OpenVPN client has stopped working

I’ve just checked this by manually connecting to a specific London server using OpenVPN TCP on my app, as follows:

photo_2023-12-19_15-45-21829×1280 61.3 KB

and then configured the router to connect to that exact same server and protocol:

image1272×509 23.2 KB

And I have the same problem:

Tue Dec 19 15:46:07 2023 daemon.notice ovpnclient[9273]: TCP connection established with [AF_INET]109.70.150.130:443
Tue Dec 19 15:46:07 2023 daemon.notice ovpnclient[9273]: TCP_CLIENT link local: (not bound)
Tue Dec 19 15:46:07 2023 daemon.notice ovpnclient[9273]: TCP_CLIENT link remote: [AF_INET]109.70.150.130:443
Tue Dec 19 15:46:07 2023 daemon.notice ovpnclient[9273]: TLS: Initial packet from [AF_INET]109.70.150.130:443, sid=ea1f8652 aad60ec0
Tue Dec 19 15:46:08 2023 daemon.notice ovpnclient[9273]: VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
Tue Dec 19 15:46:08 2023 daemon.notice ovpnclient[9273]: VERIFY OK: depth=1, O=NordVPN, CN=NordVPN CA8
Tue Dec 19 15:46:08 2023 daemon.notice ovpnclient[9273]: VERIFY KU OK
Tue Dec 19 15:46:08 2023 daemon.notice ovpnclient[9273]: Validating certificate extended key usage
Tue Dec 19 15:46:08 2023 daemon.notice ovpnclient[9273]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Dec 19 15:46:08 2023 daemon.notice ovpnclient[9273]: VERIFY EKU OK
Tue Dec 19 15:46:08 2023 daemon.notice ovpnclient[9273]: VERIFY X509NAME OK: CN=uk2317.nordvpn.com
Tue Dec 19 15:46:08 2023 daemon.notice ovpnclient[9273]: VERIFY OK: depth=0, CN=uk2317.nordvpn.com
Tue Dec 19 15:46:08 2023 daemon.notice ovpnclient[9273]: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA512
Tue Dec 19 15:46:08 2023 daemon.notice ovpnclient[9273]: [uk2317.nordvpn.com] Peer Connection Initiated with [AF_INET]109.70.150.130:443
Tue Dec 19 15:46:09 2023 daemon.notice ovpnclient[9273]: SENT CONTROL [uk2317.nordvpn.com]: 'PUSH_REQUEST' (status=1)
Tue Dec 19 15:46:09 2023 daemon.notice ovpnclient[9273]: AUTH: Received control message: AUTH_FAILED
Tue Dec 19 15:46:09 2023 daemon.notice ovpnclient[9273]: SIGTERM[soft,auth-failure] received, process exiting
Tue Dec 19 15:46:09 2023 daemon.notice netifd: ovpnclient (9471): Warning: Section @defaults[0] requires unavailable target extension FLOWOFFLOAD, disabling

We can rule out the upstream Internet connection now. Also as I said previously I have had this problem for about a month: I have tried this on many Internet connections, hotel and commerical/fibre ethernet with nothing but DHCP, DNS and outbound NAT in the chain. It worked fine, then one day it stopped.

It’s not the Internet connection because I’ve tried several, it’s not the VPN provider because I’ve tried several. It’s the router.

Furthermore, I can establish a NordVPN connection on my phone when connected to the router’s access point.

So it’s not the upstream provider.

So it turns out this was the issue for the NordVPN connection. I used the instructions here Changes to the login process on third-party apps and routers | NordVPN support to get my service credentials and input these, instead of my main NordVPN login, and then I was able to connect. Thank you @bring.fringe18.

I have downgraded firmware to 4.2.1 (via 4.2.3) to see if that would resolve the issue and it didn’t. I’m now upgrading back to 4.4.6 to see if that fixes the issue.

There’s a reason why nobody likes NordVPN - unless there are big discounts somewhere.
Next renewal, go with mullvad.net instead.

Oh, I forgot to mention that the username and password should be device-specific for Nord openvpn, not the one for your account.

quote:

I tried, and it connected successfully.

image898×459 31.3 KB

I’ve put my router back to 4.4.6 and the NordVPN connection has stayed where it is - can I ask the staff at GL.iNet to put a hint in the interface to use the service credentials instead of the main login as it doesn’t present an error (unless you dig through the logs) and isn’t clear…

FTFY.