAR-VPN, that is necessary too.
Did you also add the line "remote-cert-tls server" to your client.ovpn file? Because when you did, the warning about the certificates should not appear. Are you sure that the (in this way edited) client.ovpn is in the C:\program files\openvpn\config subdirectory?
And indeed, it matters that you test your VPN from a different network than your ORBI network.
Please check the above issues and let us know if this helps?
Thanks for the fast reply...
- Yes the router and satellites are on the current firmwares
- Yes my mynetgear account is valid
- Yes I downloaded the correct config files for windows
- Both TUN and TAP are default and havnet been changed
- Yes I renamed the adapter to NETGEAR-VPN as you stated
- No, I did not add that line to my config file. Is that simply added that to the send line? My config file is 1 line long...very long and nothing else. Do I add it with quotes or without?
Here is my current config file:
Only 1 line
client
dev tap
proto udp
dev-node NETGEAR-VPN
remote (removed for privacy) 12974
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
cipher AES-128-CBC
comp-lzo
verb 0
sndbuf 393216
rcvbuf 393216Not sure why it pasted as being multiple lines, that's why i included the image.
- Lastly, yes, the config file is in the correct directory
I actually gave up until i saw your reply. I will keep at it, but its very frustrating and shouldn't be this hard.
Also, opening the config file in notepad:
I added remote-cert-tls server without the quotes at the very end and when i go to save it, it says i dont have permission and need to seek file owner or administrator. I am the administrator on the machine, only 1 user.
Yes, that is what i saw too. So what i did was editing the ovpn file in the download directory and then copied the new / edited file to the config subdir. Here too the system complained about my rights, but there was the option to continue as administrator. And that worked.
The line is indeed to be placed at the end of the file, i put it right at the end, two spaces after the last character.
And indeed without he quotation marks!
Please inform about the result!
Thanks again for your help...i really appreciate it.
New Errors - New Logs...so maybe a step in the right direction. BUT, you're right, i'm not geting the "certificate" warning anymore =)
I am very sorry your problem still exists...
Btw, your client.ovpn contains exactly the same lines as mine, only mine is one long line without hard returns (in notepad), and no spaces between the lines as compared to yours (where there are hard returns). I wonder why you apparently downloaded another format...
What exactly are the "new ERRORs" you write about in your last post?
Ah, now i can see the errors, but i do not understand them...
You have the exact lines in your (as compared to my) client.ovpn, and i also tried what would happen if i make it a file with neat 18 lines (the 18th being the added line remote-cert-tls server). No difference, works equal flawlessly.
The only possible difference (but i do not know its significance) is that you keep also a client file in the C:\users\(user)\openvpn\config? Because i have not (the only place is the C:\program files\openvpn\config, along with the 3 other files of course (ca.crt, client.crt and client.key).
If the problem still exists, you might try the good old reboot of your system and / or try the whole operation without the protection of firewalls etc.
I am afraid i can’t be of further assistance (being kind of a novice myself!)
Good luck, and please post again if you have (hopefully good) news flashes!
