DD-WRT :: View topic - OpenVPN not working on build 14929??

OpenVPN not working on build 14929??

DD-WRT Forum Index -> Broadcom SoC based Hardware

Author

Message

charmander
DD-WRT User

Joined: 22 Jun 2013
Posts: 81

Posted: Thu Sep 19, 2013 1:13 Post subject: OpenVPN not working on build 14929??
Hello, I have been unable to get the OpenVPN to work on DD-WRT v24-sp2 (08/12/10) vpn build 14929. I have tried it on two different wrt54gl routers. When the OpenVPN daemon is started in the web gui, the service never actually starts. I can check by running "ps \| grep vpn". Anyone else having this problem?

Sponsor

wabe
DD-WRT Guru

Joined: 17 Jun 2006
Posts: 889

Posted: Thu Sep 19, 2013 11:47 Post subject:
I run 14929vpn on a wrt54gl. Works fine! I've setup everything as a startup script using the method described in the wiki, http://www.dd-wrt.com/wiki/index.php/OpenVPN_-_Site-to-Site_routed_VPN_between_two_routers I have not tried to use the VPN-tab under "Services" however and cannot tell if there is a problem there

charmander
DD-WRT User

Joined: 22 Jun 2013
Posts: 81

Posted: Thu Sep 19, 2013 15:40 Post subject:
Thanks for your reply. Is there any way to use this method without the site to site configuration? I only want to set this up for one remote laptop to connect to the router.

wabe
DD-WRT Guru

Joined: 17 Jun 2006
Posts: 889

Posted: Fri Sep 20, 2013 16:41 Post subject:

charmander wrote:

Is there any way to use this method without the site to site configuration? I only want to set this up for one remote laptop to connect to the router.

Sure! Just adjust the openvpn commands on the router to set it up as a server. The download openvpn to your PC and setup the ovpn-file for client mode. Don't forget to setup a firewall rule on the router

charmander
DD-WRT User

Joined: 22 Jun 2013
Posts: 81

Posted: Sat Sep 21, 2013 15:03 Post subject:

Can you edit the following configs for use in a client/server setup? I'm not sure what to do. I'm assuming the client config would be on the client machine, not in the router config, so some of those lines should be edited out.

Code:

# Move to writable directory and create scripts
cd /tmp
ln -s /usr/sbin/openvpn /tmp/myvpn

# Config for Client
echo "
remote
proto udp
port 1194
dev tun0
secret /tmp/static.key
verb 3
comp-lzo
keepalive 15 60
daemon
" > Client

# Config for Static Key
echo "
-----BEGIN OpenVPN Static key V1-----

-----END OpenVPN Static key V1-----

" > static.key

# Create interfaces
/tmp/myvpn --mktun --dev tun0
ifconfig tun0 10.0.0.2 netmask 255.255.255.0 promisc up

# Create routes
route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.0

# Initiate the tunnel
sleep 5
/tmp/myvpn --config Client.conf

Also, what do you see when you run "ps" at the console? I see the following:

Code:

PID USER VSZ STAT COMMAND
1 root 1284 S /sbin/init noinitrd
2 root 0 SW [keventd]
3 root 0 RWN [ksoftirqd_CPU0]
4 root 0 SW [kswapd]
5 root 0 SW [bdflush]
6 root 0 SW [kupdated]
10 root 0 SW [mtdblockd]
15 root 1664 S watchdog
106 root 1620 S resetbutton
243 root 1660 S pppd file /tmp/ppp/options.pppoe
244 root 1664 S /tmp/ppp/redial 30
292 root 1528 S nas -P /tmp/nas.wl0lan.pid -H 34954 -l br0 -i eth1 -A
467 root 2632 S httpd -p 80
534 root 1548 S process_monitor
541 root 2372 S /tmp/myvpn --config Router.conf
551 root 700 S cron
556 root 820 S inadyn -u --input_file /tm
795 root 1620 S wland
2126 root 688 S udhcpd /tmp/udhcpd.conf
2185 root 1176 S telnetd
2237 root 1176 S syslogd -L
2241 root 1176 S klogd
2434 root 1196 S -sh
5981 root 1180 R ps
oot@DD-WRT:~#

I don't think the line " /tmp/myvpn --config" indicates that the vpn service is running.

wabe
DD-WRT Guru

Joined: 17 Jun 2006
Posts: 889

Posted: Sun Sep 22, 2013 8:41 Post subject:
The output from the 'PS' command shows that openvpn is running. Take a look at this link for example configurations or search for 'openvpn' on dd-wrt for a suitable configuration: http://openvpn.net/index.php/open-source/documentation/miscellaneous/78-static-key-mini-howto.html

MrFidget
DD-WRT User

Joined: 15 Jul 2010
Posts: 378

Posted: Tue Sep 24, 2013 21:05 Post subject:
Hi, I have been using v15962 in production for some time now on Cisco E3000 and Netgear WNR3500L routers There are some additional configuration options that make it work better such as the option to turn off no dns rebind when joining LANs. Not too sure what its like on the older WRT based routers though Cheers Chris

ajka
DD-WRT Novice

Joined: 13 Jun 2013
Posts: 3

Posted: Tue Nov 05, 2013 18:00 Post subject:
@MrFidget hello, I also use v15962 and I cant config OpenVPN server. Can you please post your configuration of openvpn server, firewall rules if they are necessary and client config file. I'm totaly lost... Thanks

onix
DD-WRT User

Joined: 22 Oct 2006
Posts: 188

Posted: Thu Dec 12, 2013 18:49 Post subject:

This is the build that I run on WRT54GL v1.1 -- DD-WRT v24-sp2 (04/07/12) vpn-small (SVN revision 18946M NEWD Eko)

I have not tried OpenVPN, only use it as a Repeater, but it's been working fine for 11 months. I also telnet --> erase nvram --> webgui upgrade --> erase nvram every time I upgrade the firmware.
_________________
WRT54GL v1.1 - DD-WRT v24-sp2 (04/07/12) vpn-small (SVN revision 18946M NEWD Eko)
WZR-HP-AG300H - DD-WRT v3.0-r30082 std (07/01/16)

MrFidget
DD-WRT User

Joined: 15 Jul 2010
Posts: 378

Posted: Thu Dec 12, 2013 21:42 Post subject:

FYI

This is the cat command of the openvpn.conf. The first line is the cat command....

additional options start at the # comment

Code:

root@gateway:~# cat /tmp/openvpn/openvpn.conf
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
keepalive 10 120
verb 4
mute 5
log-append /var/log/openvpn
tls-server
port 11198
proto udp
cipher bf-cbc
auth sha1
management 127.0.0.1 5002
management-log-cache 50
mtu-disc yes
topology subnet
ifconfig-pool-persist /tmp/openvpn/ip-pool 86400
comp-lzo yes
client-to-client
tls-cipher AES128-SHA
fast-io
tun-mtu 1500
mssfix 1450
fragment 1450
server 172.22.66.128 255.255.255.192
dev tun0
# 21c Routing Table
client-config-dir /tmp/openvpn/clients
# Internal LAN Subnet
push "route 192.168.231.0 255.255.255.0"
# Alexandria
push "route 192.168.80.0 255.255.255.0 5"
route 192.168.80.0 255.255.255.0 172.22.66.129
# Travel
push "route 172.16.55.0 255.255.255.0 5"
route 172.16.55.0 255.255.255.0 172.22.66.129

Here is the admin -> commands -> startup stuff

Code:

# OpenVPN internal routes
#
mkdir -p /tmp/openvpn/
mkdir -p /tmp/openvpn/clients
# Alexandria
echo "iroute 192.168.80.0 255.255.255.0" > /tmp/openvpn/clients/alexandria
# Travel
echo "iroute 172.16.55.0 255.255.255.0" > /tmp/openvpn/clients/travel

I just had my router go south on me. Had to 30-30-30 after 12 months trouble free. Third one this week. Something got munched in the NVRAM.

I may have left something out like the dhcp options for the laptop client. I'll fix those up when I get a chance. The config backup I had was a bit old.

Good luck. Let us know how you go

Chris

Display posts from previous:

Page 1 of 1

DD-WRT Forum Index -> Broadcom SoC based Hardware

All times are GMT

Navigation

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum

Log in

OpenVPN not working on build 14929??

Quick Links

Log in