Posted: Tue Feb 27, 2024 5:40 Post subject: iptables what changed?
upgraded a WRT3200 from r50841 to r55179. i've upgraded to lower revs as well and noticed that my openvpn no longer has server to client network connectivity. was there a change in the iptables in the last year? anyone know what I need to do to re-establish server-client connectivity? (note client-server direction works fine)
here the tutorial I used a while back to make it work in the first place.
Joined: 18 Mar 2014 Posts: 12922 Location: Netherlands
Posted: Tue Feb 27, 2024 9:22 Post subject:
I moved your thread to the appropriate Advanced networking forum.
See the forum guidelines with helpful pointers about how to research your router, where and what firmware to download, where and how to post and many other helpful tips:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
so i've checked out that document (it is great btw) but I'm still having issues with 1way traffic. when originating from the Server. I have to be missing something with the firewall rule or it's not working right. can you help me figure out out?
server 192.168.1.0/24
client 192.168.2.0/24
ovpn network 192.168.254.0/24
from server I can ping the 192.168.254.x/24 ip that gets assigned by the OVPN server. but can't ping the local net. which firewall or radio button am I missing here?
everything works on r50841
when my linksys 3200ACM is upgraded to r55179 the 1way issue comes up. as described below. if I downgrade to r50841 everything works again.
ok so I just kept loading FW until I found the break. It works fine on R54652 broken in R54682 and beyond. so back to the original question... what changed?
egc,
Thank you, I actually added the Disable-DCO server side and everything works just fine. Odd, this is a VPN between two Linksys WRT3200ACM routers on the same firmware rev. Either way DCO is quite new yet, so ya get what ya get. Hopefully the finicky DCO stuff is worked out in the near future reading about it seems like it is a heck of a performance increase. With this post I have a much more lean VPN config now as well which simplifies life so much. Thanks again!