RAX200 OpenVPN connection fail from reomote IP address error

Question

I can't get an Android client to connect to the OpenVPN server running on an RAX200 running Firmware Version V1.0.1.8_1.0.39. Router logs are showing the following error:

[OpenVPN, connection fail] from reomote IP address:X.X.X.X Wednesday, Oct 02,2019 10:19:35

VPN is configured with a ddns.net hostname and the correct profiles with the ddns name have been installed on the android client. VPN is configured to use tcp/443 for tun and udp/443 for tap. Android client profile is as below:

client
dev tun
proto tcp
remote xxxxx.ddns.net 443
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
cipher AES-128-CBC
comp-lzo
verb 5

This happens only when I'm connecting via wifi at an offsite location on the Android. When i switch to 4G, it connects with no problems. At first, i thought it was some sort of firewalling happening within the offsite location, but the router logs show the VPN client does indeed reach the RAX200, just fails for some reason. Changing the ports to something other than 443 and reinstalling the OVPN package on the client afterwards also does not help, neither does switching to UDP vs TCP. Is there some way to enable more verbose logging on the RAX200 to see what is failing? I tried changing the verbosity on the client profile from 5 to 11, but no effect. Client log just shows:

Connecting to [xxxxx.ddns.net]:443 (X.X.X.X)via TCPv4

Server poll timeout, trying next remote entry...

EVENT: CONNECTION_TIMEOUT

Is there some sort of issue with the certificates used? Any help is appreciated.

arjewell23 · Answer

I think I figured out the OpenVPN timeout connection, etc.&nbsp; I spent hours tonight checking one setting at a time and then looking at the logs.&nbsp; I finally noticed that everytime I was trying to connect, the logs kept saying "to" an internal IP address.&nbsp; It looked familiar and I realized it was tyring to connect to my "Default DMZ Server" ip address which is my PS4.&nbsp; I turned it off and hit apply.&nbsp; It connected immdiatly.&nbsp; I hope this helps at least one person as I have spent hours upon hours trying to figure this out.&nbsp; "[OpenVPN, connection successfully] from remote IP address:"

Altsai · Answer

did you ever try different port# above 1000? say 8443?

adm1r4lj · Answer

Yes. Tried typical high ports... 8080, 8443, 5353, also the netgear defaults of 12973 among others, still nothing. Only thing in the Android client log is:

09:42:23.641 -- Connecting to [XXXXXXX.ddns.net]:12973 (X.X.X.X) via UDPv4
09:42:33.632 -- EVENT: CONNECTION_TIMEOUT trans=TO_DISCONNECTED

This is the output of the Android client connection log:

09:42:23.596 -- ----- OpenVPN Start -----
09:42:23.597 -- EVENT: CORE_THREAD_ACTIVE trans=TO_DISCONNECTED
09:42:23.608 -- OpenVPN core 3.git::728733ae:Release android arm64 64-bit PT_PROXY built on Aug 14 2019 14:13:26
09:42:23.609 -- Frame=512/2048/512 mssfix-ctrl=1250
09:42:23.609 -- UNUSED OPTIONS
4 [resolv-retry] [infinite]
5 [nobind]
6 [persist-key]
7 [persist-tun]
13 [verb] [5]
09:42:23.610 -- EVENT: RESOLVE trans=TO_DISCONNECTED
09:42:23.634 -- Contacting X.X.X.X:12973 via UDP
09:42:23.634 -- EVENT: WAIT trans=TO_DISCONNECTED
09:42:23.641 -- Connecting to [XXXXXXX.ddns.net]:12973 (X.X.X.X) via UDPv4
09:42:33.632 -- EVENT: CONNECTION_TIMEOUT trans=TO_DISCONNECTED
09:42:33.684 -- EVENT: CORE_THREAD_INACTIVE
09:42:33.685 -- Tunnel bytes per CPU second: 0
09:42:33.687 -- ----- OpenVPN Stop -----

arjewell23 · Answer

I too am having issues with OpenVPN on my RAX200.&nbsp; I have tried many different configurations and ports.

Christian_R · Answer

arjewell23,&nbsp;

We appreciate you sharing your experience and updating the thread!

Thank you,

Christian&nbsp;

Forum Discussion

RAX200 OpenVPN connection fail from reomote IP address error

5 Replies