Openvpn incompatibility between 15.05 18.06 firmware

Installing and Using OpenWrt Network and Wireless Configuration
1

OpenVPN server in Openwrt 15.05
OpenVPN client in Openwrt 18.06
tap mode
client connected to server , but ping server timeout.

logging below

NOTE: Options consistency check may be skewed by version differences
**WARNING: 'version' is used inconsistently, local='version V4', remote='version V0 UNDEF'**
WARNING: 'dev-type' is present in local config but missing in remote config, local='dev-type tap'
WARNING: 'link-mtu' is present in local config but missing in remote config, local='link-mtu 1589'
WARNING: 'tun-mtu' is present in local config but missing in remote config, local='tun-mtu 1532'
WARNING: 'keydir' is present in local config but missing in remote config, local='keydir 0'
WARNING: 'cipher' is present in local config but missing in remote config, local='cipher AES-256-CBC'
WARNING: 'auth' is present in local config but missing in remote config, local='auth SHA1'
WARNING: 'keysize' is present in local config but missing in remote config, local='keysize 256'
WARNING: 'tls-auth' is present in local config but missing in remote config, local='tls-auth'
WARNING: 'key-method' is present in local config but missing in remote config, local='key-method 2'
WARNING: 'tls-server' is present in local config but missing in remote config, local='tls-server'
Control Channel: TLSv1, cipher TLSv1/SSLv3 AES128-SHA, 2048 bit RSA
2

Your server is likely three years older than your client. Not surprising that there are inconsistencies.

Personally, I would be running the most up-to-date production-level release on at least the server, if not the clients. OpenWrt 15.05, as it is not under active support, is considered by many to be insecure due to the many vulnerabilities revealed and being exploited in the kernel, application software, and even protocols (WiFi, as an example).

4 Likes
3

I have no plan to upgrade all routers. Is any solutions there ?

4

Upgrade is the only correct solution.
Although you can try to downgrade as a workaround.
But note that OpenWrt 15.05 is EOL-release and OpenVPN is also quite old.
So they are unsupported and you have to accept the risks of opened security vulnerabilities.

2 Likes