VPN not working after OpenWRT flash

Hello there! Please help me before I lose my mind. I'm seriously out of my depth!

I flashed my router with OpenWRT, I get twice the range, stability, and speed - great, as I depend on it for work!
But... my VPN stopped working properly (server is OpenVPN). I see the client connecting, but the APIs I'm trying to use just give me ERR_NAME_NOT_RESOLVED. That's on both Wi-Fi and cable. If I use a hotspot or another network, it works - so it's definitely the router's fault.

I tried stopping then disabling the firewall, but then I have no internet.

Please, I know there is a super simple setting somewhere, but I have no concept on even what term to search for as I have no meaningful knowledge of networks and OpenWRT is super complex.

Thank you!

Sounds like a DNS issue. Have you installed any DNS based packages (such as Adblock or similar) or set your DNS configuration such that it points to a DNS server that is not able to resolve?

Is OpenVPN running on the router? If so, is it a server or client on the router?

1 Like

Thank you for your answer,

I use adblock as a browser extension, disabling it does not change things. It's not installed on the router.
Actually the router is just a fresh install of 21.02.2 , I've not installed anything, nor have I messed with the settings beyond setting up 2.4g and 5g networks.

So where is the VPN? is it on your computer? Is this end the server or client? Where are you seeing the error -- is this in the OpenVPN log or something like a web browser or similar after the VPN connection has been established?

The vpn server is remote, it's an open vpn setup. To connect I'm using open vpn connect on a mac, the status icon indicates it connected.

I'm using the vpn for a work related website, it's API is only accessible via this VPN.

When I try to log in, looking in chrome dev tools, I see the Error Name Not Resolved for the api call.

There's nothing related to the vpn on the router, it's just a fresh install.

from your Mac, try the following:
with VPN disabled first, then with VPN enabled:

Report the results of all 4 tests.

1 Like

VPN disconnected:

PING ( 56 data bytes
64 bytes from icmp_seq=0 ttl=120 time=6.083 ms

PING google.com ( 56 data bytes
64 bytes from icmp_seq=0 ttl=121 time=5.369 ms

VPN connected:

PING ( 56 data bytes
64 bytes from icmp_seq=0 ttl=120 time=8.730 ms

PING google.com ( 56 data bytes
64 bytes from icmp_seq=0 ttl=121 time=9.734 ms

Looks like everything is working based on the ping results -- general connectivity and DNS resolution both succeed.

Another two tests you can run from your Mac with and without VPN:

  1. traceroute google.com
  2. google "what's my IP"

When you try to login to what? If you use a normal web browser to visit say google.com or openwrt.com, does it work with the VPN connected?

Normal internet access is working 100% - through a web browser and every other app that I use - both with and without active VPN connecton.

There is a single work-related website I can't log into without connecting to the company's VPN - let's call it website.company.com - the site itself is open to the public and loads just fine. The API that powers the website - let's call it api-website.company.com - is what I need VPN connection for. As soon as I hit that login button I see the request made to api-website.company.com in the Network tab in Chrome Dev Tools and it immediately fails. The tunnel icon indicates established vpn connection, but it just doesn't work.

  • If I use my phone's data via hotspot, or another Wi-Fi, it works!
  • If I plug the service provider's cable directly into the laptop, bypassing the router, it works!

Screenshot 2022-03-19 at 21.57.13

My reasoning is that the only thing that changed - and made my VPN not work - is the router's software. If I use any other connection that bypasses the router, VPN works.

Is there something like a port that OpenVPN uses, or some firewall rule or something, or some encryption setting, that I can look into? I'm grasping at straws...

Thank you for sticking with me!

This is almost certainly a DNS issue.

try the following from your router and from your Mac:

nslookup api-website.company.com
nslookup api-website.company.com

After getting some meaningful results with the Google DNS command above, I read up a bit, set the DNSs manually in the router, and adjusted some DNS cache settings. However I just can't get the router to work with the new DNS no matter how many times I set it up. In the end I tried adding the dns on my laptop and success!

psherman thanks for guiding me through this. Please PM me a Revolut/Paypal, so I can send a couple beers your way!