Reply
Highlighted
Apprentice

VPN Service Help

Was wondering if anyone can help! My vpn service is not work at all! No matter which port I try udp or tcp! Open vpn can't seems too connect at all! I worked when I first got the orbi but now it's not, I know my DNS works cause am able to log in remotely on to the router via https DNS link, but for some strange reason VPN connection fails. I haven't changed port numbers just port type
Message 1 of 32
Highlighted
Aspirant

Re: VPN Service Help

ummm... you'll have to narrow down a bit. Is it working without a VPN? If not, try doing all of the following to narrow down to your pain point.

 

1. Try conencting your VPN to other devices, smartphones, tablets, other laptops/macbook

2. try using a different vpn like Ivacy, HSS, pure or any other you could find

3. Have you tried changing the numbers?

4. Double-check if all of your hardware is perfectly functional

Message 2 of 32
Highlighted
Apprentice

Re: VPN Service Help

2017-01-16 08:48:43 Server poll timeout, trying next remote entry...
2017-01-16 08:48:43 EVENT: RECONNECTING
2017-01-16 08:48:43 Contacting 69.122.xxx.xxx:12980 via UDP
2017-01-16 08:48:43 EVENT: WAIT
2017-01-16 08:48:43 SetTunnelSocket returned 1
2017-01-16 08:48:43 Transport Error: UDP connect error on 'xxxxxxxxxxx.ddns.net:12980' (69.122.xxx.xxx:12980): Network is unreachable
2017-01-16 08:48:43 Client terminated, restarting in 2...
2017-01-16 08:48:45 EVENT: CONNECTION_TIMEOUT [ERR]
2017-01-16 08:48:45 EVENT: DISCONNECTED
2017-01-16 08:48:45 Raw stats on disconnect:
BYTES_OUT : 350
PACKETS_OUT : 25
UDP_CONNECT_ERROR : 5
CONNECTION_TIMEOUT : 1
N_RECONNECT : 9
2017-01-16 08:48:45 Performance stats on disconnect:
CPU usage (microseconds): 45685
Network bytes per CPU second: 7661
Tunnel bytes per CPU second: 0
2017-01-16 08:48:45 EVENT: DISCONNECT_PENDING
2017-01-16 08:48:45 ----- OpenVPN Stop -----

 

 

thats my open vpn log file, of course where it says xxx is my info masking but of the life I don't understand why it's not won't connect when my dns works! 😩😑

Message 3 of 32
Highlighted
Master

Re: VPN Service Help

OpenVPN requires port 1194 (usually UDP) to be exposed to the Internet.  The fact that your DDNS works doesn't prove port 1194 is exposed.

 

Both the router and your client need to use the same port number and port type.

 

You said OpenVPN worked, then you changed the port type, and now it doesn't work.  Why did you change the port type?  Change the type back to what it was, and see if it works.

 

Did you reset your router?  Make sure the OpenVPN service is still active on your router.   If that doesn't work, go through the OpenVPN setup process from the beginning again on your router, and re-download the setup files to your client.

 

Good luck.

 

 

 

 

Message 4 of 32
Highlighted
Apprentice

Re: VPN Service Help

i do think think the ports are open also, now heres the thing, how do i open them? this service is done by the orbi router, i cant port forward 192.168.1.1, so thats where am confused.

Message 5 of 32
Highlighted
Master

Re: VPN Service Help

When you go through the process of enabling the OpenVPN service on the Orbi, that should open the necessry ports.  The details are written to a config file that needs to be loaded on your client machine.

 

http://kb.netgear.com/31487/How-do-I-use-VPN-service-on-my-Orbi-system-with-my-Windows-client?cid=wm...

 

I use OpenVPN on my Mac, iPad, Linux, and another router, but I haven't set it up on my Orbi, because I use it as an Access Point only.

 

Message 6 of 32
Highlighted
Apprentice

Re: VPN Service Help

vpn.jpg

 

here is a pic of my vpn settings i have tried changing port num, or even port types! when i switch to tcp and connected via my wifi (locally) it works if i get off it and switch to my cellphone LTE, it doesnt connect!! so something is blocking my ports as i suspected and yes i download the new config files each time i have changed the settings but still doesnt connect.

Message 7 of 32
Highlighted
Master

Re: VPN Service Help

Sorry, I cannot see the picture for some reason.  it's just a yellow triangle.

 

You can scan your system at the following website and see what ports are open.  Try both UDP and TCP scans.

 

https://pentest-tools.com/network-vulnerability-scanning/tcp-port-scanner-online-nmap

Message 8 of 32
Highlighted
Master

Re: VPN Service Help

If you want me to scan your ports and tell you if 1194 is open, send me an IM with your domain name.

Message 9 of 32
Highlighted
Apprentice

Re: VPN Service Help


Starting Nmap 6.00 ( http://nmap.org ) at 2017-01-16 23:01 EET
Initiating Ping Scan at 23:01
Scanning xxxxxxx.ddns.net (69.122.xxx.xxx) [4 ports]
Completed Ping Scan at 23:01, 0.12s elapsed (1 total hosts)
Initiating SYN Stealth Scan at 23:01
Scanning xxxxxxxx.ddns.net (69.122.xxx.xxx) [100 ports]
Discovered open port 23/tcp on 69.122.xxx.xxx
Discovered open port 8008/tcp on 69.122.xxx.xxx
Completed SYN Stealth Scan at 23:01, 2.36s elapsed (100 total ports)

[+] Nmap scan report for xxxxxxxxx.ddns.net (69.122.xxx.xxx)
Host is up (0.093s latency).
Not shown: 89 closed ports

PORT STATE SERVICE
7/tcp filtered echo
23/tcp open telnet
25/tcp filtered smtp
80/tcp filtered http
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
443/tcp filtered https
445/tcp filtered microsoft-ds
3128/tcp filtered squid-http
8008/tcp open http
8080/tcp filtered http-proxy


Nmap done: 1 IP address (1 host up) scanned in 2.69 seconds
Raw packets sent: 113 (4.948KB) | Rcvd: 96 (3.944KB)

Message 10 of 32
Highlighted
Apprentice

Re: VPN Service Help

Log file of my port scan above, I had vpn set to udp but I just switched it to tcp and still show it's not opeN

Message 11 of 32
Highlighted
Master

Re: VPN Service Help

The scanner on the webpage I posted does not scan port 1194 in the default scan.  Try doing a TCP and UDP scan and specifying port 1194.

 

 

Message 12 of 32
Highlighted
Apprentice

Re: VPN Service Help

Well my vpn service is running on port 12980 and 12981

Message 13 of 32
Highlighted
Apprentice

Re: VPN Service Help

Starting Nmap 6.00 ( http://nmap.org ) at 2017-01-16 23:34 EET
Initiating Ping Scan at 23:34
Scanning xxxxxxxx.ddns.net (69.122.xxx.xxx) [4 ports]
Completed Ping Scan at 23:34, 0.70s elapsed (1 total hosts)
Initiating SYN Stealth Scan at 23:34
Scanning xxxxxxxxx.ddns.net (69.122.xxx.xxx) [1 port]
Completed SYN Stealth Scan at 23:34, 0.25s elapsed (1 total ports)

[+] Nmap scan report for xxxxxxxx.ddns.net (69.122.xxx.xxx)
Host is up (0.12s latency).

PORT STATE SERVICE
12980/tcp closed unknown


Nmap done: 1 IP address (1 host up) scanned in 1.72 seconds
Raw packets sent: 5 (196B) | Rcvd: 3 (140B)

here is the result for the specific port scan 

Message 14 of 32
Highlighted
Master

Re: VPN Service Help

OK. I don't think I can do anything else to help you out.  All I can do is suggest you go back to using standard ports and protcol (UDP 1194) and redo the VPN setup from scratch. You said it was working before you changed things.  The nonstandard ports could be part of your problem. Good luck.

Message 15 of 32
Highlighted
Apprentice

Re: VPN Service Help

UGH thanks i thought i was doing something wrong! seems like am not! ill have to call netgear i guess Smiley Sad

Message 16 of 32
Highlighted
Master

Re: VPN Service Help

You didn't tell me if you tried my suggestion of running the VPN with default ports and protocols.  The high ports you are using could possibly be blocked by your ISP.

 

I'll also comment that your port scan raises some concerns.  Why would you have ports 135 139, and 445 exposed to the Internet?  These are Microsoft file sharing ports and should be blocked.  

 

Ditto for telnet, whcih shows as open! You don't want hackers to telnet into your router.  If the router has been connected like that for long it could have been compromised already.

 

When you get the VPN back running you can access those services over VPN.

Message 17 of 32
Highlighted
Apprentice

Re: VPN Service Help

Ok sorry was at work and I change those port with the intention thinking that maybe the defaults were blocked by my isp and it didn't work either, also my telnet to my router is turned off! I can confirmed that, those ports open is probably on a system that someone in my house is using, I live in NYC with 2 other houses above me (multi fam home) and each home have multiple devices and am sure someone in my fam have those ports open cause if i show u my port foward I have maybe 1-2 rules set and 1 device DMZ which is my security surveillance system so! I know those ports are not open via my router from me! Maybe on UPnP but even under my list those ports are NOT listed.... so yea
Message 18 of 32
Highlighted
Apprentice

Re: VPN Service Help

And FYI I don't even use windows devices, all device in my section of my house I use apple devices which uses bonjour services, upstairs my other family members uses windows devices, laptop, desktop, etc
Message 19 of 32
Highlighted
Master

Re: VPN Service Help

Sounds like you're good then.  Looked scary though!

Message 20 of 32
Highlighted
Apprentice

Re: VPN Service Help

Vpn service

Message 21 of 32
Highlighted
Apprentice

Re: VPN Service Help

Think I got the image thing to work so that's a screen shot of vpn page

Message 22 of 32
Highlighted
Apprentice

Re: VPN Service Help

Wan

Message 23 of 32
Highlighted
Apprentice

Re: VPN Service Help

Port fwd

Message 24 of 32
Highlighted
Apprentice

Re: VPN Service Help

Connected devices

Message 25 of 32
Top Contributors
Discussion stats
  • 31 replies
  • 5373 views
  • 1 kudo
  • 3 in conversation
Announcements