Openvpn, policy based routing problem connection

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Goto page Previous  1, 2
Author Message
alemaz
DD-WRT Novice


Joined: 17 Oct 2018
Posts: 16

PostPosted: Sat Oct 20, 2018 13:39    Post subject: Reply with quote
Maybe I got there! I entered the ip in the pbr, I did not enter the route-nopull string. I entered the string in the firewall, restarted and now it seems to work !! thank you so much hope we have solved it !!
Sponsor
alemaz
DD-WRT Novice


Joined: 17 Oct 2018
Posts: 16

PostPosted: Sat Oct 20, 2018 13:52    Post subject: Reply with quote
But I have a problem;) after restarting the router does not let me enter the settings, I see the main jokes, ask me user and password but always requires me ....
The credentials that I enter are correct also because I have always logged in and I entered telnet a little while ago ....
what happened??
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Sat Oct 20, 2018 13:58    Post subject: Reply with quote
What could have happend is:
You included your routers address in the PBR.
You entered a firewall rule which blocks everything.

Either way you maybe have to push the reset button Sad

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
alemaz
DD-WRT Novice


Joined: 17 Oct 2018
Posts: 16

PostPosted: Sat Oct 20, 2018 14:08    Post subject: Reply with quote
Oh God I do not think I entered the ip router in the pbr ... maybe by mistake but I do not think so. Anyway I will proceed to reset at this point ... the thing that I have to explain, however, is the next.
I was able to make the whole system work as I wanted by inserting the firewall string, once everything is reset if I put everything back as it is now the problem occurs again? Ie is that string that blocks me from entering the router or I really accidentally inserted the router in the pbr?

Anyway via telnet I connect, is it normal?
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Sat Oct 20, 2018 14:31    Post subject: Reply with quote
Look at the output you posted from iptables -t nat -vnL, the POSTROUTING rule is there anyway, so you should not need it. Besides if you entered this rule correctly it should not lock you out.
My take is that you included the routers IP adress in the PBR field.

Anyway the most made mistake is adding to many rules/config. If you use a modern build DDWRT usually takes care of most things.

Keep the router at default settings, disable SFE, follow Nord's instructions and see if you have VPN working (check with ipleak.net)
When using PBR for a client with IP address of e.g. 192.168.1.89 the only thing you have to do is fill in the following in the PBR field:
Code:
192.168.1.89/32

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
@m0eb@
DD-WRT User


Joined: 26 Dec 2015
Posts: 289

PostPosted: Sat Oct 20, 2018 14:47    Post subject: Reply with quote
alemaz wrote:
If I run the command you suggested, it tells me that the file does not exist: no souch file or directory.

Now I try to check the firewall and in case add the string


This file is a run-time file created by OpenVPN when you have something in PBR. IF you have removed all IP addresses from PBR, this file will not exist. (I had wanted to check what you had used as PBR + also check that OpenVPN was accepting what you entered. This would have been possible from the output of this file.)

egc has advised you in the previous post. Please try that. Putting the router IP in the PBR is one of the most common reasons. (This is one of the few things I would have checked from the file output)

Most important: Don't panic. This is a router and not a rocket. Take this as a learning phase and you will enjoy the journey.

_________________
PROFESSIONAL STUDENT
my.Mistakes my.Learning ... provided I have the patience & persistence to learn
alemaz
DD-WRT Novice


Joined: 17 Oct 2018
Posts: 16

PostPosted: Sat Oct 20, 2018 15:37    Post subject: Reply with quote
thanks to all, I finally solved. I reset everything and redo everything I had done the first time. In the end it is what you wrote to me here, inserted dns of the vpn, inserted the vpn, reserved the ip addresses to which I wanted to give the vpn, inserted in the pbr. Now everything works ... I do not know what I had done wrong the first time, but I had done exactly that.
However the importane is that it works. thanks to all and we will resend soon since I'm starting to study the firmware now;)WinkWink
@m0eb@
DD-WRT User


Joined: 26 Dec 2015
Posts: 289

PostPosted: Sat Oct 20, 2018 18:20    Post subject: Reply with quote
alemaz wrote:
thanks to all, I finally solved. I reset everything and redo everything I had done the first time. In the end it is what you wrote to me here, inserted dns of the vpn, inserted the vpn, reserved the ip addresses to which I wanted to give the vpn, inserted in the pbr. Now everything works ... I do not know what I had done wrong the first time, but I had done exactly that.
However the importane is that it works. thanks to all and we will resend soon since I'm starting to study the firmware now;)WinkWink


So glad you resolved it. Would have been nicer to know what went wrong the first time? I guess we are past that now !

Also - NordVPN Tech Support ought to have helped you do the setup the first day itself. Connection ain't free, mate. They need to 'earn' their money.

CHEERS !!

_________________
PROFESSIONAL STUDENT
my.Mistakes my.Learning ... provided I have the patience & persistence to learn
Goto page Previous  1, 2 Display posts from previous:    Page 2 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum