Hey there,

I am trying to run an OpenVPN Server setup in TAP mode according to these instructions:
wiki.openwrt.org/doc/howto/vpn.openvpn#tab__server-bridge_tap_server
The configs are exactly what they are supposed to be according to this tutorial, I checked quite a couple of times:

Client config:

dev tap
proto udp

log openvpn.log
verb 3

ca C:\\Programme\\OpenVPN\\config\\ca.crt
cert C:\\Programme\\OpenVPN\\config\\Client.crt
key C:\\Programme\\OpenVPN\\config\\Client.key

client
remote-cert-tls server
remote 192.168.1.1 2633

Server config on C7:

config MyVPN 'myvpn'
option enabled '1'
option verb '3'
option proto 'udp'
option port '2633'
option dev 'tap'
option mode 'server'
option tls_server '1'
list push 'route-gateway dhcp'
option keepalive '10 120'
option ca '/etc/openvpn/ca.crt'
option cert '/etc/openvpn/Server.crt'
option key '/etc/openvpn/Server.key'
option dh '/etc/openvpn/dh2048.pem'

Network config on C7:

config interface 'vpn0'
option ifname 'tap0'
option proto 'none'
option auto '1'

config interface 'lan'
option force_link '1'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
option ifname 'eth1 tap0'

...other adapters...

Firewall config on C7:

config rule 'Allow_OpenVPN_Inbound'
option target 'ACCEPT'
option src '*'
option proto 'udp'
option dest_port '2633'
option name 'Allow_OpenVPN_Inbound'

...other firewall entries...

Note that I for testing purposes tried this on the same subnet from a device that has 192.168.1.225 assigned, while 192.168.1.1 is the Archer C7 router running OpenVPN server and operating as a WiFi extender (with its own WiFi network) to the actual router being the gateway to the internet (on 192.168.2.1). It does not matter if I try connecting to the router this way, from the same subnet, or try connecting by using the internet address assigned to router 1, which has port forwarding set to forward the according OpenVPN port (2633) to the C7. The result is always the same (shown below).

Sun Oct 01 22:23:01 2017 OpenVPN 2.4.0 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Dec 27 2016
Sun Oct 01 22:23:01 2017 Windows version 6.1 (Windows 7) 64bit
Sun Oct 01 22:23:01 2017 library versions: OpenSSL 1.0.2i  22 Sep 2016, LZO 2.09
Sun Oct 01 22:23:01 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sun Oct 01 22:23:01 2017 Need hold release from management interface, waiting...
Sun Oct 01 22:23:01 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sun Oct 01 22:23:01 2017 MANAGEMENT: CMD 'state on'
Sun Oct 01 22:23:01 2017 MANAGEMENT: CMD 'log all on'
Sun Oct 01 22:23:01 2017 MANAGEMENT: CMD 'hold off'
Sun Oct 01 22:23:01 2017 MANAGEMENT: CMD 'hold release'
Sun Oct 01 22:23:01 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]192.168.1.1:2633
Sun Oct 01 22:23:01 2017 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Oct 01 22:23:01 2017 UDP link local (bound): [AF_INET][undef]:1194
Sun Oct 01 22:23:01 2017 UDP link remote: [AF_INET]192.168.1.1:2633
Sun Oct 01 22:23:01 2017 MANAGEMENT: >STATE:1506889381,WAIT,,,,,,
Sun Oct 01 22:24:01 2017 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Oct 01 22:24:01 2017 TLS Error: TLS handshake failed
Sun Oct 01 22:24:01 2017 SIGUSR1[soft,tls-error] received, process restarting
Sun Oct 01 22:24:01 2017 MANAGEMENT: >STATE:1506889441,RECONNECTING,tls-error,,,,,
Sun Oct 01 22:24:01 2017 Restart pause, 5 second(s)
Sun Oct 01 22:24:06 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]192.168.1.1:2633
Sun Oct 01 22:24:06 2017 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Oct 01 22:24:06 2017 UDP link local (bound): [AF_INET][undef]:1194
Sun Oct 01 22:24:06 2017 UDP link remote: [AF_INET]192.168.1.1:2633
Sun Oct 01 22:24:06 2017 MANAGEMENT: >STATE:1506889446,WAIT,,,,,,

When I switch off the Windows firewall on my Laptop, which is essentially configured for the use of OpenVPN (access granted in both directions), the connection interestingly is reset almost instantly:

Sun Oct 01 22:53:05 2017 OpenVPN 2.4.0 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Dec 27 2016
Sun Oct 01 22:53:05 2017 Windows version 6.1 (Windows 7) 64bit
Sun Oct 01 22:53:05 2017 library versions: OpenSSL 1.0.2i  22 Sep 2016, LZO 2.09
Sun Oct 01 22:53:05 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sun Oct 01 22:53:05 2017 Need hold release from management interface, waiting...
Sun Oct 01 22:53:06 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sun Oct 01 22:53:06 2017 MANAGEMENT: CMD 'state on'
Sun Oct 01 22:53:06 2017 MANAGEMENT: CMD 'log all on'
Sun Oct 01 22:53:06 2017 MANAGEMENT: CMD 'hold off'
Sun Oct 01 22:53:06 2017 MANAGEMENT: CMD 'hold release'
Sun Oct 01 22:53:06 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]192.168.1.1:2633
Sun Oct 01 22:53:06 2017 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Oct 01 22:53:06 2017 UDP link local (bound): [AF_INET][undef]:1194
Sun Oct 01 22:53:06 2017 UDP link remote: [AF_INET]192.168.1.1:2633
Sun Oct 01 22:53:06 2017 MANAGEMENT: >STATE:1506891186,WAIT,,,,,,
Sun Oct 01 22:53:06 2017 read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)
Sun Oct 01 22:53:09 2017 read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)
Sun Oct 01 22:53:13 2017 read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)
Sun Oct 01 22:53:21 2017 read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)
Sun Oct 01 22:53:37 2017 read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)

I don't really understand this behavior, but either way, no success at all.

Any ideas what goes wrong here? Would connecting via VPN to a server on the same subnet even work? Apparently, connection never even works when I try connecting from outside my network, which I tried before from work. The result is always the shown above.

If you need more information on anything, please let me know. I'm quite new to this topic and don't have many experience in neither Linux, OpenVPN, OpenWRT.