I have a RUT955 that's configured as an OVPN client, which has been working reliably for a while. I'd like to turn OVPN on and off by SMS. I just tested it now, but after having sent vpnoff and vpnon the VPN connection no longer works. I have tried turning it on and off in the web interface and rebooted the router as well, but to no success. Oddly enough it says "connected", but it doesn't work, and the Mikrotik router that works as OVPN server says the interface is down. Any clues?
EDIT: fwiw I'm on RUT9_R_00.07.01.4. I found this in the logs:
Fri May 13 13:11:35 2022 daemon.err openvpn(hqOvpn)[28872]: Error opening 'Auth' auth file: /etc/openvpn/auth_hqOvpn: No such file or directory (
errno=2)
Fri May 13 13:11:35 2022 daemon.notice openvpn(hqOvpn)[28872]: Exiting due to fatal error
Fri May 13 13:11:40 2022 daemon.warn openvpn(hqOvpn)[29056]: DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-
256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher
'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
Fri May 13 13:11:40 2022 daemon.notice openvpn(hqOvpn)[29056]: OpenVPN 2.5.3 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTIN
FO] [AEAD]
Fri May 13 13:11:40 2022 daemon.notice openvpn(hqOvpn)[29056]: library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10
Fri May 13 13:11:40 2022 daemon.err openvpn(hqOvpn)[29056]: Error opening 'Auth' auth file: /etc/openvpn/auth_hqOvpn: No such file or directory (
errno=2)
Fri May 13 13:11:40 2022 daemon.notice openvpn(hqOvpn)[29056]: Exiting due to fatal error
Fri May 13 13:11:40 2022 daemon.info procd: Instance openvpn::hqOvpn s in a crash loop 6 crashes, 0 seconds since last crash
After manually typing my username/password in the OPVN configuration I got rid of that, log output is now
Fri May 13 13:31:58 2022 daemon.err openvpn(hqOvpn)[18977]: Connection reset, restarting [0]
Fri May 13 13:31:58 2022 daemon.notice openvpn(hqOvpn)[18977]: TCP/UDP: Closing socket
Fri May 13 13:31:58 2022 daemon.notice openvpn(hqOvpn)[18977]: SIGUSR1[soft,connection-reset] received, process restarting
Fri May 13 13:31:58 2022 daemon.notice openvpn(hqOvpn)[18977]: Restart pause, 5 second(s)
Fri May 13 13:32:03 2022 daemon.warn openvpn(hqOvpn)[18977]: WARNING: No server certificate verification method has been enabled. See http://ope
nvpn.net/howto.html#mitm for more info.
Fri May 13 13:32:03 2022 daemon.warn openvpn(hqOvpn)[18977]: NOTE: the current --script-security setting may allow this configuration to call use
r-defined scripts
Fri May 13 13:32:03 2022 daemon.notice openvpn(hqOvpn)[18977]: Re-using SSL/TLS context
Fri May 13 13:32:03 2022 daemon.notice openvpn(hqOvpn)[18977]: Control Channel MTU parms [ L:1623 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Fri May 13 13:32:03 2022 daemon.notice openvpn(hqOvpn)[18977]: Data Channel MTU parms [ L:1623 D:1450 EF:123 EB:406 ET:0 EL:3 ]
Fri May 13 13:32:03 2022 daemon.notice openvpn(hqOvpn)[18977]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto T
CPv4_CLIENT,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Fri May 13 13:32:03 2022 daemon.notice openvpn(hqOvpn)[18977]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 15
00,proto TCPv4_SERVER,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Fri May 13 13:32:03 2022 daemon.notice openvpn(hqOvpn)[18977]: TCP/UDP: Preserving recently used remote address: [AF_INET]REDACTED:1194
Fri May 13 13:32:03 2022 daemon.notice openvpn(hqOvpn)[18977]: Socket Buffers: R=[131072->131072] S=[16384->16384]
Fri May 13 13:32:03 2022 daemon.notice openvpn(hqOvpn)[18977]: Attempting to establish TCP connection with [AF_INET]REDACTED:1194 [nonblock]
Fri May 13 13:32:03 2022 daemon.notice openvpn(hqOvpn)[18977]: TCP connection established with [AF_INET]REDACTED:1194
Fri May 13 13:32:03 2022 daemon.notice openvpn(hqOvpn)[18977]: TCP_CLIENT link local: (not bound)
Fri May 13 13:32:03 2022 daemon.notice openvpn(hqOvpn)[18977]: TCP_CLIENT link remote: [AF_INET]REDACTED:1194
Fri May 13 13:32:03 2022 daemon.notice openvpn(hqOvpn)[18977]: TLS: Initial packet from [AF_INET]REDACTED:1194, sid=c1df4b50 094d07b3
Why on Earth would this suddenly become a problem after having worked for half a year?