NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

MAPE15's avatar
MAPE15
Guide
Jul 13, 2018
Solved

R8000 Firmware V1.0.4.18, OpenVPN not working for me

I see that someone had the same issue as me regarding the VPN service not working. For them it was resolved but for me it still is not working. I have flashed and factory reset the router. I setup po...
Firmware
Security
Troubleshooting
  • schumaku's avatar
    schumaku
    Jul 14, 2018
    MAPE15 wrote:

    My port forwarding setup is blank. Do I need to add a port forward to a specific IP? .

    No.

     

    MAPE15 wrote:

     I want my Netgear router to be the "VPN Server" so that any device I use that connects to the VPN service can have that encrypted tunnel so I do not have to pay for a 3rd party service..

    A third-party service is commonly used to "hide" your own home/business IP address when using certain services not fully "legal" only.

     

    MAPE15 wrote:

     

    I have specified that the Netgear VPN service uses a specific internal IP address for providing the service to the clients. What OpenVPN port do I need to forward to that IP?.

    Now I've lost you. There is no such setting in the VPN Settings:

     

     

    MAPE15 wrote:

    How do I send you my log files and screenshots for review?.

    By capturing screenshots by the Windos Snipping tool or using the macOS capability https://support.apple.com/en-us/ht201361 - and upload photos to the community in-line or as attachments. The OpenVPN Log is plain text, you can cpy-paste things direct to the community forum, like...

     

    Mon Jun 04 18:47:14 2018 us=317139 Current Parameter Settings:
    Mon Jun 04 18:47:14 2018 us=317139 config = 'client.ovpn'
    Mon Jun 04 18:47:14 2018 us=317139 mode = 0
    Mon Jun 04 18:47:14 2018 us=317139 show_ciphers = DISABLED
    Mon Jun 04 18:47:14 2018 us=317139 show_digests = DISABLED
    Mon Jun 04 18:47:14 2018 us=317139 show_engines = DISABLED
    Mon Jun 04 18:47:14 2018 us=317139 genkey = DISABLED
    Mon Jun 04 18:47:14 2018 us=317139 key_pass_file = '[UNDEF]'
    Mon Jun 04 18:47:14 2018 us=317139 show_tls_ciphers = DISABLED
    Mon Jun 04 18:47:14 2018 us=317139 connect_retry_max = 0
    Mon Jun 04 18:47:14 2018 us=317139 Connection profiles [0]:
    Mon Jun 04 18:47:14 2018 us=317139 proto = tcp-client
    Mon Jun 04 18:47:14 2018 us=317139 local = '[UNDEF]'
    Mon Jun 04 18:47:14 2018 us=317139 local_port = '[UNDEF]'
    Mon Jun 04 18:47:14 2018 us=317139 remote = '<nnn.nnn.nnn.nnn>'
    Mon Jun 04 18:47:14 2018 us=317139 remote_port = '12974'
    Mon Jun 04 18:47:14 2018 us=317139 remote_float = DISABLED
    ....

     

    Before we miss it: You need to test from another Internet connection, e.g. an public hotspot or the like for testing the OpenVPN config.

MAPE15's avatar
MAPE15
Guide
Jul 13, 2018

That is correct Schumaku. I have done all that and it still does not connect to the VPN service. For my Windows machine, the TAP adapter does not light up/enable when connecting with openvpn connect gui. On my Mac, it does not connect either. What should I do in this case?

schumaku's avatar
schumaku
Guru - Experienced User
Jul 14, 2018

Haven't by mishap done some port forwarding for the OpenVPN port to a LAN IP?

 

What does the log say? For example on Windows right click in the OpenVPN GUI taskbar icon and use "View Logs".

  • MAPE15's avatar
    MAPE15
    Guide
    Jul 14, 2018

    My port forwarding setup is blank. Do I need to add a port forward to a specific IP? I want my Netgear router to be the "VPN Server" so that any device I use that connects to the VPN service can have that encrypted tunnel so I do not have to pay for a 3rd party service. I have specified that the Netgear VPN service uses a specific internal IP address for providing the service to the clients. What OpenVPN port do I need to forward to that IP? How do I send you my log files and screenshots for review?. I am not sure what I am doing wrong.

    • schumaku's avatar
      schumaku
      Guru - Experienced User
      Jul 14, 2018
      MAPE15 wrote:

      My port forwarding setup is blank. Do I need to add a port forward to a specific IP? .

      No.

       

      MAPE15 wrote:

       I want my Netgear router to be the "VPN Server" so that any device I use that connects to the VPN service can have that encrypted tunnel so I do not have to pay for a 3rd party service..

      A third-party service is commonly used to "hide" your own home/business IP address when using certain services not fully "legal" only.

       

      MAPE15 wrote:

       

      I have specified that the Netgear VPN service uses a specific internal IP address for providing the service to the clients. What OpenVPN port do I need to forward to that IP?.

      Now I've lost you. There is no such setting in the VPN Settings:

       

       

      MAPE15 wrote:

      How do I send you my log files and screenshots for review?.

      By capturing screenshots by the Windos Snipping tool or using the macOS capability https://support.apple.com/en-us/ht201361 - and upload photos to the community in-line or as attachments. The OpenVPN Log is plain text, you can cpy-paste things direct to the community forum, like...

       

      Mon Jun 04 18:47:14 2018 us=317139 Current Parameter Settings:
      Mon Jun 04 18:47:14 2018 us=317139 config = 'client.ovpn'
      Mon Jun 04 18:47:14 2018 us=317139 mode = 0
      Mon Jun 04 18:47:14 2018 us=317139 show_ciphers = DISABLED
      Mon Jun 04 18:47:14 2018 us=317139 show_digests = DISABLED
      Mon Jun 04 18:47:14 2018 us=317139 show_engines = DISABLED
      Mon Jun 04 18:47:14 2018 us=317139 genkey = DISABLED
      Mon Jun 04 18:47:14 2018 us=317139 key_pass_file = '[UNDEF]'
      Mon Jun 04 18:47:14 2018 us=317139 show_tls_ciphers = DISABLED
      Mon Jun 04 18:47:14 2018 us=317139 connect_retry_max = 0
      Mon Jun 04 18:47:14 2018 us=317139 Connection profiles [0]:
      Mon Jun 04 18:47:14 2018 us=317139 proto = tcp-client
      Mon Jun 04 18:47:14 2018 us=317139 local = '[UNDEF]'
      Mon Jun 04 18:47:14 2018 us=317139 local_port = '[UNDEF]'
      Mon Jun 04 18:47:14 2018 us=317139 remote = '<nnn.nnn.nnn.nnn>'
      Mon Jun 04 18:47:14 2018 us=317139 remote_port = '12974'
      Mon Jun 04 18:47:14 2018 us=317139 remote_float = DISABLED
      ....

       

      Before we miss it: You need to test from another Internet connection, e.g. an public hotspot or the like for testing the OpenVPN config.

      • MAPE15's avatar
        MAPE15
        Guide
        Jul 15, 2018

        Hi Schumaku,

         

        After doing research and talking with Netgear phone support, I got the VPN to partially work. I had to add the --float and remote-gateway options for the OpenVPN configs. I also had to allow access in my ESET Internet Security firewall rules along with changing my Internet port status to show my WAN IP address (external) from my AT&T U-Verse modem instead of the internal IP address that was distributed from the modem's DHCP server.

         

        So for my PC, it has an error that says recursive routing detected in which it drops the TUN packets. My MacBook Pro I tested using my iPhone hotspot and the VPN worked after making those changes to the OpenVPN configs. My smartphone however, those configs will not work at all. I also noticed that the VPN connection significantly slows down my internet speed (mbits) to a crawl and I cannot figure out why since Dynamic QoS is not enabled. Would you be able to take a look at my logs and screenshot and see what the issue is?