VPN client on Asus RT-AC68P works, but only for wired devices

burton

I'm attempting to install a PIA VPN on my Asus router as described in this tutorial. The result is an active connection to the PIA VPN, but only from devices that are physically wired to my router. All wireless devices that were connected to the router prior to the VPN activation are now offline. Also, the Asus admin panel is extremely slow to load, and according to the router's VPN configuration page, the VPN is not active. The Asus system log shows a successful TLS connection, however:

Jun 7 23:03:42 rc_service: httpd 465:notify_rc restart_vpncall
Jun 7 23:03:43 openvpn[962]: event_wait : Interrupted system call (code=4)
Jun 7 23:03:43 openvpn[962]: /sbin/ifconfig tun11 0.0.0.0
Jun 7 23:03:43 openvpn[962]: SIGTERM[hard,] received, process exiting
Jun 7 23:03:44 openvpn[1163]: OpenVPN 2.3.2 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [eurephia] [MH] [IPv6] built on Mar 15 2017
Jun 7 23:03:44 openvpn[1168]: UDPv4 link local: [undef]
Jun 7 23:03:44 openvpn[1168]: UDPv4 link remote: [AF_INET] *****:1198
Jun 7 23:03:45 openvpn[1168]: WARNING: this configuration may cache passwords in memory — use the auth-nocache option to prevent this
Jun 7 23:03:46 openvpn[1168]: [c7c9a552fa270dd4d70452397ef2f2238] Peer Connection Initiated with [AF_INET]********:1198
Jun 7 23:03:48 openvpn[1168]: TUN/TAP device tun11 opened
Jun 7 23:03:48 openvpn[1168]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Jun 7 23:03:48 openvpn[1168]: /sbin/ifconfig tun11 ****** pointopoint ****** mtu 1500
Jun 7 23:03:48 openvpn[1168]: Initialization Sequence Completed

Apologies for the AC68U tag. The UI would not let me provide a tag for my actual router model (RT-AC68P). 

Omnibus_IV

Did you by chance turn off something that should not have been turned off? When the VPN is not running your wireless devices get an DHCP assigned IP address, yes? When the VPN is running, do you still get a DHCP assigned IP address, or does your Wifi just up and quite working? Meaning, no Wifi signal at all?

And the configuration file. From where did you get it? Can your post it also?

burton

HI Omnibus,

I've made some progress. I manually added the cert to my ovpn file, and the Asus admin interface reports a smooth connection. The admin panel remains fast after activating the VPN. Bandwidth is good.

However, wireless devices are still offline. The SSID is still broadcasting, and wireless devices remain connected to that SSID. But the router provides no upstream connectivity for those devices. According to the Asus admin panel, these devices still have DHCP-assigned IPs. 

UPDATE, five minutes later: That was short-lived. After making no changes to the router configuration after I posted the above text, the VPN Client page of the Asus panel is back to being unusably slow. My only solution to this is to factory reset the router and start over from scratch.

My firmware is 3.0.0.4.380_7378.

Omnibus_IV

My router is a Linksys running DD-WRT. I tried to run VPN on the router but it was too slow. I believe my issue was processor speed and nothing else. That was good for you to add the cert to the config file so you can load both in one fell swoop.

My concern is how the path inside the router is handling Wifi connections. It is almost like the Wifi devices are being added after the tunnel is established therefore, not allowing the connection. Does that make sense? I don;t think it is an issue with config files or OpenVPN. It is like the Wifi devices are being blocked from accessing the route via the VPN.

I would agree on the factory reset. After that, use a PC and before you activate VPN, start a continuous ping to google.

ping google.com -t

I'm sure you know how to do that, but just in case...

Once the ping has started, activate the VPN. There should be just one or two lost packets before the replies start again. If you get a Destination Unreachable then yeah, you are being basically block from joining that network.