Problem Setting up OpenVPN from home computer client to satellite remote site server

I am trying to get a VPN connection from home to a remote site. The site had HughesNet satellite internet. I have setup a LAN on the remote site with a router (Specthe ERT310) and configured OpenVPN. On my home Windows PC I setup the client attached client.ovpn.
On the client when I click connect the it is just black until it says "connection to client has failed".

1) Any ideas on why I am not able to connect?
2) If this type of connection is not possible for some reason is there another way you can suggest? (teamview like apps are not an option because I need network access).
ido90Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
I would first check your VPN connection on a non-satellite link. If the VPN connection works normally, then the satellite link may have too much latency in the connection for VPN to work at all.

The only thing I could suggest is a better VPN client. I use NCP Secure Entry (www.ncp-e.com) and it is top of class. NCP provides a 30 day trial so you can see if fits your requirement.

You want to make sure whatever you try so that you understand what works and when and what does not work and when. This will help you avoid chasing your tail.
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
You'll have to read the client's OpenVPN log file for reasons. To see something in the log, you should have at least verbose 3.
Did you use the default and recommended UDP 1194 port config? Are you using a static IP or DNS address for the server, and if latter, does it resolve correct? Any firewall on the remote site?
ido90Author Commented:
I actually set this up on TCP 1194. Isn't UDP less reliable because its one sided?
Im not using a static IP  Im getting the ip and inputting it manually. Once it working Im planning to setup DNSy.
No firewalls and I did enable all the ports in the NAT. It maybe the provider I still need to test this in another location.

I setup NCP Secure Entry software and still it did not work, does the NCP software has any logs on why its not connecting?
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

JohnBusiness Consultant (Owner)Commented:
It maybe the provider I still need to test this in another location.

That would be an excellent idea to do a "divide and conquer" problem solving technique.

does the NCP software has any logs on why its not connecting?

Yes. NCP, Help, Log Book, and also Help, Extended Log Book settings to configure what you want logged.

I have been using NCP for years (no, I do not work for them) because (a) it works with any connection technology I use and (b) it supports NAT Traversal natively which means it works nearly anywhere.
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
NCP uses IPsec, and does not work with OpenVPN. You need a different server setup for it.
ido90Author Commented:
With the NCP I tried IPsec, did not work also, I want to get another router so I can isolate the possibility that its the router. Is this a good router Linksys LRT224 or do you suggest to use another brand for critical app?
JohnBusiness Consultant (Owner)Commented:
The LRT224 is fairly close to my Cisco RV325 that I use in my home office.

The LRT224 is a VPN router and so be sure you do not set up any Site to Site tunnels with it. NCP will not work through a VPN routers with existing tunnels. If no tunnels (not just disabled) then NCP works fine.
ido90Author Commented:
multiple clients can access through NCP or just one client at a time? The RV325 does not have this issue?
JohnBusiness Consultant (Owner)Commented:
First, a VPN client (NCP specifically) cannot work through a Cisco RV042, Cisco RV042G or a Cisco RV325 when existing site to site tunnels are in place.

Second, NCP is a client application. It can only support one connection at a time. This is a design limitation of NCP. I contacted them about this. It is a security design.

If you want multiple clients at the remote end, maybe you DO want a VPN router with site to site tunnels. I do this and it works fine. All IPsec, of course.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
Multiple different clients (PCs) can use NCP simultanously. A single client cannot use NCP to more than one target.
JohnBusiness Consultant (Owner)Commented:
ido90 - You need to be clear if you are trying to connect one client computer with a software application or if you are trying to connect several computers. The answers are different.
ido90Author Commented:
I am trying to connect to one location (Router to have access to one LAN) . Multiple people will need access to this LAN remotely from the internet. Normally 4-5 people at once.
JohnBusiness Consultant (Owner)Commented:
What you need to do, then, is get a good VPN router that will do site-to-site tunnels via IPsec and not use a client application. I do this myself and know it to work, but I have a regular (not satellite) connection.

I have done this with Cisco RV042, RV042G and now RV325. They all work.  The Linksys LRT224 looks like it will work as well.

You need comparable VPN gear at the other location.
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
John, the OP is talking 'bout "from Home" - I read that the clients are outside of an office, and just connecting to a single point. So using another device to connect does not makes sense if I'm correct.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.