Reply

Re: OpenVPN issue with firmware 1.0.3.60

mferris
Aspirant

OpenVPN issue with firmware 1.0.3.60

I went through the forum and didn't see a post on this particular issue.

I found a problem with OpenVPN after I updated to firmware 1.0.3.60. The OpenVPN client successfully connects. However, it does not receive a NAT IP address from the router. I can connect to the internet, but I cannot access any internal resources. The IP config shows a 169.254.x.x address on the NETGEAR-VPN network adapter.

To make sure none of the OpenVPN configuration had changed with the firmware update, I downloaded a new certificate and configuration file from the router. I also uninstalled and re-installed the client software on my computer. Neither corrected the issue.

I finally decided to rollback the firmware to 1.0.3.56. Now everything works just fine. I compared the OpenVPN logs between each firmware version and both are identical. The issue must be internal to the router.

Has anyone else had this issue?

Thanks in advance,
Message 1 of 13
jmizoguchi
Virtuoso

Re: OpenVPN issue with firmware 1.0.3.60

Contact support with a issues via portal at my.netgears.com after hard reset the router with firmware you have an issues and still have results the same
VPN Case Study

VPNCASESTUDY.COM

"Our Second To None VPN Related Setup Case Study[/COLOR][/URL]

"One Stop Solution To Your Netgear VPN Connectivity"

*Visit the site for Non-VPN related Doc & Links* [Windows & Mac user/support]





June Mizoguchi-
Message 2 of 13
johnsdagg
Guide

Re: OpenVPN issue with firmware 1.0.3.60

Any more luck with firmware 1.0.3.60? I have done the same as you and have reached the same result: VPN connects but I get a 169.254.x.x address on the NETGEAR-VPN network adapter.
Message 3 of 13
hulltech
Aspirant

Re: OpenVPN issue with firmware 1.0.3.60

That's why I have been asking Netgear to put Openvpn client/server on the router itself in the next firmware update.then it would have better control operating through the router Instead of a os client. Are you using the latest openvpn client.
Message 4 of 13
johnsdagg
Guide

Re: OpenVPN issue with firmware 1.0.3.60

hulltech wrote:
Are you using the latest openvpn client.


Yes I am using the latest client.
Message 5 of 13
hulltech
Aspirant

Re: OpenVPN issue with firmware 1.0.3.60

Try out this page to keep your Nat config correctly. http://www.opennicproject.org/

Also try an iptables to configure your Nat, port forwarding, and firewall.
Message 6 of 13
hulltech
Aspirant

Re: OpenVPN issue with firmware 1.0.3.60

Try adding a table for your Nat, the xXxX will be whatever IP address you use.
“$IPTABLES -t nat -A POSTROUTING -s x.x.x.x/24 -o eth0 -j MASQUERADE”

Don't forget to do whatever changes are needed in your conf file. I would also look into dnsleak tool to prevent your conform a disconnect,- you will always have a disconnect at one time or another these website's will help you keep safe if they are put in place according to the instructions.
Hope these help
Hulltech
Message 7 of 13
mferris
Aspirant

Re: OpenVPN issue with firmware 1.0.3.60

All,

I've been working with Netgear Level 2 support on this issue since I posted in the forum. They were not able to duplicate the problem with a fresh router config. I sent them my current router config and they were going to test with it.

Based on the Level 2 feedback stating they started with a fresh config and it worked... I reset my router back to factory defaults, upgraded the firmware, and then reconfigured wireless, dynamic dns, openvpn, etc. I just tested my connection and everything works fine. So, I believe the firmware upgrade has a bit of a problem if you already have openvpn configured.

If you're willing to wipe out the router config and start over, that's what I recommend. It didn't take me long to get everything set back up.
Message 8 of 13
mferris
Aspirant

Re: OpenVPN issue with firmware 1.0.3.60

Thank you to everyone who posted on this thread.

Final follow-up. Riel at Level 2 support has been great through this whole process! Below is an excerpt from his response concerning testing my personal config in the lab:

"I did notice that the computer fails to get an IP through the VPN adapter if I upgrade the firmware while connected to the VPN network. A disable/enable of the Wireless or LAN adapter would fix it."

So, this may help another user. I can't remember if I disabled/re-enabled the NIC when I was testing. I normally put my laptop to sleep when not using it. So, that may not have "reset" the adapter to eliminate the issue.

Thank you again to Riel and the Netgear support team. They were quick to work the issue without making me run through the "script" of troubleshooting basic issues. They took my inputs and ran with it. I spend quite a bit of time working with vendor IT support at work. I can honestly say this was a breath of fresh air!
Message 9 of 13
Armymutt
Aspirant

Re: OpenVPN issue with firmware 1.0.3.60

I'm confused by this: "I did notice that the computer fails to get an IP through the VPN adapter if I upgrade the firmware while connected to the VPN network. A disable/enable of the Wireless or LAN adapter would fix it."

Implies that the firmware was being upgraded by someone over the internet rather than at a computer wired to the router. I'm trying to get my VPN working and the tech is an idiot. Suggested that I enable VPN on the router external to my network. Like I'm supposed to go around asking people to enable VPN on their routers so I can connect to my VPN.
Message 10 of 13
johnsdagg
Guide

POSSIBLE SOLUTION Re: OpenVPN issue with firmware 1.0.3.60

See what yashuaking wrote in this forum:

http://www.myopenrouter.com/forum/thread/56773/Netgear-R7000-VPN-is-not-Assigning-IPv4-address-to-Op...

I will uninstall 64bit and install 32bit tomorrow to see if this works for me as well.
Message 11 of 13
johnsdagg
Guide

Re: OpenVPN issue with firmware 1.0.3.60

Previously I had been using the 64-bit OpenVPN client software because my laptop is running Win 7 Pro 64-bit.

I tried the 32-bit OpenVPN client software as yashuaking suggested but it did not work for me - my NETGEAR-VPN adapter is still not getting a proper IP (169.254.xxx.xxx).

I've started a ticket with Netgear but so far the tech has only referred me to a standard how-to document (unhelpful) that I've already read. So I'm not really optimistic about the ticket with Netgear.

I will now try to open a ticket with the OpenVPN folks.
Message 12 of 13
johnsdagg
Guide

SOLVED Re: OpenVPN issue with firmware 1.0.3.60

I have been working a ticket on this VPN problem with Level 2 Netgear Support Experts for a several days and they have solved it for me.

Previously OpenVPN would seem to connect but my NETGEAR-VPN adapter would receive a 169.254.xxx.xxx IP address and therefore I would have no access to my home LAN (nor would any internet traffic go through the VPN).

Based on Netgear L2 Support's guidance I am now running R7000 firmware V1.0.3.68_1.1.31 with the VPN service enabled for "All sites on the Internet & Home Network" but here's the important part:

Netgear has identified a problem with OpenVPN client software 2.3.4-i603.
It will not work.

Instead, use OpenVPN client software 2.3.4-i003.
It works.

Once I did so my VPN connected quickly, my NETGEAR-VPN adapter was handed a DHCP IP on my LAN, I could see and access all my devices and shares on my LAN; and www.iplocation.net and whatismyip.com report my WAN IP as my home WAN (even though I was sitting in a cafe down the road on public wifi).

Throughput was good enough for me to stream audio from my server at home and even view 720p youtube being pumped through the VPN (but 1080p was choppy).

Great job Netgear.

Thanks.
Message 13 of 13
Top Contributors
Discussion stats
  • 12 replies
  • 3146 views
  • 0 kudos
  • 5 in conversation
Announcements