NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
VPN passthrough not working
Hi, I have the Netgear Router RAXE500 and have VPN set up and have been using it since the day I got it. Just recently, when connected to the VPN, I don't get any Internet or local access pass t...
mnhim001,
I reverted back to V1.0.12.96_2.0.45 and the VPN is now working properly...
You might want to give that a try before jumping through a bunch of hoops for Netgear support...
I was able to view the log and I see the GW and DNS as 192.168.254.1. This is not the local IP of my router. I had reassigned it when I first received the RAXE500. Can this be the issue? If so, how do I even change it within the router?
With VPN connected, it does show on my RAX500 that I am connected. I was able to check RAXE500 on a LAN connected workstation.
For testing, I used my mobile data to connect to VPN, then tried to access the RAXE500 admin page and it failed. After disconnecting from VPN, tried the admin page again and it worked via the same device.
I am using the DDNS option built into RAXE500 which is hosted by No-IP. It's a turn on or turn off function, nothing to configure on that page.
With VPN connected, it does show on my RAX500 that I am connected. I was able to check RAXE500 on a LAN connected workstation.
For testing, I used my mobile data to connect to VPN, then tried to access the RAXE500 admin page and it failed. After disconnecting from VPN, tried the admin page again and it worked via the same device.
I am using the DDNS option built into RAXE500 which is hosted by No-IP. It's a turn on or turn off function, nothing to configure on that page.
mnhim001 wrote:
I was able to view the log and I see the GW and DNS as 192.168.254.1. This is not the local IP of my router. I had reassigned it when I first received the RAXE500. Can this be the issue? If so, how do I even change it within the router?
With VPN connected, it does show on my RAX500 that I am connected. I was able to check RAXE500 on a LAN connected workstation.
For testing, I used my mobile data to connect to VPN, then tried to access the RAXE500 admin page and it failed. After disconnecting from VPN, tried the admin page again and it worked via the same device.
I am using the DDNS option built into RAXE500 which is hosted by No-IP. It's a turn on or turn off function, nothing to configure on that page.
I presume you have a valid login at No-IP and pay their annual fee?
What device, brand name and model number, is upstream of your RAXE500 between it and the internet?
I am only using the no-ip free account. So, I log in monthly to keep the name alive.
I have fiber with hardware provided by Frontier. I don't have that information with me at the moment.
I am having the same issue and have been working with Netgear support for a while on this. They are unable to find a fix for the issue so far. Maybe a firmware update is needed to get this fixed?
What is the issue that they have given to you?
Hi mnhim001, Netgear support spent almost 2 hours trying to fix my issue before I had to leave the phone call... They took my phone number and said that they would call back and I haven't heard from them yet.
Also, I am discussing the problem with Netgear support over email. No resolution there either.
I did find this: https://community.netgear.com/t5/Nighthawk-with-WiFi-6-AX-and/RAXE500-VPN-missing-client-key/m-p/2349043
I think I may try to revert to the older firmware today to see if the latest firmware is the cause of the broken VPN. It would be nice to hear from Netgear support on this sooner than later...
All the information is in my ticket # 47957947... Please review the ticket...
It is easy enough to confirm if the client.key configuration file generated by your RAXE500 is empty or not.
Do a fresh download of the Windows configuration zip file from your router. Extract the client.key file from the zip file. Use a text editor program like Notepad to open the file and look. The file should be several lines of encrypted data.
See attached. Report back your results please.
It does show private key, but does not show as an RSA private key.
mnhim001,
I reverted back to V1.0.12.96_2.0.45 and the VPN is now working properly...
You might want to give that a try before jumping through a bunch of hoops for Netgear support...
jericonst wrote:mnhim001,
I reverted back to V1.0.12.96_2.0.45 and the VPN is now working properly...
You might want to give that a try before jumping through a bunch of hoops for Netgear support...
You do not have the same issue as jericonst. However, his information was informative.
Back to the question, what device brand name and model number is upstream of your RAXE500? Configuration of that device can block the RAXE500 from having access to the internet via OpenVPN.
For test purposes, you might want to revert back to the firmware version noted above. If you do, be sure and turn off automatic firmware updates. Also you should create a new set of configuration files with the old firmware.
I think its an issue with port forwarding. I opened up a port trying to setup WireGuard and that still didn't work.
I went to https://www.yougetsignal.com/tools/open-ports/ to check if my port was open and it shows closed.
Again...sorry I forgot to gather the information you needed on my Fiber hardware.
I am also experiencing the same issue (VPN Passthrough is not working). I can connect with errors to the VPN but I cannot browse any website.
I opened the case# 48002888 in case this helps.
- Go back 1 firmware.
Absolutely. That was the only way to get the VPN Passthrough working. Going back to V1.0.12.96_2.0.45
NG needs to definitely do a better job with these releases.
