(Solved) Advanced Tomato Openvpn Client Setup on RT-AC68U

nottodayfolksnottodayfolks
edited June 2018 in Other Devices VPN Setup

I've been trying to make this work for past few days. I have followed the steps outlined in

https://www.privateinternetaccess.com/helpdesk/guides/routers/tomato/tomato-advanced-firmware-setup

However, I keep getting TLS handshake error. I've tried changing port numbers and protocols from UDP & TCP, encryption type, but to no success.

Also the following URL in the guide is no longer working

https://helpdesk.privateinternetaccess.com/hc/en-us/articles/225274288-Which-encryption-auth-settings-should-I-use-for-ports-on-your-gateways-


Below is my log with errors:

May 30 12:05:32 unknown daemon.notice openvpn[2202]: Restart pause, 5 second(s)
May 30 12:05:37 unknown daemon.warn openvpn[2202]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
May 30 12:05:37 unknown daemon.warn openvpn[2202]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
May 30 12:05:37 unknown daemon.notice openvpn[2202]: TCP/UDP: Preserving recently used remote address: [AF_INET]1XX.1XX.2XX.XXX:53
May 30 12:05:37 unknown daemon.notice openvpn[2202]: Socket Buffers: R=[120832->120832] S=[120832->120832]
May 30 12:05:37 unknown daemon.notice openvpn[2202]: UDP link local: (not bound)
May 30 12:05:37 unknown daemon.notice openvpn[2202]: UDP link remote: [AF_INET]1XX.1XX.2XX.XXX:53
May 30 12:05:37 unknown daemon.notice openvpn[2202]: TLS: Initial packet from [AF_INET]1XX.1XX.2XX.XXX:53, sid=4d1z85c9 agD85906
May 30 12:05:37 unknown daemon.err openvpn[2202]: VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=US, ST=OH, L=Columbus, O=Private Internet Access, CN=Private Internet Access CA, emailAddress=[email protected]
May 30 12:05:37 unknown daemon.err openvpn[2202]: OpenSSL: error:14090086:lib(20):func(144):reason(134)
May 30 12:05:37 unknown daemon.err openvpn[2202]: TLS_ERROR: BIO read tls_read_plaintext error
May 30 12:05:37 unknown daemon.err openvpn[2202]: TLS Error: TLS object -> incoming plaintext read error
May 30 12:05:37 unknown daemon.err openvpn[2202]: TLS Error: TLS handshake failed
May 30 12:05:37 unknown daemon.notice openvpn[2202]: SIGUSR1[soft,tls-error] received, process restarting
May 30 12:05:37 unknown daemon.notice openvpn[2202]: Restart pause, 5 second(s)

 I'm a noob at this. Would appreciate help in debugging this issue.

Thanks

Comments

  • StarrTouchStarrTouch
    same problem
  • piaabopiaabo
    New URL for encryption settings.
    Download the correct .crt file for your settings and reread the guide, copying the certificate text in the correct field.
  • nottodayfolksnottodayfolks
    Thank you @piaabo ;

    Following configuration worked for me:
    Port:  53
    Protocol:  UDP
    Encryption:  BF-CBC
    Auth Hash:  SHA1
    Root CA:  ca.crt




Sign In or Register to comment.