× Introducing the Orbi 970 Series Mesh System with WiFi 7 technology. For more information visit the NETGEAR Press Room.
Orbi WiFi 7 RBE973
Reply

Re: VPN RAX120 - Windows 10

penguinpages
Tutor

VPN RAX120 - Windows 10

Trying to find RTFM for how to setup VPN.  I did the usual of enable link to no-ip.com   so my DNS for public IP does get set in the configuration client export.  I left the network acess to "auto"

 

Configuration file

####

client
dev tap
proto udp
dev-node NETGEAR-VPN
remote foobar.ddns.net 12974
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
remote-cert-tls server
auth-nocache
cipher AES-128-CBC
comp-lzo
verb 0
sndbuf 393216
rcvbuf 393216

 

***

OpenVPN Windows Client 11.20.0.0

I set client password to match that of the router (though I don't think this is required.

I unzipped all files into :C:\Program Files\OpenVPN\config\foobar.ddns.net\

 

# list of files present

Mode LastWriteTime Length Name
---- ------------- ------ ----
-a---- 10/29/2019 1:45 AM 1330 ca.crt
-a---- 10/29/2019 1:46 AM 3917 client.crt
-a---- 7/23/2021 3:09 PM 1062 client.key
-a---- 7/23/2021 3:01 PM 311 client.ovpn

 

# Click "Connect" and shows "diconnect" button.. so its trying..   but look at log:

2021-07-23 15:21:28 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
Enter Management Password:

 

 

##   

I use to just export from router and unzip file and run it.. but now it seems to have something wrong.  This is a fresh install of Windows 10x64

 

PS: I also tried to download the OpenVPN client openvpn-connect-3.3.1.2222_signed.msi   (OpenVPN Client Connect For Windows | OpenVPN) But it will not even import the file stating no support for TAP.     Not very clear on which client,  Or means to not use TAP and still connect with VPN.

Model: RAX120|Nighthawk AX12 12-Stream WiFi Router
Message 1 of 3
penguinpages
Tutor

Re: VPN RAX120 - Windows 10

Anyone have any ideas here?

 

Here are more details / attempts:

 

1)Remove all OpenVPN client.  Fresh install of https://swupdate.openvpn.org/community/releases/OpenVPN-2.5.3-I601-amd64.msi  per the switches "windows vpn setup" URL. 

 

2) Rename new TAP v9 NIC to "NETGEAR-VPN"  

 

3)Unzip download of vpn configuration of switch and copy to C:\Program Files\OpenVPN\config

 

4) Add line to avoid error "data-ciphers-fallback 'AES-128-CBC' "  to end of "client.ovpn" file

 

5) From OpenVPN Client "Clear all saved password"

 

6) Try to connect  -> Get prompted for password where I input the router "admin" password... as I guess this is what is needed

 

#  vpn logs

Mon Jul 26 12:56:09 2021 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
Mon Jul 26 12:56:09 2021 OpenSSL: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
Mon Jul 26 12:56:09 2021 OpenSSL: error:23077074:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 cipherfinal error
Mon Jul 26 12:56:09 2021 OpenSSL: error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt error
Mon Jul 26 12:56:09 2021 OpenSSL: error:0907B00D:PEM routines:PEM_read_bio_PrivateKey:ASN1 lib
Mon Jul 26 12:56:09 2021 Cannot load private key file client.key

 

##

 

What I find to be messed up is that the TAP interface never shows "connected".

 

PS C:\Users\Jerem> ipconfig

Windows IP Configuration


Unknown adapter OpenVPN Wintun:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Unknown adapter NETGEAR-VPN:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

...

 

##

 

 

 

 

 

Message 2 of 3
penguinpages
Tutor

Re: VPN RAX120 - Windows 10

Figured it out.  

 

Set VPN on router for  "All Sites"

Now export Client files for OpenVPN Client  (.zip)

  1. Download and install client

http://openvpn.net/index.php/download/community-downloads.html

 

 

  1. Rename  NIC for 'tap Adapter v9' to "NETGEAR-VPN"
  1. copy over zip Export from switch file  (Ex: sw2_openvpn_20210726_auto.zip) for VPN into "C:\Program files\OpenVPN\config"
  2. Launch OpenVPN client and import VPN Definition
  3.  From system tray launch client "Connect"

 

What was wrong was rename of NIC has stupid character in it.   And then connection worked but routing to local devices did not.. that was change in VPN setting to "All sites..."  then it started routing.

Message 3 of 3
Top Contributors
Discussion stats
  • 2 replies
  • 1396 views
  • 0 kudos
  • 1 in conversation
Announcements

Orbi WiFi 7