Is this a double NAT issue, and can I VPN my work phone?

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Goto page 1, 2  Next
Author Message
logic1485
DD-WRT Novice


Joined: 23 Feb 2021
Posts: 7

PostPosted: Tue Feb 23, 2021 21:41    Post subject: Is this a double NAT issue, and can I VPN my work phone? Reply with quote
Is this a double NAT issue, and can I get my work phone to connect to the work network from home?

I've got the following scenario

work phone (at home) -> PoE switch -> dd-wrt router -> ubiquiti edgerouter-x -> home internet -> office internet -> fortigate -> win10 "wireguard server"

I'm trying to get my work phone working from home, and on the home side it's set up like this so that I can keep everything segregated, such that the work connection can not access my home devices.

Is it possible to get my work phone connected using dd-wrt and wireguard? I don't HAVE to use wireguard, though! I'm open to another option if need be.

The only neccesities are:

I don't have access to the work router
I would like to segregate the two networks at home such that they can access each other's network, which is why I have put in the dd-wrt router on a seperate port on the edgerouter-x.


I'm running DD-WRT v3.0-r44715 mega (11/03/20) on an ASUS RT-N66U
Sponsor
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8583

PostPosted: Wed Feb 24, 2021 7:08    Post subject: Reply with quote
To be honest, trying to provide good advice in a case like this is difficult since I'm going to have to make numerous assumptions. But I'll at least try and see if I can come up w/ something close to meeting your expectations.

I assume this is a VOIP phone. And that you're expecting to use the dd-wrt router to establish a VPN connection to your remote workplace. And by routing the dd-wrt router through the edgerouter, it's isolated from the primary (private) network.

I'm going to also assume that if that VOIP phone was directly patched to your remote (office) network (LAN), it would work. And if that's the case, it would probably make more sense to use OpenVPN and a *bridged* tunnel so that the VOIP phone and the remote network were using the same ethernet network. I'm specifically suggesting OpenVPN because Wireguard doesn't offer a bridged VPN, only routed.

Another issue is this lack of access to the work router. That tells me you can't port forward on the workplace router to establish the OpenVPN connection, at least not if you're expecting the workplace to support the OpenVPN server. You would therefore have to establish the OpenVPN server at your home (i.e., on the dd-wrt router), and have the OpenVPN client at your workplace access it.

Finally, you'd want to add firewall rules to the dd-wrt router to keep any traffic over the OpenVPN tunnel confined to only that router (i.e., don't allow routing outbound, LAN to WAN, and over to the private/home network).

Now that's a lot of speculatin' based on very few details. Realize that what I'm suggesting essentially "punches a hole" through your workplace's firewall, making it theoretically possible for anything on the dd-wrt router to gain access back into the workplace. That's the kind of thing that gives network admins sleepless nights, and is often against company policy, and could possibly get anyone caught doing it FIRED if not authorized in advance.

So in the end, the bigger problem may be getting authorization given the risk to the workplace. As a technical matter, it's not all that difficult (well, for me anyway, I obviously have no idea of your own technical skills).

_________________
ddwrt-ovpn-split-basic.sh
ddwrt-ovpn-split-advanced.sh
ddwrt-ovpn-remote-access.sh
ddwrt-ovpn-client-backup.sh
ddwrt-mount-usb-drives.sh
logic1485
DD-WRT Novice


Joined: 23 Feb 2021
Posts: 7

PostPosted: Wed Feb 24, 2021 9:43    Post subject: Reply with quote
eibgrad wrote:
To be honest, trying to provide good advice in a case like this is difficult since I'm going to have to make numerous assumptions. But I'll at least try and see if I can come up w/ something close to meeting your expectations.

I assume this is a VOIP phone. And that you're expecting to use the dd-wrt router to establish a VPN connection to your remote workplace. And by routing the dd-wrt router through the edgerouter, it's isolated from the primary (private) network.


Correct

eibgrad wrote:
I'm going to also assume that if that VOIP phone was directly patched to your remote (office) network (LAN), it would work.


Correct

eibgrad wrote:
And if that's the case, it would probably make more sense to use OpenVPN and a *bridged* tunnel so that the VOIP phone and the remote network were using the same ethernet network. I'm specifically suggesting OpenVPN because Wireguard doesn't offer a bridged VPN, only routed.


I'm willing to work with that. I'm not stuck on wireguard, just something that I thought would work.

eibgrad wrote:
Another issue is this lack of access to the work router. That tells me you can't port forward on the workplace router to establish the OpenVPN connection, at least not if you're expecting the workplace to support the OpenVPN server. You would therefore have to establish the OpenVPN server at your home (i.e., on the dd-wrt router), and have the OpenVPN client at your workplace access it.


As mentioned previously, I have my own Win10 machine that I could host the client on, provided that OpenVPN would have a client for Win10.

eibgrad wrote:
Finally, you'd want to add firewall rules to the dd-wrt router to keep any traffic over the OpenVPN tunnel confined to only that router (i.e., don't allow routing outbound, LAN to WAN, and over to the private/home network).


Seems like you've got it!


eibgrad wrote:
So in the end, the bigger problem may be getting authorization given the risk to the workplace. As a technical matter, it's not all that difficult (well, for me anyway, I obviously have no idea of your own technical skills).


I can follow instructions pretty well, but if I need to do something like: "open up port xxxx in console" I'm going to need to know what exactly I would need to type in.

Thanks for your help!
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8583

PostPosted: Thu Feb 25, 2021 0:28    Post subject: Reply with quote
I'm not going to go into excruciating detail here since I believe if given a rough outline, you can work out the details. At least *try* to make some progress on your own, and if you have specific issues, ask questions. At least then we can keep the discussion focused on where you possibly have holes in your knowledge.

As far as the OpenVPN server on the dd-wrt router, you might want to consider using FT (FreshTomato) instead of dd-wrt. I think FT's GUI is a little easier to work with, esp. for an OpenVPN newb. It supports auto-generating of certs & keys for *both* server and client, username/password authentication (or just username/password if you prefer), auto-generation of the OpenVPN client config file, and other niceties. OTOH, if you use dd-wrt, you're quickly into the world of EASY-RSA and more limited options. But ultimately the choice is up to you.

Whichever firmware you choose, you'll want to disable the router's DHCP server and assign it a LAN IP. Ideally this would be in the same network as your workplace (you'd have to ask your admin for a static IP so your choice of IP doesn't cause a conflict on the workplace network). This would make administrating the router possible from both your home and the workplace. However, it is possible to use the default IP network instead (i.e., 192.168.1.1) since it is NOT necessary for the router itself to participate in support of the phone, or any other devices you choose to connect to the wired ports or wireless SSID(s). All those devices are going to be initialized by your workplace DHCP server, over the tunnel! Realize as well that the router can still be managed from the edgerouter's network over the WAN provided you enable remote access to the GUI.

Once configured as a bridged (tap) OpenVPN server, you'll obviously have to establish port forwarding from the edgerouter over to the dd-wrt/ft router in order to reach it.

Back at the workplace, if using Windows 10, you can use the OpenVPN Connect software to establish the bridged OpenVPN client. This is where using FT comes in handy since you can use the OpenVPN server GUI to generate a compatible OpenVPN client config, and configure OpenVPN Connect to use it. If you use dd-wrt, then you'll have to *manually* create a compatible OpenVPN client config file. However you create the config file, once connected, you will see a TAP network adapter in the Windows Network Connections applet, where you can right click it and your normal local network connection (wired or wireless), and select Bridge Connections.

At that point, it will be possible for your workplace phone (back at home) to establish itself on the workplace network, just like any other workplace device. Ethernet traffic will flow back and forth across the tunnel, which will include IP traffic.

What remains is to configure the firewall on the dd-wrt/ft router to deny LAN to WAN traffic.

Code:
WAN_IF="$(ip route | awk '/^default/{print $NF}')"
iptables -I FORWARD -i br0 -o $WAN_IF -m state --state NEW -j REJECT


The above firewall rule blocks any devices on the workplace network from initiating connections over the WAN, but still allows replies to the OpenVPN client for managing the connection.

TIP: When configuring the OpenVPN server, do NOT specify dhcp-proxy mode. Instead, create an IP pool. Since you only have the one OpenVPN client, you can make the start and end IP one and the same (e.g., 192.168.1.254).

Again, the best thing to do is just start and see how far you get.

_________________
ddwrt-ovpn-split-basic.sh
ddwrt-ovpn-split-advanced.sh
ddwrt-ovpn-remote-access.sh
ddwrt-ovpn-client-backup.sh
ddwrt-mount-usb-drives.sh
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 7248
Location: Netherlands

PostPosted: Thu Feb 25, 2021 8:42    Post subject: Reply with quote
For DDWRT see the OpenVPN Server setup guide there is a section about setting up a TAP (bridged) connection:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327398


@eibgrad is FT still on K2.6?

_________________
Routers:Netgear R7800, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000 (converted WRT320N), WRT54GS v1.
WireGuard Documents & Guides:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327397
OpenVPN Documents & Guides: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327398
IPSET: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327261
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8583

PostPosted: Thu Feb 25, 2021 10:00    Post subject: Reply with quote
egc wrote:
For DDWRT see the OpenVPN Server setup guide there is a section about setting up a TAP (bridged) connection:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327398


@eibgrad is FT still on K2.6?


I don't believe anything @ FT is greater than k2.6 (even my RT-AC68U).

Functionally, it doesn't really matter if it's dd-wrt or FT, the result is the same. If your setup guide provides more in the way of hand-holding, dd-wrt may in fact be easier. As you know, it's all the work you need to do outside of dd-wrt, specifically EASYRSA, that can be a challenge for newbs. And so the more that can be managed *internally* by the router (which is a growing trend), the better.

_________________
ddwrt-ovpn-split-basic.sh
ddwrt-ovpn-split-advanced.sh
ddwrt-ovpn-remote-access.sh
ddwrt-ovpn-client-backup.sh
ddwrt-mount-usb-drives.sh
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 7248
Location: Netherlands

PostPosted: Thu Feb 25, 2021 14:45    Post subject: Reply with quote
We use Easy RSA3 nowadays, the guide will walk you through but indeed it is some more work but it is one time only Smile
_________________
Routers:Netgear R7800, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000 (converted WRT320N), WRT54GS v1.
WireGuard Documents & Guides:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327397
OpenVPN Documents & Guides: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327398
IPSET: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327261
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 8082
Location: Texas, USA

PostPosted: Thu Feb 25, 2021 16:21    Post subject: Reply with quote
Yes, public FT is still K2.6. They would have to borrow from the public svn or github repo to upgrade.
_________________
Official Forum Rules, Guidelines & Helpful InformationFirmware FAQInstallation WikiWhere Do I Download Firmware?
DON'T use Chromium-based browsersRTFM/STFW TL;DR is NOT an excuse. • Why Should I Care What Color the Bikeshed Is?
Please DO NOT PM me with questions; Ask in the forum. ---------------------- Linux User #377467 counter.li.org / linuxcounter.net
logic1485
DD-WRT Novice


Joined: 23 Feb 2021
Posts: 7

PostPosted: Thu Feb 25, 2021 20:33    Post subject: Reply with quote
eibgrad wrote:
I'm not going to go into excruciating detail here since I believe if given a rough outline, you can work out the details. At least *try* to make some progress on your own, and if you have specific issues, ask questions. At least then we can keep the discussion focused on where you possibly have holes in your knowledge.

As far as the OpenVPN server on the dd-wrt router, you might want to consider using FT (FreshTomato) instead of dd-wrt. I think FT's GUI is a little easier to work with, esp. for an OpenVPN newb. It supports auto-generating of certs & keys for *both* server and client, username/password authentication (or just username/password if you prefer), auto-generation of the OpenVPN client config file, and other niceties. OTOH, if you use dd-wrt, you're quickly into the world of EASY-RSA and more limited options. But ultimately the choice is up to you.

Whichever firmware you choose, you'll want to disable the router's DHCP server and assign it a LAN IP. Ideally this would be in the same network as your workplace (you'd have to ask your admin for a static IP so your choice of IP doesn't cause a conflict on the workplace network). This would make administrating the router possible from both your home and the workplace. However, it is possible to use the default IP network instead (i.e., 192.168.1.1) since it is NOT necessary for the router itself to participate in support of the phone, or any other devices you choose to connect to the wired ports or wireless SSID(s). All those devices are going to be initialized by your workplace DHCP server, over the tunnel! Realize as well that the router can still be managed from the edgerouter's network over the WAN provided you enable remote access to the GUI.

Once configured as a bridged (tap) OpenVPN server, you'll obviously have to establish port forwarding from the edgerouter over to the dd-wrt/ft router in order to reach it.

Back at the workplace, if using Windows 10, you can use the OpenVPN Connect software to establish the bridged OpenVPN client. This is where using FT comes in handy since you can use the OpenVPN server GUI to generate a compatible OpenVPN client config, and configure OpenVPN Connect to use it. If you use dd-wrt, then you'll have to *manually* create a compatible OpenVPN client config file. However you create the config file, once connected, you will see a TAP network adapter in the Windows Network Connections applet, where you can right click it and your normal local network connection (wired or wireless), and select Bridge Connections.

At that point, it will be possible for your workplace phone (back at home) to establish itself on the workplace network, just like any other workplace device. Ethernet traffic will flow back and forth across the tunnel, which will include IP traffic.

What remains is to configure the firewall on the dd-wrt/ft router to deny LAN to WAN traffic.

Code:
WAN_IF="$(ip route | awk '/^default/{print $NF}')"
iptables -I FORWARD -i br0 -o $WAN_IF -m state --state NEW -j REJECT


The above firewall rule blocks any devices on the workplace network from initiating connections over the WAN, but still allows replies to the OpenVPN client for managing the connection.

TIP: When configuring the OpenVPN server, do NOT specify dhcp-proxy mode. Instead, create an IP pool. Since you only have the one OpenVPN client, you can make the start and end IP one and the same (e.g., 192.168.1.254).

Again, the best thing to do is just start and see how far you get.


Can I flash FreshTomato from an existing dd-wrt installation, or would I have to flash the original ASUS firmware, and then FreshTomato? And which version would I have to use?

eibgrad wrote:
egc wrote:
For DDWRT see the OpenVPN Server setup guide there is a section about setting up a TAP (bridged) connection:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327398


@eibgrad is FT still on K2.6?
[...]all the work you need to do outside of dd-wrt, specifically EASYRSA, that can be a challenge for newbs. And so the more that can be managed *internally* by the router (which is a growing trend), the better.


I just saw the pdf, it's 20+ pages...I'd rather install Tomato, and have it over with, but I would try it some other time...!
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 7248
Location: Netherlands

PostPosted: Thu Feb 25, 2021 20:46    Post subject: Reply with quote
Good luck I hope you will succeed.

For questions about fresh tomato ask at their forum.

_________________
Routers:Netgear R7800, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000 (converted WRT320N), WRT54GS v1.
WireGuard Documents & Guides:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327397
OpenVPN Documents & Guides: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327398
IPSET: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327261
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
logic1485
DD-WRT Novice


Joined: 23 Feb 2021
Posts: 7

PostPosted: Thu Feb 25, 2021 21:09    Post subject: Reply with quote
Is there a way to figure out (in dd-wrt) if my N66U is mips based or ARM based?
blkt
DD-WRT Guru


Joined: 20 Jan 2019
Posts: 2409

PostPosted: Thu Feb 25, 2021 21:26    Post subject: Reply with quote
https://wiki.dd-wrt.com/wiki/index.php/Asus_RT-N66U

https://www.broadcom.com/products/wireless/wireless-lan-infrastructure/bcm4706

https://wikidevi.wi-cat.ru/ASUS_RT-N66U - https://wikidevi.wi-cat.ru/Broadcom_BCM4706

https://openwrt.org/toh/asus/rt-n66u

It's all in the MIPS (yeah). Web GUI Status -> Router page can show it, also dmesg from Telnet as root.
logic1485
DD-WRT Novice


Joined: 23 Feb 2021
Posts: 7

PostPosted: Sat Feb 27, 2021 11:20    Post subject: Reply with quote
eibgrad wrote:

Once configured as a bridged (tap) OpenVPN server, you'll obviously have to establish port forwarding from the edgerouter over to the dd-wrt/ft router in order to reach it.



So, I've finally got Fresh Tomato installed!

Now, I just need to find a good guide for setting up the bridged (tap) OpenVPN server.
logic1485
DD-WRT Novice


Joined: 23 Feb 2021
Posts: 7

PostPosted: Sat Feb 27, 2021 16:53    Post subject: Reply with quote
So, here's what happened.

There were no good guides with Fresh Tomato that I could find that had client config utility to generate the config file. So, I flashed back to dd-wrt and followed the guide posted by egc.

I've got everything set up, but tls key negotiation and handshake fails.

Quick question: in dd-wrt there are multiple ips that are being used:
192.168.11.247 WAN IP Address
192.168.11.249 Router Local IP Address
192.168.11.240 Server IP/Name (in OpenVPN Client section)

I'm guessing the handshaking is failing because I've not forwarded the correct IP. I've tried 240, going to try 247 (and connect through to the edgerouter through the WAN port) and see if that makes a difference.

(edit: I've plugged in the edgerouter into the WAN port, and forwarded 1194 to 1194 on 192.168.11.247 in the edgerouter port forwarding section and it still doesn't work)

There's one more area of difference:

In the guide by egc, the OpenVPN Server/Daemon section has three data cipher sections, which matches what I see on my dd-wrt, but in the OpenVPN Client section in the guide, after the hash algorithm, there are no data ciphers at all.

Maybe I've missed a setting somewhere, but when pasting the settings into the .ovpn file, in the guide, there is only one cipher, whereas I thought all of them would have to be mentioned. Maybe this is also giving trouble to the handshaking process?

page 31 in this guide is what I am refering to:

https://forum.dd-wrt.com/phpBB2/download.php?id=44043

found in this thread:

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795

edit:
picture of my openvpn client section for refernce can be found at the following link:
https://imgur.com/PpIdr1M

edit2:
also, for reference, by build is Firmware: DD-WRT v3.0-r44715 mega (11/03/20)

edit 3:
just read through the troubleshooting guide, and checked the section on TLS error and the server address is resolving correctly (I've set up a ddns), and the port is forwarded correctly.
The Windows firewall is disabled (for testing purposes) so that's not interfering, the only thing that could be interfering could be SFE. Should I disable it, and where can I find it?

edit 4:
eibgrad said I should put the following in the firewall of the dd-wrt:
Code:
WAN_IF="$(ip route | awk '/^default/{print $NF}')"
iptables -I FORWARD -i br0 -o $WAN_IF -m state --state NEW -j REJECT


Could that be interfering?

edit 5:

The log from the connection window:

Code:
Sat Feb 27 18:41:01 2021   pkcs11_private_mode = 00000000
Sat Feb 27 18:41:01 2021   pkcs11_private_mode = 00000000
Sat Feb 27 18:41:01 2021   pkcs11_private_mode = 00000000
Sat Feb 27 18:41:01 2021   pkcs11_private_mode = 00000000
Sat Feb 27 18:41:01 2021   pkcs11_private_mode = 00000000
Sat Feb 27 18:41:01 2021   pkcs11_private_mode = 00000000
Sat Feb 27 18:41:01 2021   pkcs11_private_mode = 00000000
Sat Feb 27 18:41:01 2021   pkcs11_private_mode = 00000000
Sat Feb 27 18:41:01 2021   pkcs11_private_mode = 00000000
Sat Feb 27 18:41:01 2021   pkcs11_private_mode = 00000000
Sat Feb 27 18:41:01 2021   pkcs11_private_mode = 00000000
Sat Feb 27 18:41:01 2021   pkcs11_private_mode = 00000000
Sat Feb 27 18:41:01 2021   pkcs11_private_mode = 00000000
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_cert_private = DISABLED
Sat Feb 27 18:41:01 2021   pkcs11_pin_cache_period = -1
Sat Feb 27 18:41:01 2021   pkcs11_id = '[UNDEF]'
Sat Feb 27 18:41:01 2021   pkcs11_id_management = DISABLED
Sat Feb 27 18:41:01 2021   server_network = 0.0.0.0
Sat Feb 27 18:41:01 2021   server_netmask = 0.0.0.0
Sat Feb 27 18:41:01 2021   server_network_ipv6 = ::
Sat Feb 27 18:41:01 2021   server_netbits_ipv6 = 0
Sat Feb 27 18:41:01 2021   server_bridge_ip = 0.0.0.0
Sat Feb 27 18:41:01 2021   server_bridge_netmask = 0.0.0.0
Sat Feb 27 18:41:01 2021   server_bridge_pool_start = 0.0.0.0
Sat Feb 27 18:41:01 2021   server_bridge_pool_end = 0.0.0.0
Sat Feb 27 18:41:01 2021   ifconfig_pool_defined = DISABLED
Sat Feb 27 18:41:01 2021   ifconfig_pool_start = 0.0.0.0
Sat Feb 27 18:41:01 2021   ifconfig_pool_end = 0.0.0.0
Sat Feb 27 18:41:01 2021   ifconfig_pool_netmask = 0.0.0.0
Sat Feb 27 18:41:01 2021   ifconfig_pool_persist_filename = '[UNDEF]'
Sat Feb 27 18:41:01 2021   ifconfig_pool_persist_refresh_freq = 600
Sat Feb 27 18:41:01 2021   ifconfig_ipv6_pool_defined = DISABLED
Sat Feb 27 18:41:01 2021   ifconfig_ipv6_pool_base = ::
Sat Feb 27 18:41:01 2021   ifconfig_ipv6_pool_netbits = 0
Sat Feb 27 18:41:01 2021   n_bcast_buf = 256
Sat Feb 27 18:41:01 2021   tcp_queue_limit = 64
Sat Feb 27 18:41:01 2021   real_hash_size = 256
Sat Feb 27 18:41:01 2021   virtual_hash_size = 256
Sat Feb 27 18:41:01 2021   client_connect_script = '[UNDEF]'
Sat Feb 27 18:41:01 2021   learn_address_script = '[UNDEF]'
Sat Feb 27 18:41:01 2021   client_disconnect_script = '[UNDEF]'
Sat Feb 27 18:41:01 2021   client_config_dir = '[UNDEF]'
Sat Feb 27 18:41:01 2021   ccd_exclusive = DISABLED
Sat Feb 27 18:41:01 2021   tmp_dir = 'C:\Users\Tom\AppData\Local\Temp\'
Sat Feb 27 18:41:01 2021   push_ifconfig_defined = DISABLED
Sat Feb 27 18:41:01 2021   push_ifconfig_local = 0.0.0.0
Sat Feb 27 18:41:01 2021   push_ifconfig_remote_netmask = 0.0.0.0
Sat Feb 27 18:41:01 2021   push_ifconfig_ipv6_defined = DISABLED
Sat Feb 27 18:41:01 2021   push_ifconfig_ipv6_local = ::/0
Sat Feb 27 18:41:01 2021   push_ifconfig_ipv6_remote = ::
Sat Feb 27 18:41:01 2021   enable_c2c = DISABLED
Sat Feb 27 18:41:01 2021   duplicate_cn = DISABLED
Sat Feb 27 18:41:01 2021   cf_max = 0
Sat Feb 27 18:41:01 2021   cf_per = 0
Sat Feb 27 18:41:01 2021   max_clients = 1024
Sat Feb 27 18:41:01 2021   max_routes_per_client = 256
Sat Feb 27 18:41:01 2021   auth_user_pass_verify_script = '[UNDEF]'
Sat Feb 27 18:41:01 2021   auth_user_pass_verify_script_via_file = DISABLED
Sat Feb 27 18:41:01 2021   auth_token_generate = DISABLED
Sat Feb 27 18:41:01 2021   auth_token_lifetime = 0
Sat Feb 27 18:41:01 2021   auth_token_secret_file = '[UNDEF]'
Sat Feb 27 18:41:01 2021   vlan_tagging = DISABLED
Sat Feb 27 18:41:01 2021   vlan_accept = all
Sat Feb 27 18:41:01 2021   vlan_pvid = 1
Sat Feb 27 18:41:01 2021   client = ENABLED
Sat Feb 27 18:41:01 2021   pull = ENABLED
Sat Feb 27 18:41:01 2021   auth_user_pass_file = '[UNDEF]'
Sat Feb 27 18:41:01 2021   show_net_up = DISABLED
Sat Feb 27 18:41:01 2021   route_method = 3
Sat Feb 27 18:41:01 2021   block_outside_dns = DISABLED
Sat Feb 27 18:41:01 2021   ip_win32_defined = DISABLED
Sat Feb 27 18:41:01 2021   ip_win32_type = 3
Sat Feb 27 18:41:01 2021   dhcp_masq_offset = 0
Sat Feb 27 18:41:01 2021   dhcp_lease_time = 31536000
Sat Feb 27 18:41:01 2021   tap_sleep = 0
Sat Feb 27 18:41:01 2021   dhcp_options = DISABLED
Sat Feb 27 18:41:01 2021   dhcp_renew = DISABLED
Sat Feb 27 18:41:01 2021   dhcp_pre_release = DISABLED
Sat Feb 27 18:41:01 2021   domain = '[UNDEF]'
Sat Feb 27 18:41:01 2021   netbios_scope = '[UNDEF]'
Sat Feb 27 18:41:01 2021   netbios_node_type = 0
Sat Feb 27 18:41:01 2021   disable_nbt = DISABLED
Sat Feb 27 18:41:01 2021 OpenVPN 2.5.1 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Feb 24 2021
Sat Feb 27 18:41:01 2021 Windows version 10.0 (Windows 10 or greater) 64bit
Sat Feb 27 18:41:01 2021 library versions: OpenSSL 1.1.1j  16 Feb 2021, LZO 2.10
Sat Feb 27 18:41:01 2021 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sat Feb 27 18:41:01 2021 Need hold release from management interface, waiting...
Sat Feb 27 18:41:02 2021 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sat Feb 27 18:41:02 2021 MANAGEMENT: CMD 'state on'
Sat Feb 27 18:41:02 2021 MANAGEMENT: CMD 'log all on'
Sat Feb 27 18:41:02 2021 MANAGEMENT: CMD 'echo all on'
Sat Feb 27 18:41:02 2021 MANAGEMENT: CMD 'bytecount 5'
Sat Feb 27 18:41:02 2021 MANAGEMENT: CMD 'hold off'
Sat Feb 27 18:41:02 2021 MANAGEMENT: CMD 'hold release'
Sat Feb 27 18:41:02 2021 Control Channel MTU parms [ L:1653 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Feb 27 18:41:02 2021 MANAGEMENT: >STATE:1614447662,RESOLVE,,,,,,
Sat Feb 27 18:41:02 2021 Data Channel MTU parms [ L:1653 D:1450 EF:121 EB:411 ET:32 EL:3 ]
Sat Feb 27 18:41:02 2021 Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client'
Sat Feb 27 18:41:02 2021 Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server'
Sat Feb 27 18:41:02 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:41:02 2021 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sat Feb 27 18:41:02 2021 UDPv4 link local: (not bound)
Sat Feb 27 18:41:02 2021 UDPv4 link remote: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:41:02 2021 MANAGEMENT: >STATE:1614447662,WAIT,,,,,,
Sat Feb 27 18:42:02 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Feb 27 18:42:02 2021 TLS Error: TLS handshake failed
Sat Feb 27 18:42:02 2021 TCP/UDP: Closing socket
Sat Feb 27 18:42:02 2021 SIGUSR1[soft,tls-error] received, process restarting
Sat Feb 27 18:42:02 2021 MANAGEMENT: >STATE:1614447722,RECONNECTING,tls-error,,,,,
Sat Feb 27 18:42:02 2021 Restart pause, 5 second(s)
Sat Feb 27 18:42:07 2021 Re-using SSL/TLS context
Sat Feb 27 18:42:07 2021 Control Channel MTU parms [ L:1653 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Feb 27 18:42:07 2021 MANAGEMENT: >STATE:1614447727,RESOLVE,,,,,,
Sat Feb 27 18:42:07 2021 Data Channel MTU parms [ L:1653 D:1450 EF:121 EB:411 ET:32 EL:3 ]
Sat Feb 27 18:42:07 2021 Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client'
Sat Feb 27 18:42:07 2021 Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server'
Sat Feb 27 18:42:07 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:42:07 2021 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sat Feb 27 18:42:07 2021 UDPv4 link local: (not bound)
Sat Feb 27 18:42:07 2021 UDPv4 link remote: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:42:07 2021 MANAGEMENT: >STATE:1614447727,WAIT,,,,,,
Sat Feb 27 18:43:07 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Feb 27 18:43:07 2021 TLS Error: TLS handshake failed
Sat Feb 27 18:43:07 2021 TCP/UDP: Closing socket
Sat Feb 27 18:43:07 2021 SIGUSR1[soft,tls-error] received, process restarting
Sat Feb 27 18:43:07 2021 MANAGEMENT: >STATE:1614447787,RECONNECTING,tls-error,,,,,
Sat Feb 27 18:43:07 2021 Restart pause, 5 second(s)
Sat Feb 27 18:43:12 2021 Re-using SSL/TLS context
Sat Feb 27 18:43:12 2021 Control Channel MTU parms [ L:1653 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Feb 27 18:43:12 2021 MANAGEMENT: >STATE:1614447792,RESOLVE,,,,,,
Sat Feb 27 18:43:12 2021 Data Channel MTU parms [ L:1653 D:1450 EF:121 EB:411 ET:32 EL:3 ]
Sat Feb 27 18:43:12 2021 Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client'
Sat Feb 27 18:43:12 2021 Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server'
Sat Feb 27 18:43:12 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:43:12 2021 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sat Feb 27 18:43:12 2021 UDPv4 link local: (not bound)
Sat Feb 27 18:43:12 2021 UDPv4 link remote: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:43:12 2021 MANAGEMENT: >STATE:1614447792,WAIT,,,,,,
Sat Feb 27 18:44:12 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Feb 27 18:44:12 2021 TLS Error: TLS handshake failed
Sat Feb 27 18:44:12 2021 TCP/UDP: Closing socket
Sat Feb 27 18:44:12 2021 SIGUSR1[soft,tls-error] received, process restarting
Sat Feb 27 18:44:12 2021 MANAGEMENT: >STATE:1614447852,RECONNECTING,tls-error,,,,,
Sat Feb 27 18:44:12 2021 Restart pause, 5 second(s)
Sat Feb 27 18:44:17 2021 Re-using SSL/TLS context
Sat Feb 27 18:44:17 2021 Control Channel MTU parms [ L:1653 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Feb 27 18:44:17 2021 MANAGEMENT: >STATE:1614447857,RESOLVE,,,,,,
Sat Feb 27 18:44:17 2021 Data Channel MTU parms [ L:1653 D:1450 EF:121 EB:411 ET:32 EL:3 ]
Sat Feb 27 18:44:17 2021 Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client'
Sat Feb 27 18:44:17 2021 Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server'
Sat Feb 27 18:44:17 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:44:17 2021 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sat Feb 27 18:44:17 2021 UDPv4 link local: (not bound)
Sat Feb 27 18:44:17 2021 UDPv4 link remote: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:44:17 2021 MANAGEMENT: >STATE:1614447857,WAIT,,,,,,
Sat Feb 27 18:45:17 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Feb 27 18:45:17 2021 TLS Error: TLS handshake failed
Sat Feb 27 18:45:17 2021 TCP/UDP: Closing socket
Sat Feb 27 18:45:17 2021 SIGUSR1[soft,tls-error] received, process restarting
Sat Feb 27 18:45:17 2021 MANAGEMENT: >STATE:1614447917,RECONNECTING,tls-error,,,,,
Sat Feb 27 18:45:17 2021 Restart pause, 5 second(s)
Sat Feb 27 18:45:22 2021 Re-using SSL/TLS context
Sat Feb 27 18:45:22 2021 Control Channel MTU parms [ L:1653 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Feb 27 18:45:22 2021 MANAGEMENT: >STATE:1614447922,RESOLVE,,,,,,
Sat Feb 27 18:45:22 2021 Data Channel MTU parms [ L:1653 D:1450 EF:121 EB:411 ET:32 EL:3 ]
Sat Feb 27 18:45:22 2021 Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client'
Sat Feb 27 18:45:22 2021 Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server'
Sat Feb 27 18:45:22 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:45:22 2021 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sat Feb 27 18:45:22 2021 UDPv4 link local: (not bound)
Sat Feb 27 18:45:22 2021 UDPv4 link remote: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:45:22 2021 MANAGEMENT: >STATE:1614447922,WAIT,,,,,,
Sat Feb 27 18:46:22 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Feb 27 18:46:22 2021 TLS Error: TLS handshake failed
Sat Feb 27 18:46:22 2021 TCP/UDP: Closing socket
Sat Feb 27 18:46:22 2021 SIGUSR1[soft,tls-error] received, process restarting
Sat Feb 27 18:46:22 2021 MANAGEMENT: >STATE:1614447982,RECONNECTING,tls-error,,,,,
Sat Feb 27 18:46:22 2021 Restart pause, 10 second(s)
Sat Feb 27 18:46:32 2021 Re-using SSL/TLS context
Sat Feb 27 18:46:32 2021 Control Channel MTU parms [ L:1653 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Feb 27 18:46:32 2021 MANAGEMENT: >STATE:1614447992,RESOLVE,,,,,,
Sat Feb 27 18:46:32 2021 Data Channel MTU parms [ L:1653 D:1450 EF:121 EB:411 ET:32 EL:3 ]
Sat Feb 27 18:46:32 2021 Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client'
Sat Feb 27 18:46:32 2021 Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server'
Sat Feb 27 18:46:32 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:46:32 2021 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sat Feb 27 18:46:32 2021 UDPv4 link local: (not bound)
Sat Feb 27 18:46:32 2021 UDPv4 link remote: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:46:32 2021 MANAGEMENT: >STATE:1614447992,WAIT,,,,,,
Sat Feb 27 18:47:32 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Feb 27 18:47:32 2021 TLS Error: TLS handshake failed
Sat Feb 27 18:47:32 2021 TCP/UDP: Closing socket
Sat Feb 27 18:47:32 2021 SIGUSR1[soft,tls-error] received, process restarting
Sat Feb 27 18:47:32 2021 MANAGEMENT: >STATE:1614448052,RECONNECTING,tls-error,,,,,
Sat Feb 27 18:47:32 2021 Restart pause, 20 second(s)
Sat Feb 27 18:47:52 2021 Re-using SSL/TLS context
Sat Feb 27 18:47:52 2021 Control Channel MTU parms [ L:1653 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Feb 27 18:47:52 2021 MANAGEMENT: >STATE:1614448072,RESOLVE,,,,,,
Sat Feb 27 18:47:52 2021 Data Channel MTU parms [ L:1653 D:1450 EF:121 EB:411 ET:32 EL:3 ]
Sat Feb 27 18:47:52 2021 Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client'
Sat Feb 27 18:47:52 2021 Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server'
Sat Feb 27 18:47:52 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:47:52 2021 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sat Feb 27 18:47:52 2021 UDPv4 link local: (not bound)
Sat Feb 27 18:47:52 2021 UDPv4 link remote: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:47:52 2021 MANAGEMENT: >STATE:1614448072,WAIT,,,,,,
Sat Feb 27 18:48:52 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Feb 27 18:48:52 2021 TLS Error: TLS handshake failed
Sat Feb 27 18:48:52 2021 TCP/UDP: Closing socket
Sat Feb 27 18:48:52 2021 SIGUSR1[soft,tls-error] received, process restarting
Sat Feb 27 18:48:52 2021 MANAGEMENT: >STATE:1614448132,RECONNECTING,tls-error,,,,,
Sat Feb 27 18:48:52 2021 Restart pause, 40 second(s)
Sat Feb 27 18:49:32 2021 Re-using SSL/TLS context
Sat Feb 27 18:49:32 2021 Control Channel MTU parms [ L:1653 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Feb 27 18:49:32 2021 MANAGEMENT: >STATE:1614448172,RESOLVE,,,,,,
Sat Feb 27 18:49:32 2021 Data Channel MTU parms [ L:1653 D:1450 EF:121 EB:411 ET:32 EL:3 ]
Sat Feb 27 18:49:32 2021 Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client'
Sat Feb 27 18:49:32 2021 Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server'
Sat Feb 27 18:49:32 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:49:32 2021 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sat Feb 27 18:49:32 2021 UDPv4 link local: (not bound)
Sat Feb 27 18:49:32 2021 UDPv4 link remote: [AF_INET]84.198.75.184:1194
Sat Feb 27 18:49:32 2021 MANAGEMENT: >STATE:1614448172,WAIT,,,,,,
Sat Feb 27 18:50:32 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Feb 27 18:50:32 2021 TLS Error: TLS handshake failed
Sat Feb 27 18:50:32 2021 TCP/UDP: Closing socket
Sat Feb 27 18:50:32 2021 SIGUSR1[soft,tls-error] received, process restarting
Sat Feb 27 18:50:32 2021 MANAGEMENT: >STATE:1614448232,RECONNECTING,tls-error,,,,,
Sat Feb 27 18:50:32 2021 Restart pause, 80 second(s)
[/code]
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 7248
Location: Netherlands

PostPosted: Sat Feb 27, 2021 19:05    Post subject: Reply with quote
SFE does not matter.

The Tap paragraph is not yet updated (it explicitly states so)
You can just add the datacipher line from the tun interface:
Quote:
data-ciphers CHACHA20-POLY1305:AES-256-GCM:AES-128-GCM:AES-256-CBC


But usually the TLS Key error is pointing to a network connection error, so your client can simply not reach your server.

It is best to test when you are sitting next to the server but of course you cannot test from inside your network and you cannot use a phone because they do not support TAP mode.
So test with your laptop connected to your phone which is functioning as a hotspoot while using cellular.

Alternatively just setup as TUN (routed) and check with your phone on cellular (phones both android and iOS only support TUN).

If that works you can easily switch to TAP

_________________
Routers:Netgear R7800, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000 (converted WRT320N), WRT54GS v1.
WireGuard Documents & Guides:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327397
OpenVPN Documents & Guides: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327398
IPSET: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327261
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Goto page 1, 2  Next Display posts from previous:    Page 1 of 2
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum