NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
RBR20 not receiving VPN connection
Hello everyone, i'm trying to setup a vpn connection to access the network when I'm outside home. I followed the instructions provided in different posts: i configured and activated a dns (noip s...
- I have tried to change to tcp, but without success. The openvpn client starts as before, and the connection to the orb is never made.
So I have set up port forwarding, dmz, bridge mode but it looks that the ports are always closed: at least, trying from services on internet to check the status, it appears that none of the changes I make are working.
I’m starting to suspect that my ISP is blocking all ports, since I am using not a “regular” service but a wireless one (through telephone networks) because there was no coverage in my area for other tecnologies..
Sorry for the delay. Just spent far too long trying to adjust log verbosity on OpenVPN 2.5.7. and finally realized that it does no good to place:
verb 4
in the client.ovpn file if farther down in the file there is a line reading
verb 0
Stupid. Stupid. Stupid. (Also have learned that verb 4 is waaaay too much information.)
In my log file, where you have:
Fri Sep 9 09:03:30 2022 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Sep 9 09:03:30 2022 TLS Error: TLS handshake failed
My log file continues with:
2022-09-09 14:34:02 us=109000 TLS: Initial packet from [AF_INET]172.249.###.###:12974, sid=4bbca948 5e08609c
2022-09-09 14:34:02 us=203000 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear CA, name=EasyRSA, emailAddress=mail@netgear
2022-09-09 14:34:02 us=203000 VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=server, name=EasyRSA, emailAddress=mail@netgear
2022-09-09 14:34:02 us=421000 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 1024 bit RSA, signature: RSA-SHA256
2022-09-09 14:34:02 us=421000 [server] Peer Connection Initiated with [AF_INET]172.249.112.236:12974
Indicating the TLS handshake has succeeded.
All I can think of is the nature of UDP. There is no "handshake" as with TCP/IP. The only way a program knows that a UDP packet has been received is if the remote system sends something back. In this case, the first thing that OpenVPN sends is that TLS handshake.... and it does not get a response.
This would appear to indicate that something is blocking the connection to the router port.
UDP is preferred over TCP/IP because it is more efficient (less overhead). In this case, it might be worth experimenting by:
- Changing the option from UDP to TCP
- Generating a new Windows config file
- Trying OpenVPN with the new config file.
I have tried to change to tcp, but without success. The openvpn client starts as before, and the connection to the orb is never made.
So I have set up port forwarding, dmz, bridge mode but it looks that the ports are always closed: at least, trying from services on internet to check the status, it appears that none of the changes I make are working.
I’m starting to suspect that my ISP is blocking all ports, since I am using not a “regular” service but a wireless one (through telephone networks) because there was no coverage in my area for other tecnologies..
So I have set up port forwarding, dmz, bridge mode but it looks that the ports are always closed: at least, trying from services on internet to check the status, it appears that none of the changes I make are working.
I’m starting to suspect that my ISP is blocking all ports, since I am using not a “regular” service but a wireless one (through telephone networks) because there was no coverage in my area for other tecnologies..
.
Hi all,
i finally solved the issue.
it looks that the port forwarding was correctly set up on the ISP router, but the ISP was blocking all the ports on the infrastructure. I asked the ISP to remove this block and now everything is working.
So to all those that are accessing the internet through a wireless connection (such as a cellphone networks): check with your ISP that the ports are open on the network itself, otherwise you will spend too much time figuring out why is not working..
thank you to everyone for your support!