Author
Message
StillBlue DD-WRT User Joined: 11 Apr 2009 Posts: 257 Location: UK
Posted: Tue Apr 06, 2021 9:34 Post subject: NordVPN setup with 46177
I have a Nord VPN account, and did have it set up on OpenVPN on my router, but since upgrading from a very old version of DD-WRT, it now no longer works.
I have followed the guide at NordVPN for DD-WRT, but no joy.
https://support.nordvpn.com/Connectivity/Router/1047410342/DD-WRT-setup-with-NordVPN.htm
Below is the configuration I have put in, if I go to Status->OpenVPN it freezes the routers web interface completely and I have to restart the router. and IFConfig show's no tunnel interface up.
I would be very grateful for any suggestions.
Thanks
Back to top
Sponsor
StillBlue DD-WRT User Joined: 11 Apr 2009 Posts: 257 Location: UK
Back to top
StillBlue DD-WRT User Joined: 11 Apr 2009 Posts: 257 Location: UK
Posted: Tue Apr 06, 2021 11:17 Post subject:
Nope, still the same issues unfortunately. The main one being that trying to open Status-OpenVPN completely locks up the webserver on the router until the machine is restarted, locking me out of the GUI completely.
Back to top
StillBlue DD-WRT User Joined: 11 Apr 2009 Posts: 257 Location: UK
Posted: Tue Apr 06, 2021 11:29 Post subject:
I cannot telnet into port 5001 or 5002 either.
Back to top
StillBlue DD-WRT User Joined: 11 Apr 2009 Posts: 257 Location: UK
Posted: Tue Apr 06, 2021 11:34 Post subject:
OK, the good news is if I remove all of my config, I can access the Status page. I will start again bit by bit and see what brings it down.
Back to top
StillBlue DD-WRT User Joined: 11 Apr 2009 Posts: 257 Location: UK
Posted: Tue Apr 06, 2021 11:42 Post subject:
Once I add the TLS Key and CA Cert, that is when it all goes wrong.
Back to top
StillBlue DD-WRT User Joined: 11 Apr 2009 Posts: 257 Location: UK
Posted: Tue Apr 06, 2021 11:53 Post subject:
I have checked and double checked that the TLS Key and CA Cert are correct, and they are.
Back to top
StillBlue DD-WRT User Joined: 11 Apr 2009 Posts: 257 Location: UK
Posted: Tue Apr 06, 2021 12:32 Post subject:
syslog shows this when the service starts (my router name is actually iPhone).
Apr 6 13:31:37 iPhone user.info syslog: openvpn : OpenVPN daemon (Client) successfully stopped
Apr 6 13:31:37 iPhone user.info syslog: pptpd : daemon successfully stopped
Apr 6 13:31:40 iPhone user.info syslog: openvpn : OpenVPN daemon (Client) hanging, send SIGKILL
Apr 6 13:31:40 iPhone user.info syslog: openvpn : OpenVPN daemon (Client) starting/restarting...
Apr 6 13:31:40 iPhone daemon.warn openvpn[1558]: WARNING: Using --management on a TCP port WITHOUT passwords is STRONGLY discouraged and considered insecure
Apr 6 13:31:40 iPhone daemon.warn openvpn[1558]: WARNING: file '/tmp/openvpncl/credentials' is group or others accessible
Apr 6 13:31:40 iPhone daemon.notice openvpn[1558]: OpenVPN 2.5.1 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [MH/PKTINFO] [AEAD] built on Mar 26 2021
Apr 6 13:31:40 iPhone daemon.notice openvpn[1558]: library versions: OpenSSL 1.1.1j 16 Feb 2021, LZO 2.09
Apr 6 13:31:40 iPhone daemon.notice openvpn[1559]: MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16
Apr 6 13:31:40 iPhone daemon.warn openvpn[1559]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Back to top
StillBlue DD-WRT User Joined: 11 Apr 2009 Posts: 257 Location: UK
Posted: Tue Apr 06, 2021 12:33 Post subject:
I cannot seem to get any joy at all out of it.
Status->OpenVPN page still doesn't work and freezes the web service on the router as soon as you try and access the page.
Back to top
StillBlue DD-WRT User Joined: 11 Apr 2009 Posts: 257 Location: UK
Posted: Tue Apr 06, 2021 12:35 Post subject:
root@iPhone:~# ps | grep openvpn
1559 root 3840 S openvpn --config /tmp/openvpncl/openvpn.conf --daemo
1591 root 1572 S grep openvpn
root@iPhone:~#
Back to top
egc DD-WRT Guru Joined: 18 Mar 2014 Posts: 12922 Location: Netherlands
Posted: Tue Apr 06, 2021 12:45 Post subject:
If things go awry when you add the keys/certs then that is where the problem lies.
OpenVPN does not want to start because of a major configuration error usually that means something wrong with the keys.
Make sure you have pasted the whole key including all the hyphens at the beginning and the end.
Make sure not to put anything in the additional config for starters (you might need tun-mtu-extra 32
and mssfix 1450 ) _________________ Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read): https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Back to top
StillBlue DD-WRT User Joined: 11 Apr 2009 Posts: 257 Location: UK
Posted: Tue Apr 06, 2021 12:56 Post subject:
I have tried with the additional config empty, and the same result.
Initially I copied and pasted the keys using Wordpad, which then make me wonder if some formatting had crept in, so I have redone them from Notepad, but the same with both.
Back to top
egc DD-WRT Guru Joined: 18 Mar 2014 Posts: 12922 Location: Netherlands
Posted: Tue Apr 06, 2021 13:34 Post subject:
I think there is an error in the additional config
As a start do not put anything it, Save, Apply and reboot.
If the OpenVPN client starts (you have output on the OpenVPN status page) but not a good connection add tun-mtu-extra 32 and mssfix 1450
Also use udp4 as tunnel protocol instead of plain udp _________________ Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read): https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Back to top
StillBlue DD-WRT User Joined: 11 Apr 2009 Posts: 257 Location: UK
Posted: Tue Apr 06, 2021 17:10 Post subject:
I have emptied the additional config completely, but unfortunately still the same issue.
Also tried with upd4 too, and still the same.
Are there any places you can suggest to gather any errors that may be happening?
Thanks
Back to top
StillBlue DD-WRT User Joined: 11 Apr 2009 Posts: 257 Location: UK
Posted: Wed Apr 07, 2021 10:10 Post subject:
OK, serial output is giving me this.
ApplyTake:submit_button=[PPTP] service=[pptp] action=[3]
pptpd : daemon successfully stopped
openvpn : OpenVPN daemon (Client) starting/restarting...
ApplyTake:submit_button=[PPTP] service=[pptp] action=[3]
openvpn : OpenVPN daemon (Client) successfully stopped
pptpd : daemon successfully stopped
openvpn : OpenVPN daemon (Client) hanging, send SIGKILL
The kernel doesn't support the ebtables 'nat' table.
openvpn : OpenVPN daemon (Client) starting/restarting...
Back to top