Can't configure OVPN through UDP

Hi all!

I hope you are doing well. I’ve been trying to configure OpenVPN via UDP on my GL-AX1800 router but haven’t been able to do it. It works fine with TCP though.

I’ve tried the .ovpn files hosted on the Ivacy website and also the ones provided at gl-inet.com to no avail. Here’s the error messages I’m getting with both:

Files hosted by Ivacy:
Fri Jul 21 00:08:11 2023 daemon.err ovpnclient[1790]: Options error: Unrecognized option or missing or extra parameter(s) in /tmp/ovpnclient/ovpnclient:9: scramble (2.5.3)
Fri Jul 21 00:08:11 2023 daemon.warn ovpnclient[1790]: Use --help for more information.
Fri Jul 21 00:08:11 2023 daemon.notice netifd: ovpnclient (1791): sh: can’t kill pid 8911: No such process
Fri Jul 21 00:08:11 2023 daemon.notice netifd: ovpnclient (1791): Cannot find device “ovpnclient”
Fri Jul 21 00:08:11 2023 daemon.notice netifd: Interface ‘ovpnclient’ is now down
Fri Jul 21 00:08:11 2023 daemon.notice netifd: Interface ‘ovpnclient’ is setting up now
Fri Jul 21 00:08:11 2023 daemon.err ovpnclient[1843]: Options error: Unrecognized option or missing or extra parameter(s) in /tmp/ovpnclient/ovpnclient:9: scramble (2.5.3)
Fri Jul 21 00:08:11 2023 daemon.warn ovpnclient[1843]: Use --help for more information.
Fri Jul 21 00:08:11 2023 daemon.notice netifd: ovpnclient (1844): sh: can’t kill pid 8911: No such process
Fri Jul 21 00:08:11 2023 daemon.notice netifd: ovpnclient (1844): Cannot find device “ovpnclient”
Fri Jul 21 00:08:11 2023 daemon.notice netifd: Interface ‘ovpnclient’ is now down
Fri Jul 21 00:08:11 2023 daemon.notice netifd: Interface ‘ovpnclient’ is setting up now
Fri Jul 21 00:08:11 2023 daemon.err ovpnclient[1878]: Options error: Unrecognized option or missing or extra parameter(s) in /tmp/ovpnclient/ovpnclient:9: scramble (2.5.3)
Fri Jul 21 00:08:11 2023 daemon.warn ovpnclient[1878]: Use --help for more information.
Fri Jul 21 00:08:11 2023 daemon.notice netifd: ovpnclient (1883): sh: can’t kill pid 8911: No such process
Fri Jul 21 00:08:11 2023 daemon.notice netifd: ovpnclient (1883): Cannot find device “ovpnclient”
Fri Jul 21 00:08:11 2023 daemon.notice netifd: Interface ‘ovpnclient’ is now down
Fri Jul 21 00:08:11 2023 daemon.notice netifd: Interface ‘ovpnclient’ is setting up now
Fri Jul 21 00:08:11 2023 daemon.err ovpnclient[1949]: Options error: Unrecognized option or missing or extra parameter(s) in /tmp/ovpnclient/ovpnclient:9: scramble (2.5.3)
Fri Jul 21 00:08:11 2023 daemon.warn ovpnclient[1949]: Use --help for more information.

Files hosted by gl-inet.com:
Fri Jul 21 00:02:00 2023 daemon.notice netifd: ovpnclient (11195): sh: can’t kill pid 16918: No such process
Fri Jul 21 00:02:00 2023 daemon.notice netifd: ovpnclient (11195): Cannot find device “ovpnclient”
Fri Jul 21 00:02:00 2023 daemon.notice netifd: Interface ‘ovpnclient’ is now down
Fri Jul 21 00:02:00 2023 daemon.notice netifd: Interface ‘ovpnclient’ is setting up now
Fri Jul 21 00:02:01 2023 daemon.warn ovpnclient[11228]: WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless “allow-compression yes” is also set.
Fri Jul 21 00:02:01 2023 daemon.warn ovpnclient[11228]: DEPRECATED OPTION: --cipher set to ‘AES-256-CBC’ but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add ‘AES-256-CBC’ to --data-ciphers or change --cipher ‘AES-256-CBC’ to --data-ciphers-fallback ‘AES-256-CBC’ to silence this warning.
Fri Jul 21 00:02:01 2023 daemon.err ovpnclient[11228]: Cannot pre-load keyfile (Wdc.key)
Fri Jul 21 00:02:01 2023 daemon.notice ovpnclient[11228]: Exiting due to fatal error
Fri Jul 21 00:02:01 2023 daemon.notice netifd: ovpnclient (11234): sh: can’t kill pid 16918: No such process
Fri Jul 21 00:02:01 2023 daemon.notice netifd: ovpnclient (11234): Cannot find device “ovpnclient”
Fri Jul 21 00:02:01 2023 daemon.notice netifd: Interface ‘ovpnclient’ is now down
Fri Jul 21 00:02:01 2023 daemon.notice netifd: Interface ‘ovpnclient’ is setting up now
Fri Jul 21 00:02:01 2023 daemon.warn ovpnclient[11289]: WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless “allow-compression yes” is also set.
Fri Jul 21 00:02:01 2023 daemon.warn ovpnclient[11289]: DEPRECATED OPTION: --cipher set to ‘AES-256-CBC’ but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add ‘AES-256-CBC’ to --data-ciphers or change --cipher ‘AES-256-CBC’ to --data-ciphers-fallback ‘AES-256-CBC’ to silence this warning.
Fri Jul 21 00:02:01 2023 daemon.err ovpnclient[11289]: Cannot pre-load keyfile (Wdc.key)
Fri Jul 21 00:02:01 2023 daemon.notice ovpnclient[11289]: Exiting due to fatal error
Fri Jul 21 00:02:01 2023 daemon.notice netifd: ovpnclient (11298): sh: can’t kill pid 16918: No such process
Fri Jul 21 00:02:01 2023 daemon.notice netifd: ovpnclient (11298): Cannot find device “ovpnclient”
Fri Jul 21 00:02:01 2023 daemon.notice netifd: Interface ‘ovpnclient’ is now down
Fri Jul 21 00:02:01 2023 daemon.notice netifd: Interface ‘ovpnclient’ is setting up now

Have any of you experienced this and have any advise?

Thanks a lot in advance.

So do you have to use OVPN if you can use UDP? WireGuard only uses UDP. It stomps all over the performance of OVPN so badly it’s not even a fair competition.

I’d try to hunt down the cause of this. It may be related to not letting the ovpnclient interface being properly set up.

… but really, look into WireGuard.

Thanks for your reply bring.fringe18. My VPN provider is Ivacy and, apparently, they don’t support Wireguard on routers yet, only OpenVPN.

Thanks.

Can you get their .ovpn profile to run on another device like a mobile phone? That might be a good way to have a ‘known good’ setup before digging further into Flint.

(Aside: Proton VPN offers a free tier using WG profiles. It’s not the greatest for raw speed on that tier but it would give you an idea how easy it is to set up WG. It really is ‘the bee’s knees.’)