Port routing for openvpn

  • Everything was working fine. Upgraded routers and changed ddns name and now I'm having issues.


    I changed ddns name in the openvpn plugin on openmediavault. Re-downloaded the certs and it won't authenticate. Port is opened with the correct protocol on the router. When I do an open port check online the it says the port is closed. I wasn't sure if that was normal to not show open because it's a vpn port or not. Plex and syncthing ports opened as it should.

  • Hi GTvert90,


    I have a few questions to ask to help troubleshoot your issue.

    Upgraded routers and changed ddns name and now I'm having issues.


    When you say "upgrade" do you mean the same device or you replaced it with a new router?
    Is ddns being updated with the new hostname?
    Do you happen to have the docker plugin installed?
    Are you using the OMV firewall?

  • Hi GTvert90,


    I have a few questions to ask to help troubleshoot your issue.
    Quote from GTvert90: “Upgraded routers and changed ddns name and now I'm having issues.”
    When you say "upgrade" do you mean the same device or you replaced it with a new…


    Sorry for not being clear I was in a hurry.


    Went from an Asus ac66u to ac88u router. I use Asus' ddns service built in to the router. When I changed routers I changed my ddns name.


    I set up the router and forwarded the same ports the same as before. I went into OMV and under the openvpn settings I changed the ddns to the new name. I then applied and saved and downloaded new certificates.


    I was having trouble authenticating the vpn from my phone so I changed my OMV user password just in case I for some reason forgot it. I still had issues. I then used an online port checker and it said it isn't open. (tho someone on the router forum said the online tests usually check for TCP only)


    Not using the firewall on OMV. and I do not believe I have the docker plugin installed

  • Yeah online checkers typically won't scan UDP ports. I believe your issue maybe you need to add the static route for your vpn traffic or enable NAT on. I'm looking through the manual now to check.

  • Ok I read through the manual and NAT is enabled by default so that wouldn't be the issue. I also noticed that the firewall is also enabled by default. I'm not sure but I think it may be blocking the traffic even though you have the port forwarded. I don't think the problem lies with OpenVPN on OMV though. I recreated your scenario by using a different ddns name and I changed my port to 1195 for testing. I put the new ovpn file on my phone and it worked. I use pfSense as my firewall/router. I have to add a static route for the vpn traffic to reach openvpn on omv. I'm not sure if you did that on your old router but you may need to on this one. Do you know what error you're seeing from your phone? Is it failing on host lookup or the TLS handshake?


    Another thing I would suggest is try using the built-in OpenVPN server on your router. This would eliminate the need to setup static routes, and port forwarding since it would be handled by the router itself. Just a thought. You can also set it up just to verify / test VPN.

  • Ok I read through the manual and NAT is enabled by default so that wouldn't be the issue. I also noticed that the firewall is also enabled by default. I'm not sure but I think it may be blocking the traffic even though you have the port forwarded. I don't think the problem lies with OpenVPN on OMV though. I recreated your scenario by using a different ddns name and I changed my port to 1195 for testing. I put the new ovpn file on my phone and it worked. I use pfSense as my firewall/router. I have to add a static route for the vpn traffic to reach openvpn on omv. I'm not sure if you did that on your old router but you may need to on this one. Do you know what error you're seeing from your phone? Is it failing on host lookup or the TLS handshake?Another thing I would suggest is try using the built-in OpenVPN server on your router. This would eliminate the need to setup static routes, and port forwarding since it would be handled by the router itself. Just a thought. You can also set it up just to verify / test VPN.

    I tried openvpn on the AC66u and it slowed things down when my buddy connected. I might need to try again on the AC88U. Just worked well running it on OMV I thought I'd continue

  • No problem. Just thought you can try it as an option for troubleshooting. I haven't used an Asus router so I'm not familiar with the settings. I tried looking for examples with the ac88u and openvpn on another system but there wasn't much out there. There was a lot of topics on the ac66u. If you can still access the a66u, view the settings for comparison perhaps. It's probably something simple. I would look at the firewall as a starting point. Let me know how it goes. Feel free to ask any other questions.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!