NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
another OpenVPN issue
Guess it's from a recent app update on both Android and W11. The connection attempt fails every time. The only warnings/errors I see are:
Fri Jan 9 16:10:22 2026 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Fri Jan 9 16:11:22 2026 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Jan 9 16:11:22 2026 TLS Error: TLS handshake failed
It recently worked although I don't recall exactly how recently - Prolly a couple/few months ago. Anyone got clues?
13 Replies
Was this working up to this point and didn't after the Android and W11 update? If so, then maybe something on there side would need to be looked at.
Might get ahold of OpenVPN as well and see if there maybe any new known issues on there side.
What NG product are you using?
The W11 issue is new since it's a new computer replacing my old W10 one. I'm away from home so can't check that but I'll wager it's on all platforms. I'm using an RAXE300 router. Again, since I'm not at home, I can't download the profile again to see if NG changed something to allow it to work.
There was a discussion recently about the server certificate verification method warning. This is similar to the warnings that modern web browsers issue when connecting to the Netgear router management web site
- http site: WARNING. insecure. (site is not encrypted)
- https site. WANRING. insecure (self-signed certificate)
The solution in both of those cases is to ignore the warning and tell the web browser to proceed to the site (while grumbling aloud, "this is MY damn router on MY network. quit bugging me.")
The TLS error is the problem.
The default configuration file for Windows is a tap connection. My practice is to modify the configuration file and change the connection type to tun (tunnel) on port 12973 (rather than 12974 - tap)
OpenVPN does not support tap connections on non-Windows and smartphones.
Huh. My existing profile is for TUN on port 12973. I was trying to use the smartphone .ovpn on W11 which worked fine in the past on W10.
Huh. My existing profile is for TUN on port 12973. I was trying to use the smartphone .ovpn on W11 which worked fine in the past on W10.
Did you remember to rename the VPN adapter name to NETGEAR-VPN ?
Also, does this also fail on your phone?
What OpenVPN Client is being used on Windows 11?
What OpenVPN Client is being used on Windows 11?
jguerdat​ - version 2.6.12 is working on my Win 11 PC, I am also using TUN on port 12973. The GUI is 11.50.0.0.
Though I have an Orbi 870 system, so we are using different routers.
The GUI, which was freshly installed as part of the package, is 11.59.0.0. I doubt that's the issue due to the phone also not working.
2.6.17-I001-AMD64
2.6.17-I001-AMD64
I'll see if I can test that and report back.
It recently worked although I don't recall exactly how recently - Prolly a couple/few months ago. Anyone got clues?
If your router is set up to respond to ping requests on the WAN interface, then you might want to try pinging your ddns name. If you use Netgear's service, then maybe go back and see if you forgot to re-up the service when you got a monthly email reminder.
It might be worth the effort to download the Windows configuration file from the router and use it rather than the smartphone configuration file.
Also, the Windows setup instructions are pretty clear about renaming the network adapter.
trying to use the smartphone .ovpn on W11 which worked fine in the past on W10
An interesting concept. I have always blindly followed the instructions, i.e. use the smartphone configuration/instructions for phone/tablet, use the Winidows configuration/instructions for Windows.
I have set the debug level to product more information in the log, i.e. change verb 0 to verb 5
