NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
CAX30 onboard VPN
Has anybody used the onboard VPN on a CAX30 router? I have been trying for days to get it to function. I have successfully gotten the DDNS entry to work and can successfully ping the hostname. ...
- Finally got this to work ising the following
client.ovpn file:
client
remote (your hostname here) 12973
dev tun
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
<CA>
(laste ca.crt contents here)
</CA>
<CERT>
(paste client.crt contents here)
</CERT>
<KEY>
(paste client.key contents here)
</KEY>
key-direction 1
<TLS-AUTH>
(paste ta.key contents here)
</TLS-AUTH>
remote-cert-tls server
cipher AES-256-CBC
verb 5
mute 5
comp-lzo
fast-io
route-delay 2
route-method exe
Sryan,
No, I do not have access to a CAX30 gateway.
Over many years I have successfully utilized the OpenVPN server available on Netgear router models R7000, R7800, and R9000.
The administrative log entries on the routers for VPN Service have not been functional for the past 5+ years. It went away after one of the firmware updates. Either Netgear does not know or they do know and decline to devote any resources to correct the situation. Result is the same either way.
When a family member is connected to my OpenVPN server, I can review the Attached Devices page and see their machine/device by name with the locally assigned IP address. This goes away when they disconnect.
I run my router with Access Control disabled. When an OpenVPN connection is established to my router, the connected device shows up on the device listing on the Access Control page. This goes away when they disconnect.
I struggled with OpenVPN configuration when I first attempted to set it up. In particular on Android devices. On Windows machines, I found the connection logs created by the client software to be very informational. The original .ovpn configuration files generated by Netgear set the variable verb to 0. If you change it to verb 5, it will generate additional information.
Finally got this to work ising the following
client.ovpn file:
client
remote (your hostname here) 12973
dev tun
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
<CA>
(laste ca.crt contents here)
</CA>
<CERT>
(paste client.crt contents here)
</CERT>
<KEY>
(paste client.key contents here)
</KEY>
key-direction 1
<TLS-AUTH>
(paste ta.key contents here)
</TLS-AUTH>
remote-cert-tls server
cipher AES-256-CBC
verb 5
mute 5
comp-lzo
fast-io
route-delay 2
route-method exe
client.ovpn file:
client
remote (your hostname here) 12973
dev tun
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
<CA>
(laste ca.crt contents here)
</CA>
<CERT>
(paste client.crt contents here)
</CERT>
<KEY>
(paste client.key contents here)
</KEY>
key-direction 1
<TLS-AUTH>
(paste ta.key contents here)
</TLS-AUTH>
remote-cert-tls server
cipher AES-256-CBC
verb 5
mute 5
comp-lzo
fast-io
route-delay 2
route-method exe
Outstanding. Thank you for sharing the details.
Recommend you mark this as resolved so others can benefit.