Trying to configure on Netgear AC1450 router using DD-WRT

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
bigwilly087
OpenVpn Newbie
Posts: 3
Joined: Thu Mar 26, 2015 11:35 am

Trying to configure on Netgear AC1450 router using DD-WRT

Post by bigwilly087 » Thu Mar 26, 2015 11:41 am

I've used PIA for some time, but now I want to use it through OpenVPN on a router. I purchased and setup the Netgear AC1450 and flashed DD-WRT, however i'm not able to get it to configure. The Netgear router is connected to my FIOS router (Verizon MI424WR Router). Thinking the Fios router might be causing problems, I turned the Firewall security to "minimal" and opened port UDP 1194.

I followed the instructions here: http://www.instructables.com/id/Configu ... -for-Priv/

Any help would be GREATLY appreciated!

Here are the logs:

State
Client: RECONNECTING tls-error

Local Address:
Remote Address:

Status
VPN Client Stats
TUN/TAP read bytes 0
TUN/TAP write bytes 0
TCP/UDP read bytes 0
TCP/UDP write bytes 0
Auth read bytes 0

Log
Clientlog:
19700101 09:42:00 I SIGUSR1[soft tls-error] received process restarting
19700101 09:42:00 Restart pause 2 second(s)
19700101 09:42:02 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:42:02 Socket Buffers: R=[180224->131072] S=[180224->131072]
19700101 09:42:02 I UDPv4 link local: [undef]
19700101 09:42:02 I UDPv4 link remote: [AF_INET]50.23.131.249:1194
19700101 09:42:02 TLS: Initial packet from [AF_INET]50.23.131.249:1194 sid=9ad95e1c cc9170f9
19700101 09:42:02 N VERIFY ERROR: depth=1 error=certificate is not yet valid: C=US ST=OH L=Columbus O=Private Internet Access CN=Private Internet Access CA emailAddress=secure@privateinternetaccess.com
19700101 09:42:02 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
19700101 09:42:02 N TLS Error: TLS object -> incoming plaintext read error
19700101 09:42:02 NOTE: --mute triggered...
19700101 09:42:02 1 variation(s) on previous 3 message(s) suppressed by --mute
19700101 09:42:02 I SIGUSR1[soft tls-error] received process restarting
19700101 09:42:02 Restart pause 2 second(s)
19700101 09:42:04 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:42:04 Socket Buffers: R=[180224->131072] S=[180224->131072]
19700101 09:42:04 I UDPv4 link local: [undef]
19700101 09:42:04 I UDPv4 link remote: [AF_INET]173.192.176.164:1194
19700101 09:42:05 TLS: Initial packet from [AF_INET]173.192.176.164:1194 sid=3e57b2c0 6e6cc6bf
19700101 09:42:05 N VERIFY ERROR: depth=1 error=certificate is not yet valid: C=US ST=OH L=Columbus O=Private Internet Access CN=Private Internet Access CA emailAddress=secure@privateinternetaccess.com
19700101 09:42:05 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
19700101 09:42:05 N TLS Error: TLS object -> incoming plaintext read error
19700101 09:42:05 NOTE: --mute triggered...
19700101 09:42:05 1 variation(s) on previous 3 message(s) suppressed by --mute
19700101 09:42:05 I SIGUSR1[soft tls-error] received process restarting
19700101 09:42:05 Restart pause 2 second(s)
19700101 09:42:07 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:42:07 Socket Buffers: R=[180224->131072] S=[180224->131072]
19700101 09:42:07 I UDPv4 link local: [undef]
19700101 09:42:07 I UDPv4 link remote: [AF_INET]50.23.131.249:1194
19700101 09:42:07 TLS: Initial packet from [AF_INET]50.23.131.249:1194 sid=5d5cbe4c 71f07d64
19700101 09:42:08 N VERIFY ERROR: depth=1 error=certificate is not yet valid: C=US ST=OH L=Columbus O=Private Internet Access CN=Private Internet Access CA emailAddress=secure@privateinternetaccess.com
19700101 09:42:08 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
19700101 09:42:08 N TLS Error: TLS object -> incoming plaintext read error
19700101 09:42:08 NOTE: --mute triggered...
19700101 09:42:08 1 variation(s) on previous 3 message(s) suppressed by --mute
19700101 09:42:08 I SIGUSR1[soft tls-error] received process restarting
19700101 09:42:08 Restart pause 2 second(s)
19700101 09:42:10 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:42:10 Socket Buffers: R=[180224->131072] S=[180224->131072]
19700101 09:42:10 I UDPv4 link local: [undef]
19700101 09:42:10 I UDPv4 link remote: [AF_INET]173.192.187.139:1194
19700101 09:42:10 TLS: Initial packet from [AF_INET]173.192.187.139:1194 sid=418f341b 8ea086a9
19700101 09:42:10 N VERIFY ERROR: depth=1 error=certificate is not yet valid: C=US ST=OH L=Columbus O=Private Internet Access CN=Private Internet Access CA emailAddress=secure@privateinternetaccess.com
19700101 09:42:10 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
19700101 09:42:10 N TLS Error: TLS object -> incoming plaintext read error
19700101 09:42:10 NOTE: --mute triggered...
19700101 09:42:10 1 variation(s) on previous 3 message(s) suppressed by --mute
19700101 09:42:10 I SIGUSR1[soft tls-error] received process restarting
19700101 09:42:10 Restart pause 2 second(s)
19700101 09:42:12 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:42:12 Socket Buffers: R=[180224->131072] S=[180224->131072]
19700101 09:42:12 I UDPv4 link local: [undef]
19700101 09:42:12 I UDPv4 link remote: [AF_INET]173.192.176.159:1194
19700101 09:42:12 TLS: Initial packet from [AF_INET]173.192.176.159:1194 sid=1091a5da 8ddc46b7
19700101 09:42:13 N VERIFY ERROR: depth=1 error=certificate is not yet valid: C=US ST=OH L=Columbus O=Private Internet Access CN=Private Internet Access CA emailAddress=secure@privateinternetaccess.com
19700101 09:42:13 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
19700101 09:42:13 N TLS Error: TLS object -> incoming plaintext read error
19700101 09:42:13 NOTE: --mute triggered...
19700101 09:42:13 1 variation(s) on previous 3 message(s) suppressed by --mute
19700101 09:42:13 I SIGUSR1[soft tls-error] received process restarting
19700101 09:42:13 Restart pause 2 second(s)
19700101 09:42:15 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:42:15 Socket Buffers: R=[180224->131072] S=[180224->131072]
19700101 09:42:15 I UDPv4 link local: [undef]
19700101 09:42:15 I UDPv4 link remote: [AF_INET]173.192.176.164:1194
19700101 09:42:15 TLS: Initial packet from [AF_INET]173.192.176.164:1194 sid=afb3c774 0ba233f1
19700101 09:42:15 N VERIFY ERROR: depth=1 error=certificate is not yet valid: C=US ST=OH L=Columbus O=Private Internet Access CN=Private Internet Access CA emailAddress=secure@privateinternetaccess.com
19700101 09:42:15 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
19700101 09:42:15 N TLS Error: TLS object -> incoming plaintext read error
19700101 09:42:15 NOTE: --mute triggered...
19700101 09:42:15 1 variation(s) on previous 3 message(s) suppressed by --mute
19700101 09:42:15 I SIGUSR1[soft tls-error] received process restarting
19700101 09:42:15 Restart pause 2 second(s)
19700101 09:42:17 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19700101 09:42:17 Socket Buffers: R=[180224->131072] S=[180224->131072]
19700101 09:42:17 I UDPv4 link local: [undef]
19700101 09:42:17 I UDPv4 link remote: [AF_INET]50.23.131.249:1194
19700101 09:42:17 TLS: Initial packet from [AF_INET]50.23.131.249:1194 sid=93aa5397 1046583b
19700101 09:42:18 N VERIFY ERROR: depth=1 error=certificate is not yet valid: C=US ST=OH L=Columbus O=Private Internet Access CN=Private Internet Access CA emailAddress=secure@privateinternetaccess.com
19700101 09:42:18 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
19700101 09:42:18 N TLS Error: TLS object -> incoming plaintext read error
19700101 09:42:18 NOTE: --mute triggered...
19700101 09:42:18 1 variation(s) on previous 3 message(s) suppressed by --mute
19700101 09:42:18 I SIGUSR1[soft tls-error] received process restarting
19700101 09:42:18 Restart pause 2 second(s)
19700101 09:42:18 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19700101 09:42:18 D MANAGEMENT: CMD 'state'
19700101 09:42:18 MANAGEMENT: Client disconnected
19700101 09:42:19 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19700101 09:42:19 D MANAGEMENT: CMD 'state'
19700101 09:42:19 MANAGEMENT: Client disconnected
19700101 09:42:19 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19700101 09:42:19 D MANAGEMENT: CMD 'state'
19700101 09:42:19 MANAGEMENT: Client disconnected
19700101 09:42:19 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19700101 09:42:19 D MANAGEMENT: CMD 'status 2'
19700101 09:42:19 MANAGEMENT: Client disconnected
19700101 09:42:19 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19700101 09:42:19 D MANAGEMENT: CMD 'log 500'
19700101 01:00:00

ca /tmp/openvpncl/ca.crt management 127.0.0.1 16 management-log-cache 100 verb 3 mute 3 syslog writepid /var/run/openvpncl.pid client resolv-retry infinite nobind persist-key persist-tun script-security 2 dev tun1 proto udp cipher bf-cbc auth sha1 auth-user-pass /tmp/openvpncl/credentials remote us-seattle.privateinternetaccess.com 1194 comp-lzo yes tun-mtu 1500 mtu-disc yes fast-io tun-ipv6 persist-key persist-tun tls-client remote-cert-tls server

User avatar
maikcat
Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:

Re: Trying to configure on Netgear AC1450 router using DD-WR

Post by maikcat » Thu Mar 26, 2015 12:49 pm

19700101
this is 1 - 1 - 1970...

please correct your routers time.

Michael.

bigwilly087
OpenVpn Newbie
Posts: 3
Joined: Thu Mar 26, 2015 11:35 am

Re: Trying to configure on Netgear AC1450 router using DD-WR

Post by bigwilly087 » Thu Mar 26, 2015 4:48 pm

maikcat wrote:
19700101
this is 1 - 1 - 1970...

please correct your routers time.

Michael.
Thanks for your reply. I doubt that is the source of the problem though?

bigwilly087
OpenVpn Newbie
Posts: 3
Joined: Thu Mar 26, 2015 11:35 am

Re: Trying to configure on Netgear AC1450 router using DD-WR

Post by bigwilly087 » Thu Mar 26, 2015 5:07 pm

maikcat wrote:
19700101
this is 1 - 1 - 1970...

please correct your routers time.

Michael.
Wow, shows what I know, I didn't think the date could possibly be the issue but it surely was. After fixing the date I am now successfully connected!!!

Now for another newb question, how do I get it so that devices connected to the router are router through the VPN? Currently my laptop connected to the dd-wrt router is still showing as in my current location rather than the location of the VPN.

I think it is probably somehow getting routed back to the primary router but am not sure which setting to change.

User avatar
maikcat
Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:

Re: Trying to configure on Netgear AC1450 router using DD-WR

Post by maikcat » Fri Mar 27, 2015 6:35 am

Wow, shows what I know, I didn't think the date could possibly be the issue but it surely was. After fixing the date I am now successfully connected!!!
let me explain why time is important..

your logs showed

Code: Select all

 19700101 09:42:02 N VERIFY ERROR: depth=1  error=certificate is not yet valid  : C=US ST=OH L=Columbus O=Private Internet Access CN=Private Internet Access CA emailAddress=secure@privateinternetaccess.com 
certs have validation date from/to , thats why time IS important ;)
how do I get it so that devices connected to the router are router through the VPN?
you need to redirect all traffic via the vpn , in a standalone openvpn server you usually add

Code: Select all

push "redirect-gateway def1"
to your server config and enable NAT on traffic leaving the openvpn server itself,

in ddwrt i simply dont know because i have no expierience with it...

Michael.

Post Reply