I’ve tried multiple NORD USA-based VPN servers, with their appropriate TLS Auth Key and CA Cert entries.
Here are some log file details.
Client: RECONNECTING tls-error
Clientlog:
20170513 11:12:26 Restart pause 5 second(s)
20170513 11:12:31 W WARNING: --ping should normally be used with --ping-restart or --ping-exit
20170513 11:12:31 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20170513 11:12:32 I TCP/UDP: Preserving recently used remote address: [AF_INET]108.59.0.35:1194
20170513 11:12:32 Socket Buffers: R=[180224->180224] S=[180224->180224]
20170513 11:12:32 I UDPv4 link local: (not bound)
20170513 11:12:32 I UDPv4 link remote: [AF_INET]108.59.0.35:1194
20170513 11:13:32 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
20170513 11:13:32 N TLS Error: TLS handshake failed
20170513 11:13:32 I SIGUSR1[soft tls-error] received process restarting
20170513 11:13:32 Restart pause 5 second(s)
20170513 11:13:37 W WARNING: --ping should normally be used with --ping-restart or --ping-exit
20170513 11:13:37 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20170513 11:13:37 I TCP/UDP: Preserving recently used remote address: [AF_INET]108.59.0.35:1194
20170513 11:13:37 Socket Buffers: R=[180224->180224] S=[180224->180224]
20170513 11:13:37 I UDPv4 link local: (not bound)
20170513 11:13:37 I UDPv4 link remote: [AF_INET]108.59.0.35:1194
20170513 11:14:37 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
20170513 11:14:37 N TLS Error: TLS handshake failed
20170513 11:14:37 I SIGUSR1[soft tls-error] received process restarting
20170513 11:14:37 Restart pause 5 second(s)
20170513 11:14:42 W WARNING: --ping should normally be used with --ping-restart or --ping-exit
20170513 11:14:42 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20170513 11:14:42 I TCP/UDP: Preserving recently used remote address: [AF_INET]108.59.0.35:1194
20170513 11:14:42 Socket Buffers: R=[180224->180224] S=[180224->180224]
20170513 11:14:42 I UDPv4 link local: (not bound)
20170513 11:14:42 I UDPv4 link remote: [AF_INET]108.59.0.35:1194
20170513 11:15:42 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
20170513 11:15:42 N TLS Error: TLS handshake failed
20170513 11:15:42 I SIGUSR1[soft tls-error] received process restarting
20170513 11:15:42 Restart pause 10 second(s)
20170513 11:15:52 W WARNING: --ping should normally be used with --ping-restart or --ping-exit
20170513 11:15:52 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20170513 11:15:52 I TCP/UDP: Preserving recently used remote address: [AF_INET]108.59.0.35:1194
20170513 11:15:52 Socket Buffers: R=[180224->180224] S=[180224->180224]
20170513 11:15:52 I UDPv4 link local: (not bound)
20170513 11:15:52 I UDPv4 link remote: [AF_INET]108.59.0.35:1194
20170513 11:16:52 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
20170513 11:16:52 N TLS Error: TLS handshake failed
20170513 11:16:52 I SIGUSR1[soft tls-error] received process restarting
20170513 11:16:52 Restart pause 20 second(s)
20170513 11:17:12 W WARNING: --ping should normally be used with --ping-restart or --ping-exit
20170513 11:17:12 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20170513 11:17:12 I TCP/UDP: Preserving recently used remote address: [AF_INET]108.59.0.35:1194
20170513 11:17:12 Socket Buffers: R=[180224->180224] S=[180224->180224]
20170513 11:17:12 I UDPv4 link local: (not bound)
20170513 11:17:12 I UDPv4 link remote: [AF_INET]108.59.0.35:1194
20170513 11:18:12 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
20170513 11:18:12 N TLS Error: TLS handshake failed
20170513 11:18:12 I SIGUSR1[soft tls-error] received process restarting
20170513 11:18:12 Restart pause 40 second(s)
20170513 11:18:52 W WARNING: --ping should normally be used with --ping-restart or --ping-exit
20170513 11:18:52 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20170513 11:18:52 I TCP/UDP: Preserving recently used remote address: [AF_INET]108.59.0.35:1194
20170513 11:18:52 Socket Buffers: R=[180224->180224] S=[180224->180224]
20170513 11:18:52 I UDPv4 link local: (not bound)
20170513 11:18:52 I UDPv4 link remote: [AF_INET]108.59.0.35:1194
20170513 11:19:53 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
20170513 11:19:53 N TLS Error: TLS handshake failed
20170513 11:19:53 I SIGUSR1[soft tls-error] received process restarting
20170513 11:19:53 Restart pause 80 second(s)
20170513 11:21:13 W WARNING: --ping should normally be used with --ping-restart or --ping-exit
20170513 11:21:13 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20170513 11:21:13 I TCP/UDP: Preserving recently used remote address: [AF_INET]108.59.0.35:1194
20170513 11:21:13 Socket Buffers: R=[180224->180224] S=[180224->180224]
20170513 11:21:13 I UDPv4 link local: (not bound)
20170513 11:21:13 I UDPv4 link remote: [AF_INET]108.59.0.35:1194
20170513 11:21:52 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20170513 11:21:52 D MANAGEMENT: CMD 'state'
20170513 11:21:52 MANAGEMENT: Client disconnected
20170513 11:21:52 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20170513 11:21:52 D MANAGEMENT: CMD 'state'
20170513 11:21:52 MANAGEMENT: Client disconnected
20170513 11:21:52 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20170513 11:21:52 D MANAGEMENT: CMD 'state'
20170513 11:21:52 MANAGEMENT: Client disconnected
20170513 11:21:52 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20170513 11:21:52 D MANAGEMENT: CMD 'status 2'
20170513 11:21:52 MANAGEMENT: Client disconnected
20170513 11:21:52 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20170513 11:21:52 D MANAGEMENT: CMD 'log 500'
20170513 11:21:52 MANAGEMENT: Client disconnected
20170513 11:22:13 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
20170513 11:22:13 N TLS Error: TLS handshake failed
20170513 11:22:13 I SIGUSR1[soft tls-error] received process restarting
20170513 11:22:13 Restart pause 160 second(s)
20170513 11:22:18 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20170513 11:22:18 D MANAGEMENT: CMD 'state'
20170513 11:22:18 MANAGEMENT: Client disconnected
20170513 11:22:18 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20170513 11:22:18 D MANAGEMENT: CMD 'state'
20170513 11:22:18 MANAGEMENT: Client disconnected
20170513 11:22:18 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20170513 11:22:18 D MANAGEMENT: CMD 'state'
20170513 11:22:18 MANAGEMENT: Client disconnected
20170513 11:22:18 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20170513 11:22:18 D MANAGEMENT: CMD 'status 2'
20170513 11:22:18 MANAGEMENT: Client disconnected
20170513 11:22:18 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20170513 11:22:18 D MANAGEMENT: CMD 'log 500'
19691231 19:00:00
I'm a bit of a novice, so any guidance greatly appreciated.
Now paste it into your DDWRT Administration.... Commands Section
Then Press Run Command (Assumes you have a working net connection on the WAN of the router.
The router will reboot. When it comes back up you need to make sure your NordVPN username and Password are entered under Services... VPN... OpenVPN Client section.
The Above script sets NordVPN TO server us225.nordvpn.com and changes the NVRAM variables for OpenVPN Client on DDWRT to their correct settings for NordVPN as well as setup the proper certs for server 225. If you want to change to a different server (Only god knows which ones are up and running correctly) then you cant just change the server name, you must also change the TLS and CA cert for that server.
The easiest way to know what server is running is to connect to one of them using their App on a phone or your PC and it will show you which one connected.
For NordVPN if you want to change the server you need the TLS auth Key and CA Cert for each server from their OpenVPN Files. So IF for example you want to use server US500.nordvpn.com you must use that openvpn files info for the certs.
DO NOT change anything on my settings after it installs or the VPN Will fail.
NordVPN is one of the companies I like the least.
I highly suggest you all switch to PIA or IPVanish.
If any of yoy really want to get connected to this VPN company and can't get it to work, I can guarantee the install for $25.00. I cannot however guarantee their crappy servers will stay up. _________________ My Karma ran over your Dogma
SploitWorks Custom Flashed Routers
Thanks sploit. I really appreciate the information. It sure is disappointing to hear that Nord is not a favored provider. There seems to be a ton of misinformation out there on providers and getting a straight story is nearly impossible.