NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
CAX30 onboard VPN
Has anybody used the onboard VPN on a CAX30 router? I have been trying for days to get it to function. I have successfully gotten the DDNS entry to work and can successfully ping the hostname. ...
- Finally got this to work ising the following
client.ovpn file:
client
remote (your hostname here) 12973
dev tun
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
<CA>
(laste ca.crt contents here)
</CA>
<CERT>
(paste client.crt contents here)
</CERT>
<KEY>
(paste client.key contents here)
</KEY>
key-direction 1
<TLS-AUTH>
(paste ta.key contents here)
</TLS-AUTH>
remote-cert-tls server
cipher AES-256-CBC
verb 5
mute 5
comp-lzo
fast-io
route-delay 2
route-method exe
Currently running V2.1.3.10 firmware (with traffic meter disabled, not on Comcast)
I'm reposting this in the Cablemodems message board. Sorry for posting it here.
Just a reminder, you cannot test a client device that is connected to the same network where the server (router) is connected. On a mobile device, you have to turn off Wi-Fi and connect to the internet through cell data.
I am a Windows/Android type and use the operating system specific OpenVPN applications. You do not have to manipulate either configuration set to install/import for these operating systems. Downloaded from the router in a zip file, the Windows configuration set is four files and the Android is one file.
Kitsap,
Thanks for the reply. Yes I have been switching to my cell-only net connection for testing.
Regarding the configuration files.. The OpenVPN Connect app for apple devices require
a single .ovpn file using json style certificate and key information. The files downloaded
from the CAX30 contain this information in separate files (ca.crt, client.crt, client.key, ta.key).
I will try today to get a windows and linux machine to connect using the separate file set
directly from the CAX30.
I see in your bio that you are using a CM2050V->R9000. Have you successfully configured
a VPN to work on a CAX30?
And THANKS for the help,
sryan
Kitsap,
I forgot to ask in my reply..
Do you know of any way to turn on logging information that might show
if the VPN port numbers are being reached on the CAX30? I have tried
turning on VPN log messages (and also all log messages) and get nothing.
I am using Mediacom as a ISP and I suppose it's possible that they have
some crazy port restriction. I've been using the default port numbers
12973/4.
I am able to successfully ping the hostid so DDNS seems to be getting me
to the modem.
sryan
Sryan,
No, I do not have access to a CAX30 gateway.
Over many years I have successfully utilized the OpenVPN server available on Netgear router models R7000, R7800, and R9000.
The administrative log entries on the routers for VPN Service have not been functional for the past 5+ years. It went away after one of the firmware updates. Either Netgear does not know or they do know and decline to devote any resources to correct the situation. Result is the same either way.
When a family member is connected to my OpenVPN server, I can review the Attached Devices page and see their machine/device by name with the locally assigned IP address. This goes away when they disconnect.
I run my router with Access Control disabled. When an OpenVPN connection is established to my router, the connected device shows up on the device listing on the Access Control page. This goes away when they disconnect.
I struggled with OpenVPN configuration when I first attempted to set it up. In particular on Android devices. On Windows machines, I found the connection logs created by the client software to be very informational. The original .ovpn configuration files generated by Netgear set the variable verb to 0. If you change it to verb 5, it will generate additional information.
