cant connect from asus router #1668
Replies: 2 comments
-
I'm experiencing the same issue - I own the ASUS RT-AC68U router with the most recent version of ASUSWRT (3.0.0.4.386_51665). I generated a passwordless OVPN profile using the
So, I removed the
So, for some reason the CN from the generated certificate doesn't match the required value/name - not sure why. Any ideas? BTW, the PiVPN server configuration seems fine, as I'm able to connect and use that VPN from different devices (macOS and Windows computer) without any issues - only the ASUS router refuses to connect. |
Beta Was this translation helpful? Give feedback.
-
UPDATE: According to this discussion, the ASUSWRT implementation limits X509 NAME to a maximum of 31 characters. However, the NAME generated by PiVPN is in my case 44 characters long ( As I workaround, I removed the verify-x509-name ... line from the OVPN config file and now it works fine. |
Beta Was this translation helpful? Give feedback.
-
Trying to connect to my home router with an asus ax3000 routers built in openvpn client.
I am able to connect to my PIA vpn with no issues.
I have tried connecting to my pivpn connections and none have worked.
I tried my "work" profile, which i can connect to from the openvpn client in windows with no issues
if i try the work profile (passworded) it fails and the log shows the following error
Dec 22 10:00:18 vpnclient4[9249]: neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Private Key Password:'. If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.
Dec 22 10:00:18 vpnclient4[9249]: Exiting due to fatal error
after some research it looks like the -nopass option should resolve this but when I do that, i get
Dec 22 10:02:53 vpnclient2[9492]: VERIFY X509NAME ERROR: CN=pivpn_d1981d25-5499-4aa6-845b-73c306######, must be pivpn_d1981d25-5499-4aa6-845b-7
Dec 22 10:02:53 vpnclient2[9492]: OpenSSL: error:1416F086:lib(20):func(367):reason(134)
Dec 22 10:02:53 vpnclient2[9492]: TLS_ERROR: BIO read tls_read_plaintext error
Dec 22 10:02:53 vpnclient2[9492]: TLS Error: TLS object -> incoming plaintext read error
Dec 22 10:02:53 vpnclient2[9492]: TLS Error: TLS handshake failed
Dec 22 10:02:53 vpnclient2[9492]: SIGUSR1[soft,tls-error] received, process restarting
Dec 22 10:02:53 vpnclient2[9492]: Restart pause, 20 second(s)
my .ovpn file shows
tls-version-min 1.2
verify-x509-name pivpn_d1981d25-5499-4aa6-845b-73c306###### name
cipher AES-256-CBC
any help would be greatly appreciated, im working at a remote site for the next few months, and most of my equipment needs to be able to see the servers on the other side
Beta Was this translation helpful? Give feedback.
All reactions