Port Forward C7000

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Author Message
taylorabc101
DD-WRT Novice


Joined: 29 May 2019
Posts: 5

PostPosted: Thu May 30, 2019 0:36    Post subject: Port Forward C7000 Reply with quote
I have an internal server running openvpn behind my dd-wrt netgear c7000 that works behind my netgear running default firmware. But when I flashed the router to the current dd-wrt release I cannot connect for the life of me. I've port forwarded correctly through the web GUI. That didnt work, so I thought it was an iptables rule issue so I erased NVRam and manually added the rules to port forward but still cant get through. I'm wondering if anyone would be able to help set me straight as im sure im doing something wrong.
Sponsor
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Thu May 30, 2019 0:47    Post subject: Reply with quote
Port 0 (in the Port from) is not a valid external port. Try something like 28913 (something valid & obscure).
_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
taylorabc101
DD-WRT Novice


Joined: 29 May 2019
Posts: 5

PostPosted: Thu May 30, 2019 0:53    Post subject: openVPN Reply with quote
So for openVPN how would I possibly know what port they are coming from? It should be a random high port right? Honestly stared at it for so long didn't even realize it put a zero in there.
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Thu May 30, 2019 0:58    Post subject: Reply with quote
taylorabc101 wrote:
So for openVPN how would I possibly know what port they are coming from? It should be a random high port right? Honestly stared at it for so long didn't even realize it put a zero in there.


Let's make sure we're on the same page here.

I assume this is OpenVPN *server* (you merely said OpenVPN), not OpenVPN client. And if this OpenVPN server is behind your primary router, I'm not really sure why you're port forwarding on the dd-wrt router anyway. You would need to port forward on the primary router and over to the WAN ip of the dd-wrt router. Since the OpenVPN server runs on the WAN of the dd-wrt router, and automatically opens port 1194, there's no need for port forwarding on the dd-wrt router.

Now it could be that I have this config completely wrong. Your description was not very precise, so I had to read between the lines a bit, and sometimes that's a hit or miss proposition.

_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
taylorabc101
DD-WRT Novice


Joined: 29 May 2019
Posts: 5

PostPosted: Thu May 30, 2019 1:03    Post subject: Reply with quote
I only have one router being the DD-WRT router with the openVPN server behind it. So WAN->DD-WRT(C7000)->openVPN server. I was merely stating that before I flashed the router to DD-wrt I had the service working.
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Thu May 30, 2019 1:08    Post subject: Reply with quote
Then we're back to where we started. You have to define a fixed, external port on the WAN side of the dd-wrt router that then gets map to an internal ip and port, the one hosting the OpenVPN server. And using Port 0 isn't valid.
_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
taylorabc101
DD-WRT Novice


Joined: 29 May 2019
Posts: 5

PostPosted: Thu May 30, 2019 1:14    Post subject: Reply with quote
Ah i'm a dumbass I see now that issue, I will for now keep it as 1194 as it will require me to change the openvpn client cert. After adding that I am still unable to complete the connection.
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Thu May 30, 2019 1:20    Post subject: Reply with quote
You need to check the OpenVPN server log to see if the OpenVPN client is reaching the server. Maybe it's a misconfiguration and the error is reported in the log.
_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
taylorabc101
DD-WRT Novice


Joined: 29 May 2019
Posts: 5

PostPosted: Thu May 30, 2019 1:33    Post subject: Reply with quote
Okay thank you for all of your help. Now im having a TLS Error on the openVPN server so I will go down the path of figuring out why that is now a thing.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 3640
Location: Netherlands

PostPosted: Thu May 30, 2019 6:42    Post subject: Reply with quote
For some builds you had to define the source net.
Normally when empty it defaults to 0.0.0.0/0
Meaning anywhere. But to be sure just fill it in.
The iptables rules you added manually to port forward are wrong. You merely opened the firewall for traffic destined for 192.168.0.199.
That will not work

_________________
Routers:Netgear R7800, Netgear R6400v1, Netgear R6400v2, Linksys EA6900 (XvortexCFE), Linksys E2000 (converted WRT320N), WRT54GS v1.
Install guide Linksys EA6900: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=291230
Simple PBR (Policy Based Routing) script: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318662
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN server setup guide:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum