Reply

Re: R7000 - OpenVPN on Android not resolving DNS after router firmware upgrade V1.0.9.34_10.2.36

dcd722
Initiate

R7000 - OpenVPN on Android not resolving DNS after router firmware upgrade V1.0.9.34_10.2.36

Good Morning,

 

Over the weekend, I upgraded my router firmware to V1.0.9.34_10.2.36. 

I have the VPN service set up to direct all traffic through the tunnel. I run the VPN client on a PC and my Android daily. After the upgrade, DNS resolution no longer works on Android. My Ubuntu installation is unaffected and DNS is working fine there.

 

From Android, I can access remote sites and local sites by IP, but DNS resolution doesn't work. Chrome reports "DNS_PROBE_FINISHED_BAD_CONFIG"

 

I'm using OpenVPN Connect on a Pixel 2 XL.

 

------- LOG BELOW -------

09:01:35.037 -- ----- OpenVPN Start -----

09:01:35.037 -- EVENT: CORE_THREAD_ACTIVE

09:01:35.039 -- Frame=512/2048/512 mssfix-ctrl=1250

09:01:35.040 -- UNUSED OPTIONS
4 [resolv-retry] [infinite]
5 [nobind]
6 [persist-key]
7 [persist-tun]
13 [verb] [5]


09:01:35.040 -- EVENT: RESOLVE

09:01:35.091 -- Contacting MY.IP.ADDRESS.XXX:12973 via UDP

09:01:35.091 -- EVENT: WAIT

09:01:35.093 -- Connecting to [MY.HOSTNAME.COM]:12973 (MY.IP.ADDRESS.XXX) via UDPv4

09:01:35.323 -- EVENT: CONNECTING

09:01:35.325 -- Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client

09:01:35.326 -- Creds: UsernameEmpty/PasswordEmpty

09:01:35.327 -- Peer Info:
IV_GUI_VER=OC30Android
IV_VER=3.2
IV_PLAT=android
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
IV_IPv6=0
IV_AUTO_SESS=1


09:01:35.513 -- VERIFY OK : depth=1
cert. version : 3
serial number : 9B:08:1A:77:97:AB:B7:EB
issuer name : C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear, emailAddress=mail@netgear.com
subject name : C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear, emailAddress=mail@netgear.com
issued on : 2018-06-15 19:05:14
expires on : 2038-06-10 19:05:14
signed using : RSA with SHA-256
RSA key size : 1024 bits
basic constraints : CA=true


09:01:35.513 -- VERIFY OK : depth=0
cert. version : 3
serial number : 01
issuer name : C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear, emailAddress=mail@netgear.com
subject name : C=TW, ST=TW, O=netgear, OU=netgear, CN=netgear, emailAddress=mail@netgear.com
issued on : 2018-06-15 19:05:14
expires on : 2038-06-10 19:05:14
signed using : RSA with SHA-256
RSA key size : 1024 bits
basic constraints : CA=false
cert. type : SSL Server


09:01:35.962 -- SSL Handshake: TLSv1.0/TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA

09:01:35.963 -- Session is ACTIVE

09:01:35.963 -- EVENT: GET_CONFIG

09:01:35.966 -- Sending PUSH_REQUEST to server...

09:01:35.996 -- OPTIONS:
0 [route] [10.0.0.0] [255.255.255.0]
1 [redirect-gateway]
2 [dhcp-option] [DNS] [192.168.254.1]
3 [route-gateway] [192.168.254.1]
4 [topology] [subnet]
5 [ping] [10]
6 [ping-restart] [120]
7 [ifconfig] [192.168.254.4] [255.255.255.0]
8 [block-ipv6]


09:01:35.996 -- PROTOCOL OPTIONS:
cipher: AES-128-CBC
digest: SHA1
compress: LZO
peer ID: -1

09:01:35.999 -- EVENT: ASSIGN_IP

09:01:36.038 -- Connected via tun

09:01:36.039 -- LZO-ASYM init swap=0 asym=0

09:01:36.040 -- EVENT: CONNECTED info='@MY.HOSTNAME.COM:12973 (MY.IP.ADDRESS.XXX) via /UDPv4 on tun/192.168.254.4/ gw=[192.168.254.1/]' trans=TO_CONNECTED

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 1 of 12
seadevil
Aspirant

Re: R7000 - OpenVPN on Android not resolving DNS after router firmware upgrade V1.0.9.34_10.2.36

I have the same problem and I can't find the solution. 

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 2 of 12
seadevil
Aspirant

Re: R7000 - OpenVPN on Android not resolving DNS after router firmware upgrade V1.0.9.34_10.2.36

I have the same problem. Also with android. 

Message 3 of 12
mankong
Aspirant

Re: R7000 - OpenVPN on Android not resolving DNS after router firmware upgrade V1.0.9.34_10.2.36

I have the same problem. Also with android
Message 4 of 12

Re: R7000 - OpenVPN on Android not resolving DNS after router firmware upgrade V1.0.9.34_10.2.36

I don't use VPN.  I believe I read that 1.0.9.32 is the most current version available where VPN was confirmed working.May need to drop back one release to regain functionality until it gets fixed.

~Comcast 1 Gbps/50 Mbps SB8200 > R8000P
~R8000P FW:1.4.1.68 ~R7000 FW:1.0.9.42
~R6400 FW:1.0.1.52 ~Orbi-AC3000 FW:2.5.1.8
~EX3700 FW:1.0.0.84

Message 5 of 12

Re: R7000 - OpenVPN on Android not resolving DNS after router firmware upgrade V1.0.9.34_10.2.36

Did you ever resolve the VPN issue on Android?

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 6 of 12
G35flyer
Tutor

Re: R7000 - OpenVPN on Android not resolving DNS after router firmware upgrade V1.0.9.34_10.2.36

A workaround (with iOS) that I used for the current firmware 1.0.9.34 was editing the file client3.ovpn and adding this line:
dhcp-option DNS 8.8.8.8
Then reinstalled the updated profile in the iOS OpenVPN app.
Message 7 of 12

Re: R7000 - OpenVPN on Android not resolving DNS after router firmware upgrade V1.0.9.34_10.2.36

Does it matter where the line is added?        dhcp-option DNS 8.8.8.8

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 8 of 12
dcd722
Initiate

Re: R7000 - OpenVPN on Android not resolving DNS after router firmware upgrade V1.0.9.34_10.2.36

I was never able to solve it. I moved to DDWRT.

The DHCP option above in the config won't work on newer versions of Android, FYI
Message 9 of 12
G35flyer
Tutor

Re: R7000 - OpenVPN on Android not resolving DNS after router firmware upgrade V1.0.9.34_10.2.36

Added at the very end.....see below.  But it seems from another poster it may not work for Android. It worked for iOS though.

 

client

dev tun

proto udp

remote XXXXXXXXXXXX

resolv-retry infinite

nobind

persist-key

persist-tun

ca ca.crt

cert client.crt

key client.key

cipher AES-128-CBC

comp-lzo

verb 5

dhcp-option DNS 8.8.8.8

Message 10 of 12

Re: R7000 - OpenVPN on Android not resolving DNS after router firmware upgrade V1.0.9.34_10.2.36

I added at the end , didn't work.

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 11 of 12
Legion584
Initiate

Re: R7000 - OpenVPN on Android not resolving DNS after router firmware upgrade V1.0.9.34_10.2.36

I recently ran into this problem after my Nighthawk R7000 updated to new firmware. On my Galaxy S9+ running OpenVpn Connect, I would receive the DNS error when trying to access a website on Chrome or Samsung Internet. My emails and whatsapp messages were also not sending when connecting to VPN. I could access my local network with no problems though.

These are the steps I took to fix it:

Step 1. Open OpenVpn Connect and delete vpn profile
Step 2. Open the client.ovpn file with a text editor
Step 3. Go to the end of the file and add this line:

dhcp-option DNS 8.8.8.8

Step 4. Note: (The DNS 8.8.8.8 is Google DNS Server.) Save the client.ovpn file. Make sure not to change the .ovpn extension

Step 5. Import the edited client.ovpn file into OpenVpn

Step 6. Open Chrome browser and navigate to any website. It should work now.

If this helps you let me know.
Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 12 of 12
Top Contributors
Discussion stats
  • 11 replies
  • 2588 views
  • 4 kudos
  • 7 in conversation
Announcements