[OusTLEaNdAmo]

Router Model: Linksys WRT3200ACM
Firmware Version: DD-WRT v3.0-r44048 (08/02/20)
Kernel Version: Linux 4.9.231 #1979 SMP Sun Aug 2 03:35:09 +03 2020 armv7l

Trying to setup OpenVPN client to connect to a private VPN service attached to my SeedBox (http://ultra.cc).

I download an ovpn config file from my setup panel and use the setting, key, certs from there.

OpenVPN seems to connect, but in doing so all traffic is cut off.

When I SSH into the router I can ping outside IP's, like googles 8.8.8.8. I am not able to do so from CMD in windows.

My thinking is therefor that DD-WRT for some reason isn't letting traffic through to the VPN and just blocks it for some reason.

I've looked through the wiki (https://wiki.dd-wrt.com/wiki/index.php/OpenVPN#Troubleshooting), not really finding anything.

Running ifconfig shows that tun1 is up and running
[img]https://ibb.co/6X5DM6d[/img]

My setup is as follows, keeping it as simple as possible. Cypher and hash are same clien and serverside.
[img]https://ibb.co/hfT81hr[/img]

As the log states, after initial connection and handshake the client connects/disconnects in an endless loop. Making me think that it is serverside that the problems occur?

[egc]

To get the best out of DDWRT and the forum read the forum guidelines full of helpful pointers:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087

What build and what router do you have (see the forum guidelines)

I will transfer this thread to a more appropriate forum (see forum guidelines)

For some general information see the OpenVPN documentation link in my signature at the bottom especially for you the OpenVPN Client setup guide

[egc]

As NAT is enabled I would focus on compression settings.
The usual suspects for connection but no traffic are NAT and compression

UltaCC does that mean you have setup your own server?
If so disable compression on both sides, compression is a security risk and is soon to be deprecated.

Your cipher settings are also not optimal but a connection is taking place with AES-256-GCM which is the default of OpenVPN 2.5, if you control both sides use ChachaPoly

[OusTLEaNdAmo]

Thank you, and sorry for posting in the wrong forum. A lot of information to take in for a newbie.

I looked at the documentation in your signature, even before posting.

Running DD-WRT v. 30-r44715 on a Linksys 3200ACM

I tried your suggestion with changing compression and cipher, it does connect a lot faster, but still not letting any traffic through. I'll look deeper into that, guess I need to direct traffic through OVPN.

UltraCC is a seedbox service, where I can run openvpn through their pre-configured setup on my slot. So I have no serverside control.

[egc]

44715 is not exactly a recommended build (not that I think that that is the main problem)

See for the recommended builds and how to research the forum guidelines, the Linksys routers can be picky regarding wireless so research carefully or ask in the Marvel forum

Use "verb 5" on the client side to get more information.
*Do not place anything else in the Additional Config*

You have to track down whether there is no traffic at all or if traffic stops at the server use ping/traceroute.

As said Compression should be disabled on both sides but as you can not control it it is guessing.
A lot of older setups use Compression Adaptive
So for Compression try
Adaptive or No

[kernel-panic69]

UltraCC or UltraVPN? Would've helped had you linked the provider's website.

https://ultra.cc/

https://ultravpn.com/

[egc]

I saw you marked the thread as solved

Glad you could make it work.

Can you share what solved it?
It can be important for others in the same situation and for us to learn from.

[OusTLEaNdAmo]

Well I didn't exactly solve it yet.

However I realized that I have not been thorough enough before posting a new topic. And since I can't close the thread it felt like the next best thing to do.

I also feel quite certain that the pointers you have already given will lead me to a successful setup.

And I will post back when I do have a solid solution.

[egc]

Thanks

[OusTLEaNdAmo]

I've updated the first post to better follow forum guidelines. And adding info after reading and fiddling.

[egc]

Enable NAT

[OusTLEaNdAmo]

OH GOD

Thank you

[egc]

Some more observations: you are using an older build, I know that this is a linksys favourite, but I saw a user reporting in the 47282 build thread success for your router.
Not saying you should update though as that is not the problem you are facing now.

Furthermore Enable Verify Server Cert. in the GUI (also not your current problem but that is what it is complaining about)

[OusTLEaNdAmo]

Again, thank you

I was looking for a list of recommended versions, but couldn't find one. Was looking at another thread which was from august this year, where the build i flashed was recommended.

I think for now I'll stick with it, as everything seems to be working fine.

I activated verify server cert. but the loop is still there. But it's still working fine.

Now I gotta figure out how to route certain things around the VPN

The fun never stops

[egc]

Glad you solved it

Indeed this is not a bad build so stick with it for the time being.

About the routing, that is a tricky one as it also depends on server settings.
On the client you can control if all traffic should go to the Server or only specific traffic.

For a site-to-site setup which is necessary if you want to connect to your server e.g. with your phone and via the server connect to your DDWRT client you need server side settings (explained in the OpenVPN server setup guide)

Have fun

For posterity:
1. A picture of the settings is very helpful (so I could spot the NAT)
2. Connection but no traffic is often a NAT or Compression problem