GL-MT300N-V2 Openvpn Client Stopped Working

gschaub · August 13, 2021, 4:53pm

I have had this GL-MT300N-V2 router for a few years and have used the OpenVPN client successfully for most of that time. However, it has stopped working recently. I just did a firmware refresh in case there were problems with compatibility on old settings with updated firmware settings. No joy.

The cert was created through the openssl tools. I know the certificate still works because I can connect with the same certificate on other devices. Certificate information (with appropriate redactions) follows:

verb 3
nobind
dev tun
client
askpass
remote 1194 udp
fast-io
compress lzo
remote-cert-tls server

-----BEGIN OpenVPN Static key V1-----

Redacted

-----END OpenVPN Static key V1-----

-----BEGIN CERTIFICATE-----

Redacted

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

Redacted

-----END CERTIFICATE-----

-----BEGIN ENCRYPTED PRIVATE KEY-----

Redacted

-----END ENCRYPTED PRIVATE KEY-----

daemon

up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
script-security 2

gschaub · August 18, 2021, 12:54am

Found the issue. My openvpn server is an openwrt router in my house. It had lzo compression configured and I hadn’t yet upgraded to the latest openwrt version, so it is still using openvpn 2.4x.

The gl.inet firmware is newer and uses openvpn 2.5x. Compression support was removed in 2.5 and therefore caused an incompatibility. Shocked nobody has faced this, but if you have this problem and see the post, the fix is easy - just remove compression from client, server, and certificates. Poof, it will work.

alzhao · August 18, 2021, 4:30am

Thanks for reporting this. I recorded this in dev list.
compress lzo will be omited