Author
Message
slybin DD-WRT Novice Joined: 08 Jun 2011 Posts: 5
Posted: Mon Apr 08, 2019 12:56 Post subject: Can't connect http to DD-WRT when connected with OpenVPN
Hi,
Router: Netgear R7000
Firmware: R37015M kongac
OpenVPN: 2.4.6
I updated my firmware, last week, and since then I can't connect to DD-WRT web interface when I'm connected with OpenVPN but I can connect ssh to the router.
I'm running an OpenVPN tunnel in a ssh tunnel.
OpenVPN server config:
push "route 192.168.58.0 255.255.255.0"
server 192.168.99.0 255.255.255.0
dev tun0
proto tcp4
port 1194
keepalive 10 120
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
management localhost 5001
Firewall rules:
iptables -I INPUT 1 -p tcp --dport 1194 -j ACCEPT
iptables -I FORWARD 1 --source 192.168.99.0/24 -j ACCEPT
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -t nat -I POSTROUTING -o tun0 -j MASQUERADE
Any idea what the problem is?
Thanks,
Serge
Back to top
Sponsor
egc DD-WRT Guru Joined: 18 Mar 2014 Posts: 12922 Location: Netherlands
Posted: Mon Apr 08, 2019 13:55 Post subject:
First of all these kind of problems are better dealt with in the advanced networking forum.
You do not show us the log/status page of the OVPN server, that is very helpfull when trouble shooting.
Why are you using dev tun0?
If you delete that line you can delete all firewall rules as those are taken care of by DDWRT.
For a setup guide and troubleshooting guide see my signature (bottom of this page).
That said when coming from an older build (= older VPN version) it is often necessary to regenerate your certificates because the minimum keysize has been upped (use keysize 2048). _________________ Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read): https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Back to top
slybin DD-WRT Novice Joined: 08 Jun 2011 Posts: 5
Posted: Mon Apr 08, 2019 14:35 Post subject:
Sorry about the wrong forum.
I updated from a June 2015 Kong firmware and using the how-to I found then, it's how I made it worked. The how-to was using tun0.
I had to re-create my certificates last April since they became out of date.
I will read your OpenVPN server setup guide.
Thanks,
Back to top