Dual Router Help

3 posts / 0 new
Last post
Jovin109
Jovin109's picture
Dual Router Help

Hello -- 

I'm setting up a dual router system in my home. I have a Nighthawk R-7000 that was flashed with Kong's DD-WRT. I am able to get service and connect to the netgear router, however, the VPN Service is not working. Any help on rectifying this would be greatly appreciated. 

I receieve the following error: 

Client: RECONNECTING tls-error 

 

My Client Log is included below: 

Clientlog: 
19691231 18:17:00 I SIGUSR1[soft tls-error] received process restarting 
19691231 18:17:00 Restart pause 2 second(s) 
19691231 18:17:02 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 
19691231 18:17:02 Socket Buffers: R=[180224->131072] S=[180224->131072] 
19691231 18:17:02 I UDPv4 link local: [undef] 
19691231 18:17:02 I UDPv4 link remote: [AF_INET]104.200.154.6:1194 
19691231 18:17:02 TLS: Initial packet from [AF_INET]104.200.154.6:1194 sid=73a17a1c afa7acbb 
19691231 18:17:02 N VERIFY ERROR: depth=1 error=certificate is not yet valid: C=US ST=OH L=Columbus O=Private Internet Access CN=Private Internet Access CA emailAddress=secure@privateinternetaccess.com 
19691231 18:17:02 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134) 
19691231 18:17:02 N TLS Error: TLS object -> incoming plaintext read error 
19691231 18:17:02 NOTE: --mute triggered... 
19691231 18:17:02 1 variation(s) on previous 3 message(s) suppressed by --mute 
19691231 18:17:02 I SIGUSR1[soft tls-error] received process restarting 
19691231 18:17:02 Restart pause 2 second(s) 
19691231 18:17:04 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 
19691231 18:17:04 Socket Buffers: R=[180224->131072] S=[180224->131072] 
19691231 18:17:04 I UDPv4 link local: [undef] 
19691231 18:17:04 I UDPv4 link remote: [AF_INET]104.200.154.36:1194 
19691231 18:17:04 TLS: Initial packet from [AF_INET]104.200.154.36:1194 sid=4efc7b1a 25072fbc 
19691231 18:17:04 N VERIFY ERROR: depth=1 error=certificate is not yet valid: C=US ST=OH L=Columbus O=Private Internet Access CN=Private Internet Access CA emailAddress=secure@privateinternetaccess.com 
19691231 18:17:04 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134) 
19691231 18:17:04 N TLS Error: TLS object -> incoming plaintext read error 
19691231 18:17:04 NOTE: --mute triggered... 
19691231 18:17:04 1 variation(s) on previous 3 message(s) suppressed by --mute 
19691231 18:17:04 I SIGUSR1[soft tls-error] received process restarting 
19691231 18:17:04 Restart pause 2 second(s) 
19691231 18:17:06 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 
19691231 18:17:06 Socket Buffers: R=[180224->131072] S=[180224->131072] 
19691231 18:17:06 I UDPv4 link local: [undef] 
19691231 18:17:06 I UDPv4 link remote: [AF_INET]104.200.154.87:1194 
19691231 18:17:06 TLS: Initial packet from [AF_INET]104.200.154.87:1194 sid=c7772dab e68140f3 
19691231 18:17:06 N VERIFY ERROR: depth=1 error=certificate is not yet valid: C=US ST=OH L=Columbus O=Private Internet Access CN=Private Internet Access CA emailAddress=secure@privateinternetaccess.com 
19691231 18:17:06 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134) 
19691231 18:17:06 N TLS Error: TLS object -> incoming plaintext read error 
19691231 18:17:06 NOTE: --mute triggered... 
19691231 18:17:06 1 variation(s) on previous 3 message(s) suppressed by --mute 
19691231 18:17:06 I SIGUSR1[soft tls-error] received process restarting 
19691231 18:17:06 Restart pause 2 second(s) 
19691231 18:17:08 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 
19691231 18:17:08 Socket Buffers: R=[180224->131072] S=[180224->131072] 
19691231 18:17:08 I UDPv4 link local: [undef] 
19691231 18:17:08 I UDPv4 link remote: [AF_INET]104.200.154.38:1194 
19691231 18:17:08 TLS: Initial packet from [AF_INET]104.200.154.38:1194 sid=a4b449be bf095403 
19691231 18:17:08 N VERIFY ERROR: depth=1 error=certificate is not yet valid: C=US ST=OH L=Columbus O=Private Internet Access CN=Private Internet Access CA emailAddress=secure@privateinternetaccess.com 
19691231 18:17:08 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134) 
19691231 18:17:08 N TLS Error: TLS object -> incoming plaintext read error 
19691231 18:17:08 NOTE: --mute triggered... 
19691231 18:17:08 1 variation(s) on previous 3 message(s) suppressed by --mute 
19691231 18:17:08 I SIGUSR1[soft tls-error] received process restarting 
19691231 18:17:08 Restart pause 2 second(s) 
19691231 18:17:10 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 
19691231 18:17:10 Socket Buffers: R=[180224->131072] S=[180224->131072] 
19691231 18:17:10 I UDPv4 link local: [undef] 
19691231 18:17:10 I UDPv4 link remote: [AF_INET]104.200.154.59:1194 
19691231 18:17:10 TLS: Initial packet from [AF_INET]104.200.154.59:1194 sid=ff3943ba 5dc5c90d 
19691231 18:17:10 N VERIFY ERROR: depth=1 error=certificate is not yet valid: C=US ST=OH L=Columbus O=Private Internet Access CN=Private Internet Access CA emailAddress=secure@privateinternetaccess.com 
19691231 18:17:10 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134) 
19691231 18:17:10 N TLS Error: TLS object -> incoming plaintext read error 
19691231 18:17:10 NOTE: --mute triggered... 
19691231 18:17:10 1 variation(s) on previous 3 message(s) suppressed by --mute 
19691231 18:17:10 I SIGUSR1[soft tls-error] received process restarting 
19691231 18:17:10 Restart pause 2 second(s) 
19691231 18:17:12 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 
19691231 18:17:12 Socket Buffers: R=[180224->131072] S=[180224->131072] 
19691231 18:17:12 I UDPv4 link local: [undef] 
19691231 18:17:12 I UDPv4 link remote: [AF_INET]104.200.154.63:1194 
19691231 18:17:12 TLS: Initial packet from [AF_INET]104.200.154.63:1194 sid=8c86bec7 d0176495 
19691231 18:17:12 N VERIFY ERROR: depth=1 error=certificate is not yet valid: C=US ST=OH L=Columbus O=Private Internet Access CN=Private Internet Access CA emailAddress=secure@privateinternetaccess.com 
19691231 18:17:12 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134) 
19691231 18:17:12 N TLS Error: TLS object -> incoming plaintext read error 
19691231 18:17:12 NOTE: --mute triggered... 
19691231 18:17:12 1 variation(s) on previous 3 message(s) suppressed by --mute 
19691231 18:17:12 I SIGUSR1[soft tls-error] received process restarting 
19691231 18:17:12 Restart pause 2 second(s) 
19691231 18:17:15 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 
19691231 18:17:15 Socket Buffers: R=[180224->131072] S=[180224->131072] 
19691231 18:17:15 I UDPv4 link local: [undef] 
19691231 18:17:15 I UDPv4 link remote: [AF_INET]104.200.154.8:1194 
19691231 18:17:15 TLS: Initial packet from [AF_INET]104.200.154.8:1194 sid=b91dd1f4 00e130bf 
19691231 18:17:15 N VERIFY ERROR: depth=1 error=certificate is not yet valid: C=US ST=OH L=Columbus O=Private Internet Access CN=Private Internet Access CA emailAddress=secure@privateinternetaccess.com 
19691231 18:17:15 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134) 
19691231 18:17:15 N TLS Error: TLS object -> incoming plaintext read error 
19691231 18:17:15 NOTE: --mute triggered... 
19691231 18:17:15 1 variation(s) on previous 3 message(s) suppressed by --mute 
19691231 18:17:15 I SIGUSR1[soft tls-error] received process restarting 
19691231 18:17:15 Restart pause 2 second(s) 
19691231 18:17:15 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19691231 18:17:15 D MANAGEMENT: CMD 'state' 
19691231 18:17:15 MANAGEMENT: Client disconnected 
19691231 18:17:15 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19691231 18:17:15 D MANAGEMENT: CMD 'state' 
19691231 18:17:15 MANAGEMENT: Client disconnected 
19691231 18:17:15 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19691231 18:17:15 D MANAGEMENT: CMD 'state' 
19691231 18:17:15 MANAGEMENT: Client disconnected 
19691231 18:17:15 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19691231 18:17:15 D MANAGEMENT: CMD 'status 2' 
19691231 18:17:15 MANAGEMENT: Client disconnected 
19691231 18:17:15 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
19691231 18:17:15 D MANAGEMENT: CMD 'log 500' 
19691231 16:00:00 

ca /tmp/openvpncl/ca.crt management 127.0.0.1 16 management-log-cache 100 verb 3 mute 3 syslog writepid /var/run/openvpncl.pid client resolv-retry infinite nobind persist-key persist-tun script-security 2 dev tun1 proto udp cipher bf-cbc auth sha1 auth-user-pass /tmp/openvpncl/credentials remote us-seattle.privateinternetaccess.com 1194 comp-lzo yes tun-mtu 1500 mtu-disc yes fast-io tun-ipv6 persist-key persist-tun tls-client remote-cert-tls server

Jovin109
Jovin109's picture
The problem was a time server

The problem was a time server error. I had a typo in the time server address. 

dalilama
dalilama's picture
I am having similar problems

I am having similar problems but I dont believe it's associated with the time server. It looks like the vpn is connected, however I have no internet connection now.

 

Any assistance would be greatly appreciated.

 

State
Client:

CONNECTED
SUCCESS


Status 
VPN Client Stats 
TUN/TAP read bytes 9840
TUN/TAP write bytes 14607
TCP/UDP read bytes 28000
TCP/UDP write bytes 20578
Auth read bytes 14751
pre-compress bytes 352
post-compress bytes 354
pre-decompress bytes 1031
post-decompress bytes 1173

 


Log Clientlog:
20160625 11:58:10 I OpenVPN 2.3.10 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Apr 19 2016

20160625 11:58:10 I library versions: OpenSSL 1.0.2g 1 Mar 2016 LZO 2.09

20160625 11:58:10 W WARNING: file '/tmp/user.txt' is group or others accessible

20160625 11:58:10 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16

20160625 11:58:10 W WARNING: No server certificate verification method
has been enabled. See http://openvpn.net/howto.html#mitm for more info.

20160625 11:58:10 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

20160625 11:58:10 W WARNING: file '/tmp/openvpncl/ta.key' is group or others accessible

20160625 11:58:10 I Control Channel Authentication: using '/tmp/openvpncl/ta.key' as a OpenVPN static key file

20160625 11:58:10 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

20160625 11:58:10 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

20160625 11:58:10 Socket Buffers: R=[180224->180224] S=[180224->180224]

20160625 11:58:10 I UDPv4 link local: [undef]

20160625 11:58:10 I UDPv4 link remote: [AF_INET]172.111.156.1:53

20160625 11:58:10 TLS: Initial packet from [AF_INET]172.111.156.1:53 sid=eeff1c45 bdd11b30

20160625 11:58:10 W WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this

20160625 11:58:10 VERIFY OK: depth=1 C=HK ST=HK L=HongKong
O=PureVPN OU=IT CN=PureVPN name=PureVPN
emailAddress=mail@host.domain

20160625 11:58:10 VERIFY OK: depth=0 C=HK ST=HK L=HongKong
O=PureVPN OU=IT CN=PureVPN name=PureVPN
emailAddress=mail@host.domain

20160625 11:58:15 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

20160625 11:58:15 NOTE: --mute triggered...

20160625 11:58:15 4 variation(s) on previous 3 message(s) suppressed by --mute

20160625 11:58:15 I [PureVPN] Peer Connection Initiated with [AF_INET]172.111.156.1:53

20160625 11:58:17 SENT CONTROL [PureVPN]: 'PUSH_REQUEST' (status=1)

20160625 11:58:17 PUSH: Received control message: 'PUSH_REPLY
redirect-gateway def1 dhcp-option DNS 172.111.156.2 dhcp-option DNS
8.8.4.4 sndbuf 393216 rcvbuf 393216 route-gateway 172.111.156.129
topology subnet ping 10 ping-restart 120 ifconfig 172.111.156.136
255.255.255.192'

20160625 11:58:17 OPTIONS IMPORT: timers and/or timeouts modified

20160625 11:58:17 NOTE: --mute triggered...

20160625 11:58:17 1 variation(s) on previous 3 message(s) suppressed by --mute

20160625 11:58:17 Socket Buffers: R=[180224->360448] S=[180224->360448]

20160625 11:58:17 OPTIONS IMPORT: --ifconfig/up options modified

20160625 11:58:17 OPTIONS IMPORT: route options modified

20160625 11:58:17 OPTIONS IMPORT: route-related options modified

20160625 11:58:17 NOTE: --mute triggered...

20160625 11:58:17 1 variation(s) on previous 3 message(s) suppressed by --mute

20160625 11:58:17 W WARNING: potential conflict between --remote address
[172.111.156.1] and --ifconfig address pair [172.111.156.136
255.255.255.192] -- this is a warning only that is triggered when
local/remote addresses exist within the same /24 subnet as --ifconfig
endpoints. (silence this warning with --ifconfig-nowarn)

20160625 11:58:17 I TUN/TAP device tun1 opened

20160625 11:58:17 TUN/TAP TX queue length set to 100

20160625 11:58:17 I do_ifconfig tt->ipv6=1 tt->did_ifconfig_ipv6_setup=0

20160625 11:58:17 I /sbin/ifconfig tun1 172.111.156.136 netmask 255.255.255.192 mtu 1500 broadcast 172.111.156.191

20160625 11:58:17 /sbin/route add -net 172.111.156.1 netmask 255.255.255.255 gw 192.168.0.1

20160625 11:58:17 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 172.111.156.129

20160625 11:58:17 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 172.111.156.129

20160625 11:58:18 I Initialization Sequence Completed

20160625 11:58:29 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16

20160625 11:58:29 D MANAGEMENT: CMD 'state'

20160625 11:58:29 MANAGEMENT: Client disconnected

20160625 11:58:29 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16

20160625 11:58:29 D MANAGEMENT: CMD 'state'

20160625 11:58:29 MANAGEMENT: Client disconnected

20160625 11:58:29 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16

20160625 11:58:29 D MANAGEMENT: CMD 'state'

20160625 11:58:29 MANAGEMENT: Client disconnected

20160625 11:58:29 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16

20160625 11:58:29 D MANAGEMENT: CMD 'status 2'

20160625 11:58:29 MANAGEMENT: Client disconnected

20160625 11:58:29 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16

20160625 11:58:29 D MANAGEMENT: CMD 'log 500'

20160625 11:58:29 MANAGEMENT: Client disconnected

20160625 12:01:19 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16

20160625 12:01:19 D MANAGEMENT: CMD 'state'

20160625 12:01:19 MANAGEMENT: Client disconnected

20160625 12:01:19 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16

20160625 12:01:19 D MANAGEMENT: CMD 'state'

20160625 12:01:19 MANAGEMENT: Client disconnected

20160625 12:01:19 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16

20160625 12:01:19 D MANAGEMENT: CMD 'state'

20160625 12:01:19 MANAGEMENT: Client disconnected

20160625 12:01:19 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16

20160625 12:01:19 D MANAGEMENT: CMD 'status 2'

20160625 12:01:19 MANAGEMENT: Client disconnected

20160625 12:01:19 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16

20160625 12:01:19 D MANAGEMENT: CMD 'log 500'

19700101 10:00:00

ca /tmp/openvpncl/ca.crt
management 127.0.0.1 16
management-log-cache 100
verb 3
mute 3
syslog
writepid /var/run/openvpncl.pid
client
resolv-retry infinite
nobind
persist-key
persist-tun
script-security 2
dev tun1
proto udp
cipher aes-256-cbc
auth sha1
remote au1-ovpn-udp.purevpn.net 53
comp-lzo adaptive
tun-mtu 1500
mtu-disc yes
fast-io
tun-ipv6
tls-auth /tmp/openvpncl/ta.key 1
auth-user-pass /tmp/user.txt