NordVPN configuration - Mango V2-3.201

Hi

I just upgraded my Mango-V2 to 3.201 , and after NordVPN configured " OpenVPN settings" , it was very dificult establish connection with server " Authentication failure" ,but sometimes worked perfectly… someone had this same problem?

Best

Hi Peter,

Could you show me the openvpn logs by following command?
logread -e openvpn

Hi Rihno-shuu

Thank you for the follow up , please follow you can see, 3 stages:
-root_NordVPN-sucessfull_ON
-root_NordVPN-sucessfull_OFF
-root_NordVPN-auth-failed_ON

root@GL-MT300N-V2:~# logread -e openvpn

Tue Apr 27 17:42:25 2021 user.info : 1246: gl-vpn-client>> Start, vpnpath=/etc/openvpn/ovpn0, serverfile=uk1890.nordvpn.com.tcp.ovpn

Tue Apr 27 17:42:25 2021 user.info : 1323: gl-vpn-client>> glconfig.openvpn.ovpn=/etc/openvpn/ovpn0/uk1890.nordvpn.com.tcp.ovpn, glconfig.openvpn.clientid=ovpn0

Tue Apr 27 17:42:33 2021 daemon.warn openvpn[14105]: DEPRECATED OPTION: --cipher set to ‘AES-256-CBC’ but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add ‘AES-256-CBC’ to --data-ciphers or change --cipher ‘AES-256-CBC’ to --data-ciphers-fallback ‘AES-256-CBC’ to silence this warning.

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14105]: OpenVPN 2.5.0 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14105]: library versions: OpenSSL 1.1.1d 10 Sep 2019

Tue Apr 27 17:42:33 2021 daemon.warn openvpn[14125]: WARNING: --ping should normally be used with --ping-restart or --ping-exit

Tue Apr 27 17:42:33 2021 daemon.warn openvpn[14125]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: NOTE: --fast-io is disabled since we are not using UDP

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: Outgoing Control Channel Authentication: Using 512 bit message hash ‘SHA512’ for HMAC authentication

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: Incoming Control Channel Authentication: Using 512 bit message hash ‘SHA512’ for HMAC authentication

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: TCP/UDP: Preserving recently used remote address: [AF_INET]93.177.74.165:443

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: Socket Buffers: R=[87380->87380] S=[16384->16384]

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: Attempting to establish TCP connection with [AF_INET]93.177.74.165:443 [nonblock]

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: TCP connection established with [AF_INET]93.177.74.165:443

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: TCP_CLIENT link local: (not bound)

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: TCP_CLIENT link remote: [AF_INET]93.177.74.165:443

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: TLS: Initial packet from [AF_INET]93.177.74.165:443, sid=f7c62b1d 60e6be36

Tue Apr 27 17:42:33 2021 daemon.warn openvpn[14125]: WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA5

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: VERIFY KU OK

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: Validating certificate extended key usage

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: VERIFY EKU OK

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: VERIFY OK: depth=0, CN=uk1890.nordvpn.com

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA

Tue Apr 27 17:42:33 2021 daemon.notice openvpn[14125]: [uk1890.nordvpn.com] Peer Connection Initiated with [AF_INET]93.177.74.165:443

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: SENT CONTROL [uk1890.nordvpn.com]: ‘PUSH_REQUEST’ (status=1)

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: PUSH: Received control message: ‘PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,comp-lzo no,route-gateway 10.7.1.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.7.1.2 255.255.255.0,peer-id 0,cipher AES-256-GCM’

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: OPTIONS IMPORT: timers and/or timeouts modified

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: OPTIONS IMPORT: --explicit-exit-notify can only be used with --proto udp

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: OPTIONS IMPORT: compression parms modified

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: OPTIONS IMPORT: --sndbuf/–rcvbuf options modified

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: Socket Buffers: R=[344320->327680] S=[44800->327680]

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: OPTIONS IMPORT: --ifconfig/up options modified

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: OPTIONS IMPORT: route options modified

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: OPTIONS IMPORT: route-related options modified

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: OPTIONS IMPORT: peer-id set

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: OPTIONS IMPORT: adjusting link_mtu to 1659

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: OPTIONS IMPORT: data channel crypto options modified

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: Data Channel: using negotiated cipher ‘AES-256-GCM’

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: Outgoing Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: Incoming Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: net_route_v4_best_gw query: dst 0.0.0.0

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: net_route_v4_best_gw result: via 192.168.1.1 dev eth0.2

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: TUN/TAP device tun0 opened

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: net_iface_mtu_set: mtu 1500 for tun0

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: net_iface_up: set tun0 up

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: net_addr_v4_add: 10.7.1.2/24 dev tun0

Tue Apr 27 17:42:34 2021 daemon.notice openvpn[14125]: /etc/openvpn/update-resolv-conf tun0 1500 1587 10.7.1.2 255.255.255.0 init

Tue Apr 27 17:42:37 2021 daemon.notice openvpn[14125]: net_route_v4_add: 93.177.74.165/32 via 192.168.1.1 dev [NULL] table 0 metric -1

Tue Apr 27 17:42:37 2021 daemon.notice openvpn[14125]: net_route_v4_add: 0.0.0.0/1 via 10.7.1.1 dev [NULL] table 0 metric -1

Tue Apr 27 17:42:37 2021 daemon.notice openvpn[14125]: net_route_v4_add: 128.0.0.0/1 via 10.7.1.1 dev [NULL] table 0 metric -1

Tue Apr 27 17:42:42 2021 daemon.notice openvpn[14125]: Initialization Sequence Completed

Tue Apr 27 17:44:16 2021 user.info : 1246: gl-vpn-client>> Stop, vpnpath=/etc/openvpn/ovpn0, serverfile=uk1890.nordvpn.com.tcp.ovpn

Tue Apr 27 17:46:54 2021 user.info : 1246: gl-vpn-client>> Start, vpnpath=/etc/openvpn/ovpn0, serverfile=uk1890.nordvpn.com.tcp.ovpn

Tue Apr 27 17:46:54 2021 user.info : 1323: gl-vpn-client>> glconfig.openvpn.ovpn=/etc/openvpn/ovpn0/uk1890.nordvpn.com.tcp.ovpn, glconfig.openvpn.clientid=ovpn0

Tue Apr 27 17:47:01 2021 daemon.warn openvpn[20993]: DEPRECATED OPTION: --cipher set to ‘AES-256-CBC’ but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add ‘AES-256-CBC’ to --data-ciphers or change --cipher ‘AES-256-CBC’ to --data-ciphers-fallback ‘AES-256-CBC’ to silence this warning.

Tue Apr 27 17:47:01 2021 daemon.notice openvpn[20993]: OpenVPN 2.5.0 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]

Tue Apr 27 17:47:01 2021 daemon.notice openvpn[20993]: library versions: OpenSSL 1.1.1d 10 Sep 2019

Tue Apr 27 17:47:01 2021 daemon.warn openvpn[21004]: WARNING: --ping should normally be used with --ping-restart or --ping-exit

Tue Apr 27 17:47:01 2021 daemon.warn openvpn[21004]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Tue Apr 27 17:47:01 2021 daemon.notice openvpn[21004]: NOTE: --fast-io is disabled since we are not using UDP

Tue Apr 27 17:47:01 2021 daemon.notice openvpn[21004]: Outgoing Control Channel Authentication: Using 512 bit message hash ‘SHA512’ for HMAC authentication

Tue Apr 27 17:47:01 2021 daemon.notice openvpn[21004]: Incoming Control Channel Authentication: Using 512 bit message hash ‘SHA512’ for HMAC authentication

Tue Apr 27 17:47:01 2021 daemon.notice openvpn[21004]: TCP/UDP: Preserving recently used remote address: [AF_INET]93.177.74.165:443

Tue Apr 27 17:47:01 2021 daemon.notice openvpn[21004]: Socket Buffers: R=[87380->87380] S=[16384->16384]

Tue Apr 27 17:47:01 2021 daemon.notice openvpn[21004]: Attempting to establish TCP connection with [AF_INET]93.177.74.165:443 [nonblock]

Tue Apr 27 17:47:01 2021 daemon.notice openvpn[21004]: TCP connection established with [AF_INET]93.177.74.165:443

Tue Apr 27 17:47:01 2021 daemon.notice openvpn[21004]: TCP_CLIENT link local: (not bound)

Tue Apr 27 17:47:01 2021 daemon.notice openvpn[21004]: TCP_CLIENT link remote: [AF_INET]93.177.74.165:443

Tue Apr 27 17:47:01 2021 daemon.notice openvpn[21004]: TLS: Initial packet from [AF_INET]93.177.74.165:443, sid=8f20c069 ba23013a

Tue Apr 27 17:47:01 2021 daemon.warn openvpn[21004]: WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this

Tue Apr 27 17:47:02 2021 daemon.notice openvpn[21004]: VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA

Tue Apr 27 17:47:02 2021 daemon.notice openvpn[21004]: VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA5

Tue Apr 27 17:47:02 2021 daemon.notice openvpn[21004]: VERIFY KU OK

Tue Apr 27 17:47:02 2021 daemon.notice openvpn[21004]: Validating certificate extended key usage

Tue Apr 27 17:47:02 2021 daemon.notice openvpn[21004]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication

Tue Apr 27 17:47:02 2021 daemon.notice openvpn[21004]: VERIFY EKU OK

Tue Apr 27 17:47:02 2021 daemon.notice openvpn[21004]: VERIFY OK: depth=0, CN=uk1890.nordvpn.com

Tue Apr 27 17:47:04 2021 daemon.notice openvpn[21004]: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA

Tue Apr 27 17:47:04 2021 daemon.notice openvpn[21004]: [uk1890.nordvpn.com] Peer Connection Initiated with [AF_INET]93.177.74.165:443

Tue Apr 27 17:47:05 2021 daemon.notice openvpn[21004]: SENT CONTROL [uk1890.nordvpn.com]: ‘PUSH_REQUEST’ (status=1)

Tue Apr 27 17:47:05 2021 daemon.notice openvpn[21004]: AUTH: Received control message: AUTH_FAILED

Tue Apr 27 17:47:05 2021 daemon.notice openvpn[21004]: SIGTERM[soft,auth-failure] received, process exiting

Best

Hi Riho-shuu

Any update?

Best Regards

Hi,
I have the same problem winth NordVPN
daemon.notice openvpn[21004]: AUTH: Received control message: AUTH_FAILED
SIGTERM[soft,auth-failure] received, process exiting
Any news?
Thank you