Error when connecting openVPN client on GL-AXT1800 to OpenVPN Server on TPLink-AC1200

Hello,

I created an Open VPN server on my TPLink-AC1200 and am trying to connect my GL-AXT1800 to it as a client. However I am getting the follow error on the GL-AXT1800 when trying to enable OpenVPN connection.

Here are my OpenVPN server settings:
Service Type: UDP (I also tried TCP)
Service Port: 1194
Client Access: Internet and Home Network
I generate the certificate and loaded the config file in the GL router

Error when trying to Start the VPN connection:

Mon Feb 19 00:49:54 2024 daemon.notice ovpnclient[7412]: library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
Mon Feb 19 00:49:59 2024 daemon.warn ovpnclient[7412]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Mon Feb 19 00:49:59 2024 daemon.warn ovpnclient[7412]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Feb 19 00:49:59 2024 daemon.notice ovpnclient[7412]: TCP/UDP: Preserving recently used remote address: [AF_INET]73.17.243.45:1194
Mon Feb 19 00:49:59 2024 daemon.notice ovpnclient[7412]: UDP link local: (not bound)
Mon Feb 19 00:49:59 2024 daemon.notice ovpnclient[7412]: UDP link remote: [AF_INET]73.17.243.45:1194
Mon Feb 19 00:50:02 2024 daemon.notice netifd: ovpnclient (7816): Cannot find device "ovpnclient"
Mon Feb 19 00:50:02 2024 daemon.notice netifd: Interface 'ovpnclient' is now down
Mon Feb 19 00:50:02 2024 user.notice firewall: Reloading firewall due to ifdown of ovpnclient ()
Mon Feb 19 00:57:09 2024 daemon.notice netifd: Interface 'ovpnclient' is setting up now
Mon Feb 19 00:57:09 2024 daemon.warn ovpnclient[9740]: WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
Mon Feb 19 00:57:09 2024 daemon.warn ovpnclient[9740]: DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-128-CBC' to --data-ciphers or change --cipher 'AES-128-CBC' to --data-ciphers-fallback 'AES-128-CBC' to silence this warning.
Mon Feb 19 00:57:09 2024 daemon.notice ovpnclient[9740]: OpenVPN 2.5.3 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Mon Feb 19 00:57:09 2024 daemon.notice ovpnclient[9740]: library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
Mon Feb 19 00:57:09 2024 daemon.warn ovpnclient[9740]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Mon Feb 19 00:57:09 2024 daemon.warn ovpnclient[9740]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Feb 19 00:57:09 2024 daemon.notice ovpnclient[9740]: TCP/UDP: Preserving recently used remote address: [AF_INET]73.17.243.45:1194
Mon Feb 19 00:57:09 2024 daemon.notice ovpnclient[9740]: UDP link local: (not bound)
Mon Feb 19 00:57:09 2024 daemon.notice ovpnclient[9740]: UDP link remote: [AF_INET]73.17.243.45:1194
Mon Feb 19 00:57:09 2024 daemon.err ovpnclient[9740]: write UDP: Operation not permitted (code=1)

Please help. Thank you.

Could you please post the OVPN config?

@admon Sure here it is below. (I removed the private key).
Also noting here that I did open up port 1194 on the router under NAT Forwarding.

OpenVPN config file:

client
dev tun
proto udp
float
nobind
cipher AES-128-CBC
comp-lzo adaptive
resolv-retry infinite
persist-key
persist-tun
remote 73.17.243.45 1194

-----BEGIN CERTIFICATE-----
MIIDpTCCAw6gAwIBAgIJAKtAAIdfVfAYMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
VQQGEwJDTjELMAkGA1UECBMCR0QxETAPBgNVBAcTCFNoZW5aaGVuMRAwDgYDVQQK
EwdUUC1MaW5rMRIwEAYDVQQLEwlTT0hPLUkxOE4xEzARBgNVBAMTClRQLUxpbmsg
Q0ExEDAOBgNVBCkTB0Vhc3lSU0ExGDAWBgkqhkiG9w0BCQEWCXh4eHhAeHh4eDAe
Fw0yNDAyMTkwNTM1MDZaFw0zNDAyMTYwNTM1MDZaMIGUMQswCQYDVQQGEwJDTjEL
MAkGA1UECBMCR0QxETAPBgNVBAcTCFNoZW5aaGVuMRAwDgYDVQQKEwdUUC1MaW5r
MRIwEAYDVQQLEwlTT0hPLUkxOE4xEzARBgNVBAMTClRQLUxpbmsgQ0ExEDAOBgNV
BCkTB0Vhc3lSU0ExGDAWBgkqhkiG9w0BCQEWCXh4eHhAeHh4eDCBnzANBgkqhkiG
9w0BAQEFAAOBjQAwgYkCgYEAxFoiYIz0Uhbp1xnIzraimgu9vCsoScoyQ5hIJM6a
IogY8pb/Fb+f8ps3PBfYUeWU3qfMdbyoH8D+6mwLfwAPRyF0HiGwKJ0r28FMfO8s
Kl5PY1uNf7/QwmI7JL0147EbwP536ieQSpNywlbZCgjmbwZXZVMNErq8UTcYL2Au
nCUCAwEAAaOB/DCB+TAdBgNVHQ4EFgQUC7+/mH2DC5xg+ijFLVLBhOOKGyswgckG
A1UdIwSBwTCBvoAUC7+/mH2DC5xg+ijFLVLBhOOKGyuhgZqkgZcwgZQxCzAJBgNV
BAYTAkNOMQswCQYDVQQIEwJHRDERMA8GA1UEBxMIU2hlblpoZW4xEDAOBgNVBAoT
B1RQLUxpbmsxEjAQBgNVBAsTCVNPSE8tSTE4TjETMBEGA1UEAxMKVFAtTGluayBD
QTEQMA4GA1UEKRMHRWFzeVJTQTEYMBYGCSqGSIb3DQEJARYJeHh4eEB4eHh4ggkA
q0AAh19V8BgwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQBiB+n2ZKb6
RLxVcBSMXXnzhWv06eqoyPCYlQHL16P3p5lbb7NnUNkzuu/hDxgrTVBDLtWlIS0y
srrNTzPIasbf+n/Y6+qhbkF5emSPF1Ar9aTUIeGn1TuA4LgGvt7qPd8w0ZVH6ZNv
53m+jHVtQqNFAbKLeIjW6G2ISkRMtWTrJQ==
-----END CERTIFICATE-----


-----BEGIN CERTIFICATE-----
MIID6TCCA1KgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCQ04x
CzAJBgNVBAgTAkdEMREwDwYDVQQHEwhTaGVuWmhlbjEQMA4GA1UEChMHVFAtTGlu
azESMBAGA1UECxMJU09ITy1JMThOMRMwEQYDVQQDEwpUUC1MaW5rIENBMRAwDgYD
VQQpEwdFYXN5UlNBMRgwFgYJKoZIhvcNAQkBFgl4eHh4QHh4eHgwHhcNMjQwMjE5
MDUzOTM1WhcNMzQwMjE2MDUzOTM1WjCBkDELMAkGA1UEBhMCQ04xCzAJBgNVBAgT
AkdEMREwDwYDVQQHEwhTaGVuWmhlbjEQMA4GA1UEChMHVFAtTGluazESMBAGA1UE
CxMJU09ITy1JMThOMQ8wDQYDVQQDEwZjbGllbnQxEDAOBgNVBCkTB0Vhc3lSU0Ex
GDAWBgkqhkiG9w0BCQEWCXh4eHhAeHh4eDCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
gYkCgYEA2xx/7sd8M1vePMa0/TiWHY3R5esi5YP44SQdcPuhk/YpdHR4pTd7wTxm
09duPSrPJT4PW6/aEy0o3zbWmeKpZI111XA//DUT63CFCuGcni+s847OZVdExfLp
DVS0uxWhiGIyb3xYBQDTyZQVfjt8TItNMYdSNos0HzCBeUPA0pECAwEAAaOCAUsw
ggFHMAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRl
ZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUfbA006Rc0LSeVXmc44mW+7QWsJowgckG
A1UdIwSBwTCBvoAUC7+/mH2DC5xg+ijFLVLBhOOKGyuhgZqkgZcwgZQxCzAJBgNV
BAYTAkNOMQswCQYDVQQIEwJHRDERMA8GA1UEBxMIU2hlblpoZW4xEDAOBgNVBAoT
B1RQLUxpbmsxEjAQBgNVBAsTCVNPSE8tSTE4TjETMBEGA1UEAxMKVFAtTGluayBD
QTEQMA4GA1UEKRMHRWFzeVJTQTEYMBYGCSqGSIb3DQEJARYJeHh4eEB4eHh4ggkA
q0AAh19V8BgwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMA0GCSqG
SIb3DQEBCwUAA4GBAIAdBvtj0X6YzHMwkdZKc5modNGZHAbVQNtjEGogczC/Q6nh
VtX12O/P59XNxkeKuE3LNti8D2LK6rmD2AfKdb8mCrxVb5LspugNSpzuS7PpwvF9
XgjxuOQhRLmIt/TrI1nJ7AZe5hzsI2y8F2gZkFgtovzFt6fh4erijbAzbAAj
-----END CERTIFICATE-----


-----BEGIN PRIVATE KEY-----
xxxxx
-----END PRIVATE KEY-----

Are you sure that your port UDP/1194 is reachable from the internet on server-side?

It appears that the port is NOT reachable. On my PC that is on the WLAN via my TPlink router, I ran powershell and tested two ports, 80 and 1194. 80 was a success, and 1194 was a fail. How do I make the port reachable?
image

Depends on your network.

If there is a router before your router you need port forwarding.

I only have my router, the TPlink which is connected to the internet.

You need to double check your TP link then.
Port forwarding should not be enabled if it’s the OVPN server.