NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Marrik
Jan 17, 2024Guide
OpenVPN v3 on Windows 11
Hi all,
I have an Orbi RBS50 router (running the latest firmware) on which I activated VPN. On my iPhone I can connect just fine to it.
Now I want my laptop (Windows 11 Pro) to connect to it so I downloaded OpenVPN v3 and tried to import the "client.ovpn" file, which I exported from my router. The import fails with the message "TAP mode is not supported".
I've read on the OpenVPN forum that v3 will not support TAP mode, only OpenVPN v2 supports it. So I downloaded v2 and tried to import the ovpn file again. This time that works however, when want to connect to my VPN, OpenVPN v2 says "no VPN servers found". 😬
So my next step was try using the default Windows 11 VPN client. This connection needs a certificate so I imported the ca and client certificates but they do not show up in the W11 VPN certificate list. 😒
Any ideas on how to solve this?
Thanks!
KR, Marrik
13 Replies
Replies have been turned off for this discussion
- FURRYe38Guru - Experienced User
Something to contact OpenVPN about.
- MarrikGuide
That might be a good option. 😀
- CrimpOnGuru - Experienced User
Yes, the version of OpenVPN server on the Orbi router is so old that the default ovpn file for Windows is a tap connection.
One solution is to modify the ovpn file and change it to a tun connection.
client
dev tun
proto udp
dev-node NETGEAR-VPN
remote xxxxxxx.mynetgear.com 12973
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
cipher AES-128-CBC
comp-lzo
verb 0
sndbuf 393216
rcvbuf 393216
route-method exe
I use both OpenVPN 2.6.8 and OpenVPN 3.4.3 on Windows.
- MarrikGuide
Hi CrimpOn,
Thanks for the suggestion. I did try that but now OpenVPN v3 gives me this error message:
option_error: sorry, unsuported options present in configuration: UNKNOWN/UNSUPPORTED OPTION (dev-node)
The dev-node refers to "NETGEAR-VPN" and I do have a VPN network connection in my list of connections with this name.
- MarrikGuide
Okay, did some more testing based on the last reply.
I removed the dev-node and set the "dev" parameter to "tun".
Now I can connect using OpenVPN v3 however, I cannot access any website (no internet) or my home network.
So some progress but not there yet. 😁
- vGruntusInitiate
Hey Marrik. I know this is an old thread, so I'm not sure how you went with this. I was able to get OpenVPN 3.7.2 working with my Orbi. I tried multiple ways to make OpenVPN 2.x work with the router but nothing ever worked. I was able to successfully connect via the phone (also based on OpenVPN 3.x,) which is what indicated that this client should be good. Here's what I changed before importing the client.ovpn file:
- dev tun
- proto tcp
- remote xxx.xxx.xxx 12973
- Removed the following lines:
- dev-node NETGEAR-VPN
- resolv-retry infinite
- persist-key
- persist-tun
This configuration still shows a warning regarding server-side compression reducing security. There's also a bunch of other issues with the security of this configuration which would be great change; however, the other change I could make was to change the cipher to AES-256-GCM.
HTH