- Feb 26, 2014
- 43
- 0
- 4,540
Hi,
I own an Asus RT-AC66U router, and since a while ago my VPN connection stopped working (OpenVPN). I found out one of the fields in the router had been messed up, and after updating the firmware, it wouldn't connect anymore.
So far I haven't been able to find a single way to let the router automatically regenerate those OpenVPN settings, without performing a factory reset. I let a friend of mine help me generate all the certificates and such, but even after placing those in my router's config, restarting the router, downloading the router's config file and adding in the client certificate and key, it still refuses to connect.
The client log of my failed attempts to connect:
My friend sent me a whole batch of files, and I have gotten all the information from all these files:
These are all the fields on my router:
I pasted the contents of ca.crt (starting at -----BEGIN CERTIFICATE----- and ending at -----END CERTIFICATE-----) into the "Certificate Authority" field, router.crt into Server Certificate, server.key into Server Key and dh2048.pem in the Diffie Hellman parameters field. Then I pasted the client.crt and client.key contents in my ovpn file. This doesn't seem to work, all are generated by the same guy on the same machine.
I own an Asus RT-AC66U router, and since a while ago my VPN connection stopped working (OpenVPN). I found out one of the fields in the router had been messed up, and after updating the firmware, it wouldn't connect anymore.
So far I haven't been able to find a single way to let the router automatically regenerate those OpenVPN settings, without performing a factory reset. I let a friend of mine help me generate all the certificates and such, but even after placing those in my router's config, restarting the router, downloading the router's config file and adding in the client certificate and key, it still refuses to connect.
The client log of my failed attempts to connect:
Code:
Sun Oct 04 22:07:16 2015 OpenVPN 2.3.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Aug 4 2015
Sun Oct 04 22:07:16 2015 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Enter Management Password:
Sun Oct 04 22:07:21 2015 UDPv4 link local: [undef]
Sun Oct 04 22:07:21 2015 UDPv4 link remote: [AF_INET]<ip removed>:1194
Sun Oct 04 22:07:21 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Oct 04 22:07:23 2015 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=<removed>, ST=<removed>, L=<removed>, O=<removed>, OU=yes, CN=router, name=EasyRSA, emailAddress=<removed>
Sun Oct 04 22:07:23 2015 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Sun Oct 04 22:07:23 2015 TLS Error: TLS object -> incoming plaintext read error
Sun Oct 04 22:07:23 2015 TLS Error: TLS handshake failed
Sun Oct 04 22:07:23 2015 SIGUSR1[soft,tls-error] received, process restartingMy friend sent me a whole batch of files, and I have gotten all the information from all these files:
These are all the fields on my router:
I pasted the contents of ca.crt (starting at -----BEGIN CERTIFICATE----- and ending at -----END CERTIFICATE-----) into the "Certificate Authority" field, router.crt into Server Certificate, server.key into Server Key and dh2048.pem in the Diffie Hellman parameters field. Then I pasted the client.crt and client.key contents in my ovpn file. This doesn't seem to work, all are generated by the same guy on the same machine.
Facebook
Twitter
Instagram