Can't save and apply any changes in webUI (LuCi) through VPN

Hi gyus!
When I connect to the webUI (LuCi) through VPN and try save or apply any changes I get error "Secure Connection Failed. The connection to the server was reset while the page was loading." in the browser. But if I do the same in my lan it's ok.

...you aren't making changes to the VPN, or to the interface it's connected to, are you???

My VPN settings:

LEDE config:

port 1194
proto udp
dev tun
topology subnet
client-to-client
server 10.50.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push 'redirect-gateway def1'
push 'route 192.168.1.0 255.255.255.0'
keepalive 10 120
comp-lzo
persist-key
persist-tun

ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
tls-auth /etc/openvpn/ta.key 0

auth SHA512
cipher AES-256-CBC
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384

user nobody
group nogroup

log-append /var/log/openvpn.log
status /var/log/openvpn-status.log
verb 3
mute 20

Client config:

client
dev tun
proto udp
remote my ip

resolv-retry infinite
nobind

persist-tun
persist-key

comp-lzo
verb 3
mute 20
log openvpn.log

redirect-gateway

user nobody
group nogroup

ca ca.crt
cert client1.crt
key client1.key
tls-auth ta.key 1

auth SHA512
cipher AES-256-CBC
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384

You didn't answer the question about which kind of changes you are trying to do.

If you are trying to do such config changes (e.g. network, vpn, dhcp, firewall, wifi) that directly affect the interface that VPN traffic uses, the connection may easily break.Even some apparently unnoected changes may casue that, if the change causes the interface to re-connect.

1 Like

Yes I try to change config settings (like network, firewall, wifi and etc.).

By the nature of the changes you're making, you're gonna loose connection - it's that simple. What you're describing is expected and normal behavior.

If you must make such changes remotely, you'll have to use another connection method, such as SSHing to the router. Even then, you might loose connection if you change a WAN or firewall setting.

1 Like

It should still save/apply changes though, as the connection drops purely because its doing exactly that and you do not need to remain connected while that is happening.

The big risk is that if a setting breaks something you then cannot get back in to fix it.

It should not:

  • One edits VPN setting
  • One edits a firewall setting
  • One edits a WAN setting
  • "Save and apply" is pressed

@alexatkinuk...now tell me...which settings will save, if any, and in which order? In addition...if "Save and apply" is pressed for the firewall, will the VPN drop connection? Also...describe how you edit your VPN without it restarting to load any new configs???

Yes, it is a big risk, which is why it's not advisable to edit your WAN, VPN or firewall while remotely connected to it.

When you click save/apply it should save and apply all settings in the category you are currently editing.

My guess would be if the network restarts then the VPN will restart, but I'm not sure as I personally haven't used a VPN on LEDE as I just port forward to my server and run the VPN there.

In example I want to change Hostname (System-Hostname) or Timezone (System-Timezone) and etc. I can't it apply through VPN (I get error “Secure Connection Failed. The connection to the server was reset while the page was loading.”).

What if you're saving data in more "categories"?

Your guess is right! This is why one should't try to make config changes over a VPN.

We know, as this is the issue in your OP. It's been noted that you shouldn't attempt saving over a VPN.

  • How do you expect encryption to continue working when you changed its hostname and time???
  • How often does your router change timezones (wouldn't setting UTC once be good for this)?!
  • Why can't you just edit the relevant file(s) and reboot the device???
  • Why can't you SSH into the router, instead of using an extra layer of software to connect (i.e. the VPN)?

There's a lot taking place just for a simple login to the console.

But you DID apply it, the connection resets BECAUSE the settings are applying and the VPN drops connection. You reconnect and the new settings should be set and saved, unless you changed a setting which broke the network/VPN.

This is not just theoretical, I configured my friends router across the VPN. The only difference is that the VPN is on a dedicated box, but the only difference that should make is the VPN drops for a slightly shorter period as OpenVPN itself doesn't have to reload.

1 Like