DD-WRT :: View topic - VPN with IPVANISH just wont work please help!!

VPN with IPVANISH just wont work please help!!

DD-WRT Forum Index -> Advanced Networking

Goto page 1, 2 Next

View previous topic :: View next topic

Author

Message

matthandy
DD-WRT Novice

Joined: 16 Jun 2016
Posts: 1

Posted: Thu Jun 16, 2016 1:30 Post subject: VPN with IPVANISH just wont work please help!!

The situation:

I have a modem router thats connected to my phone line and all is well, i get on line no problems.
This is connected to a switch which feeds other parts of the house, all devices on the switch are working just fine.
I connected a router to the switch via its wan port, set the wireless up and had a new ssid and could get online just fine.
I flashed the new router with dd wrt and still all good.

I then went through the process steps with ipvanish to set this as a dedicated VPN router.I tried the
GUI method

https://www.ipvanish.com/visualguides/OpenVPN/DD-WRT/

and I tried their script method.

https://support.ipvanish.com/customer/portal/articles/1969163-dd-wrt-script

http://files.ipvanish.com/OpenVPN_DDWRT.txt

I am still online but my ip is my isp assigned ip so i know its failing.

The time on the vpn router is correct and NAT is enabled

to confirm the second router is on a different subnet

On the modem router I have:

bound the mac and ip address of the vpn router
set up port forwarding of all ports on the list plus 443 and selected bu TCP and UDP
I have placed the ip of the vpn router in the DMZ

here is the log from the vpn router thats generated from their script -any help greatly appreciated

http://pastebin.com/iPnyMLNg

Sponsor

Mike42Smith
DD-WRT User

Joined: 14 Feb 2016
Posts: 146
Location: Germany

Posted: Fri Jun 17, 2016 17:53 Post subject:

You don't have to do anything with your modem-router if you just want to run a VPN client onto your VPN router, because it's an outgoing connection!

Nevertheless I mean you havn't set a new default gateway address into your VPN router. That means if you look at your VPN route (typing: route) you will see the LAN IP address of your modem-router as default gateway IP address.

Therefore add the following line to your additional config in the VPN section of your DD-WRT router:
route-gateway dhcp

More information you will find here:
https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
_________________
Ongoing experiences with:
Linksys E3000 and WRT610N v2
TP-Link Archer C9
Raspberry Pi and TP-Link TL-WR710N with OpenWRT

mac913
DD-WRT Guru

Joined: 02 May 2008
Posts: 1848
Location: Canada

Posted: Sun Jun 19, 2016 19:48 Post subject:

https://www.ipvanish.com/visualguides/OpenVPN/DD-WRT/

This setup is old and hasn't been updated.

In the IPVansish guides follow 1-7 as shown.

Guide 8 Changes. Newer version of DD-WRT allow Username and Password to be entered in the GUI no need to add scripts from Guide 15.

Guide 9 Changes with these 2 changes.

1)for TLS Cipher use "None"

2) for Addititional Config I use these settings but change <ipvanish server IP/name> to yours...

tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA
persist-remote-ip
auth SHA256
keysize 256
tls-remote <ipvanish server IP/Name>
script-security 3 system

Guides 15 & 16 skip them and continue with 17 & 18 and done.

Hope it helps.
_________________
Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9
Off Site 1
R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4
Off Site 2
R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531

YAMon 3.4.6 | DNSCrypt-Proxy V2

b1driver
DD-WRT Novice

Joined: 29 Jul 2016
Posts: 1

Posted: Fri Jul 29, 2016 1:16 Post subject: Username/Password
Not seeing the username or password in the GUI, using Kong's build 29900M. Where should I see it? Thanks

benj710
DD-WRT Novice

Joined: 05 Aug 2016
Posts: 2

Posted: Fri Aug 05, 2016 3:28 Post subject:

mac913 wrote:

worked perfect. I did have to update dns server to google's. Thanks!

Last edited by benj710 on Tue Aug 09, 2016 1:52; edited 1 time in total

deslauriermc
DD-WRT Novice

Joined: 02 Aug 2016
Posts: 6

Posted: Tue Aug 09, 2016 1:29 Post subject:
will this work with DD-WRT ver 3.0 as , by Ipvanish's Customer service, they claim that their openVPN version only works with versions 2.x The only way they claim it works is through PPTP.

benj710
DD-WRT Novice

Joined: 05 Aug 2016
Posts: 2

Posted: Tue Aug 09, 2016 1:49 Post subject:

deslauriermc wrote:

will this work with DD-WRT ver 3.0 as , by Ipvanish's Customer service, they claim that their openVPN version only works with versions 2.x
The only way they claim it works is through PPTP.

I'm running Firmware: DD-WRT v3.0-r28788 std (01/13/16)

elDGM
DD-WRT Novice

Joined: 20 Aug 2016
Posts: 3

Posted: Tue Aug 23, 2016 15:03 Post subject:

Hello, new forum member here. I'm running DD-WRT v3.0-r29409 std (04/05/16) on a TP-Link Archer C9 V1

I have been back and forth with IP Vanish tech support and cannot get the VPN to work through the WEB GUI. I have been able to get it working through the scripts they provide, but then I lose the ability to do policy based routing, which I need.

I have followed the instructions provided in this thread to the letter for using the WEB GUI and still get errors. Can someone please help? The Open VPN log from the status page follows:

State
Client: RECONNECTING tls-error
Local Address:
Remote Address:

Status
VPN Client Stats
TUN/TAP read bytes 0
TUN/TAP write bytes 0
TCP/UDP read bytes 0
TCP/UDP write bytes 0
Auth read bytes 0

Log
Clientlog:
20160823 09:55:22 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
20160823 09:55:22 N TLS Error: TLS object -> incoming plaintext read error
20160823 09:55:22 N TLS Error: TLS handshake failed
20160823 09:55:22 N Fatal TLS error (check_tls_errors_co) restarting
20160823 09:55:22 I SIGUSR1[soft tls-error] received process restarting
20160823 09:55:22 Restart pause 5 second(s)
20160823 09:55:27 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20160823 09:55:27 Socket Buffers: R=[87380->87380] S=[16384->16384]
20160823 09:55:27 I TCP/UDP: Preserving recently used remote address: [AF_INET]209.107.216.20:443
20160823 09:55:27 I Attempting to establish TCP connection with [AF_INET]209.107.216.20:443 [nonblock]
20160823 09:55:28 I TCP connection established with [AF_INET]209.107.216.20:443
20160823 09:55:28 I TCPv4_CLIENT link local: [undef]
20160823 09:55:28 I TCPv4_CLIENT link remote: [AF_INET]209.107.216.20:443
20160823 09:55:28 TLS: Initial packet from [AF_INET]209.107.216.20:443 sid=11b3d6d8 724f00b3
20160823 09:55:28 VERIFY OK: depth=1 /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
20160823 09:55:28 VERIFY X509NAME ERROR: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=dal-a14.ipvanish.com/emailAddress=support@ipvanish.com must be <209.107.216.20>
20160823 09:55:28 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
20160823 09:55:28 N TLS Error: TLS object -> incoming plaintext read error
20160823 09:55:28 N TLS Error: TLS handshake failed
20160823 09:55:28 N Fatal TLS error (check_tls_errors_co) restarting
20160823 09:55:28 I SIGUSR1[soft tls-error] received process restarting
20160823 09:55:28 Restart pause 5 second(s)
20160823 09:55:33 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20160823 09:55:33 Socket Buffers: R=[87380->87380] S=[16384->16384]
20160823 09:55:33 I TCP/UDP: Preserving recently used remote address: [AF_INET]209.107.216.20:443
20160823 09:55:33 I Attempting to establish TCP connection with [AF_INET]209.107.216.20:443 [nonblock]
20160823 09:55:34 I TCP connection established with [AF_INET]209.107.216.20:443
20160823 09:55:34 I TCPv4_CLIENT link local: [undef]
20160823 09:55:34 I TCPv4_CLIENT link remote: [AF_INET]209.107.216.20:443
20160823 09:55:34 TLS: Initial packet from [AF_INET]209.107.216.20:443 sid=ef4869f7 78bb78b0
20160823 09:55:34 VERIFY OK: depth=1 /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
20160823 09:55:34 VERIFY X509NAME ERROR: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=dal-a14.ipvanish.com/emailAddress=support@ipvanish.com must be <209.107.216.20>
20160823 09:55:34 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
20160823 09:55:34 N TLS Error: TLS object -> incoming plaintext read error
20160823 09:55:34 N TLS Error: TLS handshake failed
20160823 09:55:34 N Fatal TLS error (check_tls_errors_co) restarting
20160823 09:55:34 I SIGUSR1[soft tls-error] received process restarting
20160823 09:55:34 Restart pause 5 second(s)
20160823 09:55:39 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20160823 09:55:39 Socket Buffers: R=[87380->87380] S=[16384->16384]
20160823 09:55:39 I TCP/UDP: Preserving recently used remote address: [AF_INET]209.107.216.20:443
20160823 09:55:39 I Attempting to establish TCP connection with [AF_INET]209.107.216.20:443 [nonblock]
20160823 09:55:40 I TCP connection established with [AF_INET]209.107.216.20:443
20160823 09:55:40 I TCPv4_CLIENT link local: [undef]
20160823 09:55:40 I TCPv4_CLIENT link remote: [AF_INET]209.107.216.20:443
20160823 09:55:40 TLS: Initial packet from [AF_INET]209.107.216.20:443 sid=bb4ff1dd 4bf6d9c6
20160823 09:55:40 VERIFY OK: depth=1 /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
20160823 09:55:40 VERIFY X509NAME ERROR: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=dal-a14.ipvanish.com/emailAddress=support@ipvanish.com must be <209.107.216.20>
20160823 09:55:40 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
20160823 09:55:40 N TLS Error: TLS object -> incoming plaintext read error
20160823 09:55:40 N TLS Error: TLS handshake failed
20160823 09:55:40 N Fatal TLS error (check_tls_errors_co) restarting
20160823 09:55:40 I SIGUSR1[soft tls-error] received process restarting
20160823 09:55:40 Restart pause 5 second(s)
20160823 09:55:45 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20160823 09:55:45 Socket Buffers: R=[87380->87380] S=[16384->16384]
20160823 09:55:45 I TCP/UDP: Preserving recently used remote address: [AF_INET]209.107.216.20:443
20160823 09:55:45 I Attempting to establish TCP connection with [AF_INET]209.107.216.20:443 [nonblock]
20160823 09:55:46 I TCP connection established with [AF_INET]209.107.216.20:443
20160823 09:55:46 I TCPv4_CLIENT link local: [undef]
20160823 09:55:46 I TCPv4_CLIENT link remote: [AF_INET]209.107.216.20:443
20160823 09:55:46 TLS: Initial packet from [AF_INET]209.107.216.20:443 sid=c1cf9918 36a3819f
20160823 09:55:46 VERIFY OK: depth=1 /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
20160823 09:55:46 VERIFY X509NAME ERROR: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=dal-a14.ipvanish.com/emailAddress=support@ipvanish.com must be <209.107.216.20>
20160823 09:55:46 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
20160823 09:55:46 N TLS Error: TLS object -> incoming plaintext read error
20160823 09:55:46 N TLS Error: TLS handshake failed
20160823 09:55:46 N Fatal TLS error (check_tls_errors_co) restarting
20160823 09:55:46 I SIGUSR1[soft tls-error] received process restarting
20160823 09:55:46 Restart pause 5 second(s)
20160823 09:55:51 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20160823 09:55:51 Socket Buffers: R=[87380->87380] S=[16384->16384]
20160823 09:55:51 I TCP/UDP: Preserving recently used remote address: [AF_INET]209.107.216.20:443
20160823 09:55:51 I Attempting to establish TCP connection with [AF_INET]209.107.216.20:443 [nonblock]
20160823 09:55:52 I TCP connection established with [AF_INET]209.107.216.20:443
20160823 09:55:52 I TCPv4_CLIENT link local: [undef]
20160823 09:55:52 I TCPv4_CLIENT link remote: [AF_INET]209.107.216.20:443
20160823 09:55:52 TLS: Initial packet from [AF_INET]209.107.216.20:443 sid=ec90efb7 76d0b096
20160823 09:55:53 VERIFY OK: depth=1 /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
20160823 09:55:53 VERIFY X509NAME ERROR: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=dal-a14.ipvanish.com/emailAddress=support@ipvanish.com must be <209.107.216.20>
20160823 09:55:53 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
20160823 09:55:53 N TLS Error: TLS object -> incoming plaintext read error
20160823 09:55:53 N TLS Error: TLS handshake failed
20160823 09:55:53 N Fatal TLS error (check_tls_errors_co) restarting
20160823 09:55:53 I SIGUSR1[soft tls-error] received process restarting
20160823 09:55:53 Restart pause 5 second(s)
20160823 09:55:56 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20160823 09:55:56 D MANAGEMENT: CMD 'state'
20160823 09:55:56 MANAGEMENT: Client disconnected
20160823 09:55:56 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20160823 09:55:56 D MANAGEMENT: CMD 'state'
20160823 09:55:56 MANAGEMENT: Client disconnected
20160823 09:55:56 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20160823 09:55:56 D MANAGEMENT: CMD 'state'
20160823 09:55:56 MANAGEMENT: Client disconnected
20160823 09:55:56 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20160823 09:55:56 D MANAGEMENT: CMD 'status 2'
20160823 09:55:56 MANAGEMENT: Client disconnected
20160823 09:55:56 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20160823 09:55:56 D MANAGEMENT: CMD 'log 500'
19691231 18:00:00

ca /tmp/openvpncl/ca.crt management 127.0.0.1 16 management-log-cache 100 verb 3 mute 3 syslog writepid /var/run/openvpncl.pid client resolv-retry infinite nobind persist-key persist-tun script-security 2 dev tun1 proto tcp-client cipher aes-256-cbc auth sha256 auth-user-pass /tmp/openvpncl/credentials remote 209.107.216.20 443 comp-lzo yes tun-mtu 1500 mtu-disc yes tun-ipv6 tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA persist-remote-ip auth SHA256 keysize 256 tls-remote <209.107.216.20> script-security 3 system

Thank you in advance for any help possible!

Mike42Smith
DD-WRT User

Joined: 14 Feb 2016
Posts: 146
Location: Germany

Posted: Tue Aug 23, 2016 18:29 Post subject:
Try to set the tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA to NONE / leave it out. In consequence of this the OpenVPN server will negotiate the best tls-cipher at connecting sequence. _________________ Ongoing experiences with: Linksys E3000 and WRT610N v2 TP-Link Archer C9 Raspberry Pi and TP-Link TL-WR710N with OpenWRT

elDGM
DD-WRT Novice

Joined: 20 Aug 2016
Posts: 3

Posted: Tue Aug 23, 2016 19:28 Post subject:

Thanks for the quick reply! Tried leaving out the TLS cipher and no VPN still. I think I got the same messages in the log:

State
Client: RECONNECTING tls-error
Local Address:
Remote Address:

Status
VPN Client Stats
TUN/TAP read bytes 0
TUN/TAP write bytes 0
TCP/UDP read bytes 0
TCP/UDP write bytes 0
Auth read bytes 0

Log
Clientlog:
20160823 14:25:12 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
20160823 14:25:12 N TLS Error: TLS object -> incoming plaintext read error
20160823 14:25:12 N TLS Error: TLS handshake failed
20160823 14:25:12 N Fatal TLS error (check_tls_errors_co) restarting
20160823 14:25:12 I SIGUSR1[soft tls-error] received process restarting
20160823 14:25:12 Restart pause 5 second(s)
20160823 14:25:17 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20160823 14:25:17 Socket Buffers: R=[87380->87380] S=[16384->16384]
20160823 14:25:17 I TCP/UDP: Preserving recently used remote address: [AF_INET]209.107.216.9:443
20160823 14:25:17 I Attempting to establish TCP connection with [AF_INET]209.107.216.9:443 [nonblock]
20160823 14:25:18 I TCP connection established with [AF_INET]209.107.216.9:443
20160823 14:25:18 I TCPv4_CLIENT link local: [undef]
20160823 14:25:18 I TCPv4_CLIENT link remote: [AF_INET]209.107.216.9:443
20160823 14:25:18 TLS: Initial packet from [AF_INET]209.107.216.9:443 sid=15b5b950 9b3fee5d
20160823 14:25:19 VERIFY OK: depth=1 /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
20160823 14:25:19 VERIFY X509NAME ERROR: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=dal-a07.ipvanish.com/emailAddress=support@ipvanish.com must be
20160823 14:25:19 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
20160823 14:25:19 N TLS Error: TLS object -> incoming plaintext read error
20160823 14:25:19 N TLS Error: TLS handshake failed
20160823 14:25:19 N Fatal TLS error (check_tls_errors_co) restarting
20160823 14:25:19 I SIGUSR1[soft tls-error] received process restarting
20160823 14:25:19 Restart pause 5 second(s)
20160823 14:25:24 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20160823 14:25:24 Socket Buffers: R=[87380->87380] S=[16384->16384]
20160823 14:25:24 I TCP/UDP: Preserving recently used remote address: [AF_INET]209.107.216.9:443
20160823 14:25:24 I Attempting to establish TCP connection with [AF_INET]209.107.216.9:443 [nonblock]
20160823 14:25:25 I TCP connection established with [AF_INET]209.107.216.9:443
20160823 14:25:25 I TCPv4_CLIENT link local: [undef]
20160823 14:25:25 I TCPv4_CLIENT link remote: [AF_INET]209.107.216.9:443
20160823 14:25:25 TLS: Initial packet from [AF_INET]209.107.216.9:443 sid=635f0762 e978d27c
20160823 14:25:25 VERIFY OK: depth=1 /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
20160823 14:25:25 VERIFY X509NAME ERROR: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=dal-a07.ipvanish.com/emailAddress=support@ipvanish.com must be
20160823 14:25:25 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
20160823 14:25:25 N TLS Error: TLS object -> incoming plaintext read error
20160823 14:25:25 N TLS Error: TLS handshake failed
20160823 14:25:25 N Fatal TLS error (check_tls_errors_co) restarting
20160823 14:25:25 I SIGUSR1[soft tls-error] received process restarting
20160823 14:25:25 Restart pause 5 second(s)
20160823 14:25:30 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20160823 14:25:30 Socket Buffers: R=[87380->87380] S=[16384->16384]
20160823 14:25:30 I TCP/UDP: Preserving recently used remote address: [AF_INET]209.107.216.9:443
20160823 14:25:30 I Attempting to establish TCP connection with [AF_INET]209.107.216.9:443 [nonblock]
20160823 14:25:31 I TCP connection established with [AF_INET]209.107.216.9:443
20160823 14:25:31 I TCPv4_CLIENT link local: [undef]
20160823 14:25:31 I TCPv4_CLIENT link remote: [AF_INET]209.107.216.9:443
20160823 14:25:31 TLS: Initial packet from [AF_INET]209.107.216.9:443 sid=c49e5a07 9e9d7ee1
20160823 14:25:31 VERIFY OK: depth=1 /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
20160823 14:25:31 VERIFY X509NAME ERROR: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=dal-a07.ipvanish.com/emailAddress=support@ipvanish.com must be
20160823 14:25:31 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
20160823 14:25:31 N TLS Error: TLS object -> incoming plaintext read error
20160823 14:25:31 N TLS Error: TLS handshake failed
20160823 14:25:31 N Fatal TLS error (check_tls_errors_co) restarting
20160823 14:25:31 I SIGUSR1[soft tls-error] received process restarting
20160823 14:25:31 Restart pause 5 second(s)
20160823 14:25:36 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20160823 14:25:36 Socket Buffers: R=[87380->87380] S=[16384->16384]
20160823 14:25:36 I TCP/UDP: Preserving recently used remote address: [AF_INET]209.107.216.9:443
20160823 14:25:36 I Attempting to establish TCP connection with [AF_INET]209.107.216.9:443 [nonblock]
20160823 14:25:37 I TCP connection established with [AF_INET]209.107.216.9:443
20160823 14:25:37 I TCPv4_CLIENT link local: [undef]
20160823 14:25:37 I TCPv4_CLIENT link remote: [AF_INET]209.107.216.9:443
20160823 14:25:37 TLS: Initial packet from [AF_INET]209.107.216.9:443 sid=df32d2c7 277aa4dc
20160823 14:25:37 VERIFY OK: depth=1 /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
20160823 14:25:37 VERIFY X509NAME ERROR: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=dal-a07.ipvanish.com/emailAddress=support@ipvanish.com must be
20160823 14:25:37 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
20160823 14:25:37 N TLS Error: TLS object -> incoming plaintext read error
20160823 14:25:37 N TLS Error: TLS handshake failed
20160823 14:25:37 N Fatal TLS error (check_tls_errors_co) restarting
20160823 14:25:37 I SIGUSR1[soft tls-error] received process restarting
20160823 14:25:37 Restart pause 5 second(s)
20160823 14:25:42 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20160823 14:25:42 Socket Buffers: R=[87380->87380] S=[16384->16384]
20160823 14:25:42 I TCP/UDP: Preserving recently used remote address: [AF_INET]209.107.216.9:443
20160823 14:25:42 I Attempting to establish TCP connection with [AF_INET]209.107.216.9:443 [nonblock]
20160823 14:25:43 I TCP connection established with [AF_INET]209.107.216.9:443
20160823 14:25:43 I TCPv4_CLIENT link local: [undef]
20160823 14:25:43 I TCPv4_CLIENT link remote: [AF_INET]209.107.216.9:443
20160823 14:25:43 TLS: Initial packet from [AF_INET]209.107.216.9:443 sid=bae532fa dc6fb402
20160823 14:25:44 VERIFY OK: depth=1 /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=IPVanish_CA/emailAddress=support@ipvanish.com
20160823 14:25:44 VERIFY X509NAME ERROR: /C=US/ST=FL/L=Winter_Park/O=IPVanish/OU=IPVanish_VPN/CN=dal-a07.ipvanish.com/emailAddress=support@ipvanish.com must be
20160823 14:25:44 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
20160823 14:25:44 N TLS Error: TLS object -> incoming plaintext read error
20160823 14:25:44 N TLS Error: TLS handshake failed
20160823 14:25:44 N Fatal TLS error (check_tls_errors_co) restarting
20160823 14:25:44 I SIGUSR1[soft tls-error] received process restarting
20160823 14:25:44 Restart pause 5 second(s)
20160823 14:25:44 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20160823 14:25:44 D MANAGEMENT: CMD 'state'
20160823 14:25:44 MANAGEMENT: Client disconnected
20160823 14:25:44 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20160823 14:25:44 D MANAGEMENT: CMD 'state'
20160823 14:25:44 MANAGEMENT: Client disconnected
20160823 14:25:44 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20160823 14:25:44 D MANAGEMENT: CMD 'state'
20160823 14:25:44 MANAGEMENT: Client disconnected
20160823 14:25:44 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20160823 14:25:44 D MANAGEMENT: CMD 'status 2'
20160823 14:25:44 MANAGEMENT: Client disconnected
20160823 14:25:44 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20160823 14:25:44 D MANAGEMENT: CMD 'log 500'
19691231 18:00:00

ca /tmp/openvpncl/ca.crt management 127.0.0.1 16 management-log-cache 100 verb 3 mute 3 syslog writepid /var/run/openvpncl.pid client resolv-retry infinite nobind persist-key persist-tun script-security 2 dev tun1 proto tcp-client cipher aes-256-cbc auth sha256 auth-user-pass /tmp/openvpncl/credentials remote dal-a07.ipvanish.com 443 comp-lzo yes tun-mtu 1500 mtu-disc yes tun-ipv6 persist-remote-ip auth SHA256 keysize 256 tls-remote script-security 3 system

Mike42Smith
DD-WRT User

Joined: 14 Feb 2016
Posts: 146
Location: Germany

Posted: Wed Aug 24, 2016 5:52 Post subject:
By the way did you set the tls-auth key-file to your config provided by IPvansh? because I don't see any "tls-auth" entry in your config logs. _________________ Ongoing experiences with: Linksys E3000 and WRT610N v2 TP-Link Archer C9 Raspberry Pi and TP-Link TL-WR710N with OpenWRT

elDGM
DD-WRT Novice

Joined: 20 Aug 2016
Posts: 3

Posted: Wed Aug 24, 2016 12:59 Post subject:

Just heard back from IP Vanish with a suggestion that worked! Aside from deleting the TLS cipher line in the additional configuration box they also suggested removing the <> symbols around the server name/ip address in the tls-remote line. After doing this and rebooting it is working and also even policy based routing is working when I added that to the appropriate field in the GUI!!!

My corrected additional config is as follows:

persist-remote-ip
auth SHA256
keysize 256
tls-remote ipvanish server IP/Name
script-security 3 system

Thanks so much for the quick responses in this thread!! I hope I have added some useful information for others that encounter the same problem.

Cowsland
DD-WRT Novice

Joined: 05 Jan 2017
Posts: 8

Posted: Fri Jan 20, 2017 17:38 Post subject:
Do you know if there have been extra changes to the necessary settings? I've followed this updated guide to the letter but still can't connect

Cowsland
DD-WRT Novice

Joined: 05 Jan 2017
Posts: 8

Posted: Fri Jan 20, 2017 23:56 Post subject:

I don't understand why i only have this log

Clientlog:

ca /tmp/openvpncl/ca.crt management 127.0.0.1 16 management-log-cache 100 verb 3 mute 3 syslog writepid /var/run/openvpncl.pid client resolv-retry infinite nobind persist-key persist-tun script-security 2 dev tun1 proto tcp-client cipher aes-256-cbc auth sha256 auth-user-pass /tmp/openvpncl/credentials remote nyc-a18.ipvanish.com 443 comp-lzo yes tun-mtu 1500 mtu-disc yes tun-ipv6 persist-remote-ip auth SHA256 keysize 256 tls-remote nyc-a18.ipvanish.com script-security 3 system

It looks like it's not even trying to connect Question

Cowsland
DD-WRT Novice

Joined: 05 Jan 2017
Posts: 8

Posted: Sat Jan 21, 2017 0:26 Post subject:
I've checked and rechecked everything. It's step by step identical to the suggested settings Is it possible some default settings in other tabs stop the openvpn from working properly?

Goto page 1, 2 Next

Display posts from previous:

Page 1 of 2

DD-WRT Forum Index -> Advanced Networking

All times are GMT

Navigation

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum

Log in

VPN with IPVANISH just wont work please help!!

Quick Links

Log in