Can't connect http to DD-WRT when connected with OpenVPN

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Author Message
slybin
DD-WRT Novice


Joined: 08 Jun 2011
Posts: 5

PostPosted: Mon Apr 08, 2019 12:56    Post subject: Can't connect http to DD-WRT when connected with OpenVPN Reply with quote
Hi,

Router: Netgear R7000
Firmware: R37015M kongac
OpenVPN: 2.4.6

I updated my firmware, last week, and since then I can't connect to DD-WRT web interface when I'm connected with OpenVPN but I can connect ssh to the router.

I'm running an OpenVPN tunnel in a ssh tunnel.

OpenVPN server config:

push "route 192.168.58.0 255.255.255.0"
server 192.168.99.0 255.255.255.0
dev tun0
proto tcp4
port 1194
keepalive 10 120
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
management localhost 5001


Firewall rules:

iptables -I INPUT 1 -p tcp --dport 1194 -j ACCEPT
iptables -I FORWARD 1 --source 192.168.99.0/24 -j ACCEPT
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -t nat -I POSTROUTING -o tun0 -j MASQUERADE


Any idea what the problem is?

Thanks,

Serge
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 3921
Location: Netherlands

PostPosted: Mon Apr 08, 2019 13:55    Post subject: Reply with quote
First of all these kind of problems are better dealt with in the advanced networking forum.

You do not show us the log/status page of the OVPN server, that is very helpfull when trouble shooting.

Why are you using dev tun0?
If you delete that line you can delete all firewall rules as those are taken care of by DDWRT.

For a setup guide and troubleshooting guide see my signature (bottom of this page).

That said when coming from an older build (= older VPN version) it is often necessary to regenerate your certificates because the minimum keysize has been upped (use keysize 2048).

_________________
Routers:Netgear R7800, Netgear R6400v1, Netgear R6400v2, Linksys EA6900 (XvortexCFE), Linksys E2000 (converted WRT320N), WRT54GS v1.
Install guide Linksys EA6900: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=291230
Simple PBR (Policy Based Routing) script: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318662
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN Server Setup:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
slybin
DD-WRT Novice


Joined: 08 Jun 2011
Posts: 5

PostPosted: Mon Apr 08, 2019 14:35    Post subject: Reply with quote
Sorry about the wrong forum.

I updated from a June 2015 Kong firmware and using the how-to I found then, it's how I made it worked. The how-to was using tun0.

I had to re-create my certificates last April since they became out of date.

I will read your OpenVPN server setup guide.

Thanks,
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum