VPN help please

emsufer

emsufer

n3wb
Mar 9, 2017
23
2
I have asus router that I set up the vpn. I'm using an iphone to try and connect but it is unsuccessful. I'm getting "TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)" on the router log and on the openvpn connect: 'mbed TLS: SSL read error : SLL Prosse\\cessing of the ServerKeyExchange handshake message failed". I disabled the firewall for a few minutes but it nothing. I used Randy : OpenVPN on a Asus router to setup the router. any help would be appreciated.
 
I can see how the VPN option would be more secure than the stunnel option but does it require that you connect the VPN manually each time you want to open your mobile app when you aren't on your home network?
 
I think that is what is needed for the vpn client. Connect every time. However I’m getting nowhere with help here. Will have to find a way to get it going.
 
I found the official response from David at IOS 10.0.1 has removes PPTP VPN. Now what? | FlexRadio Systems Community even though it was in response to another product. I happen to have an Asus router so steps 1 - 12 were all I needed. Once I get my other devices updated I'll remove the ssl forwarded port I had in place. The nice thing about ASUS routers (others may have this too?) is the router registers your external IP with their service at asuscomm.com so if it changes your VPN should continue to work.
 
Those of you that use VPN, do you leave it up all the time? Since switching my phone to use the internal ip only the Geofencing fails each time, I'm guessing because the app cannot update the server?
 
Terk said:
I found the official response from David at IOS 10.0.1 has removes PPTP VPN. Now what? | FlexRadio Systems Community even though it was in response to another product. I happen to have an Asus router so steps 1 - 12 were all I needed. Once I get my other devices updated I'll remove the ssl forwarded port I had in place. The nice thing about ASUS routers (others may have this too?) is the router registers your external IP with their service at asuscomm.com so if it changes your VPN should continue to work.
Click to expand...
Thanks. I’ll take a look and see if this helps. Much appreciated.
 
@emsufer

here are my VPN setting from ASUS RT-AC66U_B1 running Merlin Sorry Haven't tried on an iPhone.
Exported the client1.ovpn and imported it on my Androind phone and all works well.

I am using the download OpenVPN app, is that what you are using or the default VPN app?

VPN Settings.jpg
 
Terk said:
Those of you that use VPN, do you leave it up all the time? Since switching my phone to use the internal ip only the Geofencing fails each time, I'm guessing because the app cannot update the server?
Click to expand...
Me, I just use it occasionally when I want to look at my cameras or if surfing from a local coffee shop.
 
58chev said:
@emsufer

here are my VPN setting from ASUS RT-AC66U_B1 running Merlin Sorry Haven't tried on an iPhone.
Exported the client1.ovpn and imported it on my Androind phone and all works well.

I am using the download OpenVPN app, is that what you are using or the default VPN app?

View attachment 27572
Click to expand...
I'm using the same OpenVPN store app
 
58chev said:
Me, I just use it occasionally when I want to look at my cameras or if surfing from a local coffee shop.
Click to expand...
I’m using the OpenVPN connect app. Here are the settings. Is there supposed to be a certificate stored in the app under the symbol.
 

Attachments

  • 1C9F9A67-708B-45E9-8916-E004E3217E38.jpeg
    1C9F9A67-708B-45E9-8916-E004E3217E38.jpeg
    2.8 MB · Views: 23
  • 84DC90EB-02AE-4B35-8B22-C76BAE8D1352.jpeg
    84DC90EB-02AE-4B35-8B22-C76BAE8D1352.jpeg
    531.2 KB · Views: 22
Yes, under the symbol, it should show your ????????. asuscomm.com link to your OpenVPN Server.

Maybe try to rebuild your client1.ovpn file and re import into the client app.
 
You exported the file from your router and imported it into the openvpn app correct?
 
Terk said:
You exported the file from your router and imported it into the openvpn app correct?
Click to expand...

Yes. I did the settings saved it, them export the file. I email it to myself and open the file in the app.
 

Attachments

  • Screen Shot 2018-03-18 at 11.36.40 AM.png
    Screen Shot 2018-03-18 at 11.36.40 AM.png
    151.6 KB · Views: 16
  • Screen Shot 2018-03-18 at 11.36.08 AM.png
    Screen Shot 2018-03-18 at 11.36.08 AM.png
    129.8 KB · Views: 15
  • Screen Shot 2018-03-18 at 11.36.57 AM.png
    Screen Shot 2018-03-18 at 11.36.57 AM.png
    201.6 KB · Views: 16
  • Screen Shot 2018-03-18 at 11.38.27 AM.png
    Screen Shot 2018-03-18 at 11.38.27 AM.png
    108.6 KB · Views: 16
Were your openvpn client says "External certificate profile" mine says "Standard profile" but I don't see why as your settings are very close to mine, Although your definitely on a different firmware than I am, I'm at the latest my router supports.
 
I’m using Merlin build on the Asus. But it’s the 376.xx firmware and I see there is more recent updated firmware at 384.xx. I will try to flash the upgrade and see if this remedy’s the problem.
 
Also click were it says YourName.asuscomm.com/client1 (5) as you may have multiple imported profiles, if so try deleting all and re-import your latest export to make sure its using the correct settings, even a small change in the vpn server settings can make the client no longer connect without re-exporting/importing the current connection profile. I'm on the stock firmware, never tried the Merlin firmware.
 
emsufer said:
I’m using Merlin build on the Asus. But it’s the 376.xx firmware and I see there is more recent updated firmware at 384.xx. I will try to flash the upgrade and see if this remedy’s the problem.
Click to expand...

The "TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)" took me a little while to get straightened out on my router, as I am using a Merlin build as well.
On some of the Merlin builds, you need to provide your own certificate/keys. On the router VPN Settings, click on the "Content modification of Keys and Certificates" to see if there are any certificates/keys that you need to provide.
The OpenVPN server download includes the program needed to establish your own Certificate authority and certificates with the needed the public and private keys. You can then copy and paste them into the VPN settings and the config file.
 
emsufer said:
I’m using Merlin build on the Asus. But it’s the 376.xx firmware and I see there is more recent updated firmware at 384.xx. I will try to flash the upgrade and see if this remedy’s the problem.
Click to expand...
I'm running the latest Merlin with no issues (384.4_0)
I will email myself the file and dump it on a iPhone but can only test tomorrow on a different network as my iPhone does not have a SIM.
Have you taken a look over here ?

DognamedTank said:
The "TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)" took me a little while to get straightened out on my router, as I am using a Merlin build as well.
On some of the Merlin builds, you need to provide your own certificate/keys. On the router VPN Settings, click on the "Content modification of Keys and Certificates" to see if there are any certificates/keys that you need to provide.
The OpenVPN server download includes the program needed to establish your own Certificate authority and certificates with the needed the public and private keys. You can then copy and paste them into the VPN settings and the config file.
Click to expand...

I never had to modify any of the keys on my Router running the latest Merlin.
 
You must log in or register to reply here.
Top Bottom