- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
CAX30 onboard VPN
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Has anybody used the onboard VPN on a CAX30 router?
I have been trying for days to get it to function. I have successfully gotten the DDNS
entry to work and can successfully ping the hostname.
I have downloaded the various configuration files and had to integrate the files into the single
.ovpn file required for the current OpenVPN client connect software.
I have tried OpenVPN clients on both my iphone and my macpro with no success.
Both clients timeout.
I don't see anywhere in the CAX interface that reports VPN status.
I have enabled VPN log messages on the CAX30 and see no log messages or event log entries
related to VPN service being active or started or attempts to connect. I do see the DDNS being
successfully updated at startup.
Given the flaky state of the CAX30 firmware, I am looking for confirmation from ANYBODY who has
actually gotten the onboard VPN to work on this device with any client.
Thanks in advance,
sryan
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
client.ovpn file:
client
remote (your hostname here) 12973
dev tun
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
<CA>
(laste ca.crt contents here)
</CA>
<CERT>
(paste client.crt contents here)
</CERT>
<KEY>
(paste client.key contents here)
</KEY>
key-direction 1
<TLS-AUTH>
(paste ta.key contents here)
</TLS-AUTH>
remote-cert-tls server
cipher AES-256-CBC
verb 5
mute 5
comp-lzo
fast-io
route-delay 2
route-method exe
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: CAX30 onboard VPN
Currently running V2.1.3.10 firmware (with traffic meter disabled, not on Comcast)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: CAX30 onboard VPN
I'm reposting this in the Cablemodems message board. Sorry for posting it here.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: CAX30 onboard VPN
Just a reminder, you cannot test a client device that is connected to the same network where the server (router) is connected. On a mobile device, you have to turn off Wi-Fi and connect to the internet through cell data.
I am a Windows/Android type and use the operating system specific OpenVPN applications. You do not have to manipulate either configuration set to install/import for these operating systems. Downloaded from the router in a zip file, the Windows configuration set is four files and the Android is one file.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: CAX30 onboard VPN
Kitsap,
Thanks for the reply. Yes I have been switching to my cell-only net connection for testing.
Regarding the configuration files.. The OpenVPN Connect app for apple devices require
a single .ovpn file using json style certificate and key information. The files downloaded
from the CAX30 contain this information in separate files (ca.crt, client.crt, client.key, ta.key).
I will try today to get a windows and linux machine to connect using the separate file set
directly from the CAX30.
I see in your bio that you are using a CM2050V->R9000. Have you successfully configured
a VPN to work on a CAX30?
And THANKS for the help,
sryan
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: CAX30 onboard VPN
Kitsap,
I forgot to ask in my reply..
Do you know of any way to turn on logging information that might show
if the VPN port numbers are being reached on the CAX30? I have tried
turning on VPN log messages (and also all log messages) and get nothing.
I am using Mediacom as a ISP and I suppose it's possible that they have
some crazy port restriction. I've been using the default port numbers
12973/4.
I am able to successfully ping the hostid so DDNS seems to be getting me
to the modem.
sryan
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: CAX30 onboard VPN
Sryan,
No, I do not have access to a CAX30 gateway.
Over many years I have successfully utilized the OpenVPN server available on Netgear router models R7000, R7800, and R9000.
The administrative log entries on the routers for VPN Service have not been functional for the past 5+ years. It went away after one of the firmware updates. Either Netgear does not know or they do know and decline to devote any resources to correct the situation. Result is the same either way.
When a family member is connected to my OpenVPN server, I can review the Attached Devices page and see their machine/device by name with the locally assigned IP address. This goes away when they disconnect.
I run my router with Access Control disabled. When an OpenVPN connection is established to my router, the connected device shows up on the device listing on the Access Control page. This goes away when they disconnect.
I struggled with OpenVPN configuration when I first attempted to set it up. In particular on Android devices. On Windows machines, I found the connection logs created by the client software to be very informational. The original .ovpn configuration files generated by Netgear set the variable verb to 0. If you change it to verb 5, it will generate additional information.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
client.ovpn file:
client
remote (your hostname here) 12973
dev tun
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
<CA>
(laste ca.crt contents here)
</CA>
<CERT>
(paste client.crt contents here)
</CERT>
<KEY>
(paste client.key contents here)
</KEY>
key-direction 1
<TLS-AUTH>
(paste ta.key contents here)
</TLS-AUTH>
remote-cert-tls server
cipher AES-256-CBC
verb 5
mute 5
comp-lzo
fast-io
route-delay 2
route-method exe
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: CAX30 onboard VPN
Outstanding. Thank you for sharing the details.
Recommend you mark this as resolved so others can benefit.
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more