NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Nighthawk r7500 vpn setup
I'm new to VPN but learn quickly. I'm trying to setup VPN on my router for a layer of security for my home. I am getting error messeges with openVPN. Following the instructions on the router, many for...
After reading a LOT of information I decided to sell my R7500 and buy a R7000P I flashed it with DD-WRT and was done in about an hour... Super easy. I'm not sure why Netgear does not have more functionality built in the standard interface. Thank you all for the replies.
bripab007 wrote:I'm not sure what you mean by port 80 being open to the world when you enabled the VPN server.
I was conflating OpenVPN with the Netgear implementation.
I have a Linux OpenVPN server, and connecting to it on with a standard browser on port 943 (not 80) provides a way for a new client to download config files and continue with their OpenVPN. This is protected by a simple user/password login, but multiple possiblities.
I had confused that with the Netgear, where port 80 is only open on the LAN, not the WAN, but provides a path to the config downloads. The login here is a password, and user admin.
(nmap from the LAN to the public IP address showed the same results as a scan to the internal Private IP, which is misleading, but I see that is not uncommon amongst routers. I don't think that happened on the Asus, but I could be mistaken.)
So, Public ports are not the problem that I thought they were. I need to supply my users with the .ovpn and associated files, because one needs to log in on the local LAN as admin in order to fetch them.
I have been able to connect Android OpenVPN client to both my OpenVPN server and to the R7000P.
I can connect Windows 10 to the OpenVPN server, but I cannot connect to the R7000P.
It fails with errors that the #mitm suggests are server side problems, but my Android connects okay.
Wed Nov 29 13:35:16 2017 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Nov 29 13:35:19 2017 OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
Wed Nov 29 13:35:19 2017 OpenVPN ROUTE: failed to parse/resolve route for host/network: 10.1.2.0
Wed Nov 29 13:35:19 2017 TAP-Windows adapter 'NETGEAR-VPN' not found
ClarDold wrote:I can connect Android, but not Windows 10 to the R7000P VPN.
Wed Nov 29 13:35:16 2017 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Nov 29 13:35:19 2017 OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
Wed Nov 29 13:35:19 2017 OpenVPN ROUTE: failed to parse/resolve route for host/network: 10.1.2.0
Wed Nov 29 13:35:19 2017 TAP-Windows adapter 'NETGEAR-VPN' not found
Only that last line matters.
The certificate verification WARNING appears repeatedly in the log, but seems to have no effect. The ROUTE message, no effect.
The instructions say: "Step 5: For a client device with Windows, you need to modify the VPN interface name to "NETGEAR-VPN". The VPN interface usually has a Device Name as "TAP-Windows Adapter"."
I had one named "Ethernet #2", but i noticed in small print that it said "TAP-Windows Adapter V9"
I couldn't change the bottom line of that description, but I could change the name, to "NETGEAR-VPN".
Now Windows VPN connection to the R7000P works.
see the attached screenshot of what my Network Connections panel looks like (VPN not connected right now.)
