I have had OpenWRT with OpenVPN running on a LinkSys WRT1900ACS for a while now, but recently OpenVPN has been unable to connect to my VPN provider (PIA).
The strage thing I'm seeing is in "Interfaces" where the unmanaged
tun0
interface is reporting Error: Network device is not present
. Here's a png w/ the error.
I have the following errors in the OpenVPN log which seems to suggest something in the network, but I have had this config working just a few days ago and not sure what happened.
Tue Aug 18 18:51:17 2020 daemon.notice openvpn(pia_client)[7049]: OpenVPN 2.4.7 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Tue Aug 18 18:51:17 2020 daemon.notice openvpn(pia_client)[7049]: library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
Tue Aug 18 18:51:17 2020 daemon.notice openvpn(pia_client)[7049]: TCP/UDP: Preserving recently used remote address: [AF_INET]104.200.154.11:1198
Tue Aug 18 18:51:17 2020 daemon.notice openvpn(pia_client)[7049]: Socket Buffers: R=[163840->163840] S=[163840->163840]
Tue Aug 18 18:51:17 2020 daemon.notice openvpn(pia_client)[7049]: UDP link local: (not bound)
Tue Aug 18 18:51:17 2020 daemon.notice openvpn(pia_client)[7049]: UDP link remote: [AF_INET]104.200.154.11:1198
Tue Aug 18 18:52:17 2020 daemon.err openvpn(pia_client)[7049]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Aug 18 18:52:17 2020 daemon.err openvpn(pia_client)[7049]: TLS Error: TLS handshake failed
Tue Aug 18 18:52:17 2020 daemon.notice openvpn(pia_client)[7049]: SIGUSR1[soft,tls-error] received, process restarting
Tue Aug 18 18:52:17 2020 daemon.notice openvpn(pia_client)[7049]: Restart pause, 5 second(s)
Tue Aug 18 18:52:22 2020 daemon.notice openvpn(pia_client)[7049]: TCP/UDP: Preserving recently used remote address: [AF_INET]104.200.154.22:1198
Tue Aug 18 18:52:22 2020 daemon.notice openvpn(pia_client)[7049]: Socket Buffers: R=[163840->163840] S=[163840->163840]
Tue Aug 18 18:52:22 2020 daemon.notice openvpn(pia_client)[7049]: UDP link local: (not bound)
Tue Aug 18 18:52:22 2020 daemon.notice openvpn(pia_client)[7049]: UDP link remote: [AF_INET]104.200.154.22:1198
/etc/config/openvpn
# ...
config openvpn 'pia_client'
option dev 'tun'
option nobind '1'
option verb '3'
option comp_lzo 'yes'
option persist_tun '1'
option persist_key '1'
option client '1'
option auth_nocache '1'
option remote_cert_tls 'server'
list remote 'us-seattle.privateinternetaccess.com'
option auth_user_pass '/etc/openvpn/userpass.txt'
option keepalive '10 120'
option enabled '1'
option tls_client '1'
option resolv_retry 'infinite'
option ca '/etc/openvpn/ca.crt'
option crl_verify '/etc/openvpn/crl.pem'
option cipher 'AES-128-CBC'
option proto 'udp'
option port '1198'
/etc/config/network
# ...
config interface 'PIA_VPN'
option proto 'none'
option ifname 'tun0'
/etc/config/firewall
config zone
option name 'VPN_FW'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
option network 'PIA_VPN'
Any ideas?