Troubleshooting

1. After generating the certificate, the client prompts that the certificate is invalid when connecting. What should I do?

   • Check if the router's WAN IP address has changed. If it has changed, you need to regenerate the certificate, export a new configuration file, and replace the old file in the client's "config" folder.

   • Confirm that the router had a stable internet connection during the certificate generation process. If the network was unstable during generation, regenerate the certificate.

2. After clicking "Connect" in the client, it cannot connect successfully for a long time. What could be the reasons?

   • Check if the router's OpenVPN server is enabled. Go to the "OpenVPN Server" page in the Web UI to confirm the function is turned on.

   • Verify that the configuration file imported by the client is the latest generated one. If the certificate corresponding to the configuration file has expired, you need to re-export and replace it.

   • Check the network environment. Ensure the network where the client is located can normally access the router's WAN IP address and the OpenVPN service port. Try temporarily disabling the firewall and antivirus software on the client computer and then reconnecting.

   • Confirm whether the router has obtained a public IP address. If it has a private IP address (e.g., starting with 100.), external clients might be unable to connect. You may need to contact your ISP to obtain a public IP.

3. After a successful connection, the client cannot access devices on the home network. How to resolve this?

   • Check the "Client Access" parameter in the router's OpenVPN server settings. Ensure it is set to "Internet and Home Network" or "Home Network Only". If it is set to internet access only, adjust this parameter accordingly and save the settings.

   • Confirm that the IP addresses of devices on the home network (e.g., NAS, computer) are within the router's LAN subnet (default: 192.168.0.0/24) and that these devices do not have firewalls enabled that restrict external access. You can temporarily disable the device's firewall for testing.

 Security and Others

1. After enabling the OpenVPN server, how to ensure its security?

   • Avoid setting the "Remote IP Address" in "Remote Management" to 0.0.0.0 (which allows access from all IP addresses). If technical support requires remote assistance, only specify the other party's IP address.

   • Regularly change the OpenVPN service port to avoid using the default port, which might be targeted by malicious scans.

   • Safely store the generated certificates and configuration files. Do not share them arbitrarily with unauthorized personnel to prevent unauthorized devices from connecting.

2. Will the OpenVPN server configuration be lost after the router restarts?

   • No. After the router restarts, the saved OpenVPN server configuration (including service type, port, client access permissions, etc.) will be retained, provided you clicked "Save" before the restart. However, if the router is reset to factory settings, the configuration will be erased and needs to be reconfigured.