currently running:
Firmware: DD-WRT v3.0-r39855 std (05/25/19)
on tp-link tl-wr1043nd v3.
manually configured the route following the posts in the thread mentioned above.
which now gave me the following outputs on these commands.
ping 8.8.8.8:
PING 8.8.8.8 (8.8.8.: 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=58 time=215.131 ms
64 bytes from 8.8.8.8: seq=1 ttl=58 time=82.224 ms
64 bytes from 8.8.8.8: seq=2 ttl=58 time=98.765 ms
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 82.224/132.040/215.131 ms
ping cnn.com:
PING cnn.com (151.101.129.67): 56 data bytes
64 bytes from 151.101.129.67: seq=0 ttl=59 time=82.219 ms
64 bytes from 151.101.129.67: seq=1 ttl=59 time=81.780 ms
64 bytes from 151.101.129.67: seq=2 ttl=59 time=81.885 ms
--- cnn.com ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 81.780/81.961/82.219 ms
Route:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.252.204.69 128.0.0.0 UG 0 0 0 tun1
default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
10.252.204.1 10.252.204.69 255.255.255.255 UGH 0 0 0 tun1
10.252.204.69 * 255.255.255.255 UH 0 0 0 tun1
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
128.0.0.0 10.252.204.69 128.0.0.0 UG 0 0 0 tun1
192.168.0.0 * 255.255.255.0 U 0 0 0 br0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
193.148.18.148 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0
Although this now seems to be functional to the laymens eye, internet is blocked when the openvpn is activated to all machines connected to the router by utp and wireless.
as 10.252.204.69 is not my isp's ip adres i feel like the vpn is indeed up and running but that something blocks the net to my attached machines.
i tried checking with iplocation.net but that only returns the isp adres even though i entered the 10.252.204.69 in the lookup box.
the policy based field is empty.
it seems like a major step forward though.
kind regards
Matt.
ps: syslog gives some security warnings. i have posted the log here below.
Last edited by spikey1973 on Mon May 27, 2019 21:50; edited 1 time in total
May 27 21:42:51 r39855 user.info : pptpd : daemon successfully stopped
May 27 21:42:52 r39855 user.info : openvpn : OpenVPN daemon (Client) starting/restarting...
May 27 21:42:52 r39855 daemon.warn openvpn[5286]: WARNING: Using --management on a TCP port WITHOUT passwords is STRONGLY discouraged and considered insecure
May 27 21:42:52 r39855 daemon.warn openvpn[5286]: WARNING: file '/tmp/openvpncl/client.key' is group or others accessible
May 27 21:42:52 r39855 daemon.warn openvpn[5286]: WARNING: file '/tmp/openvpncl/credentials' is group or others accessible
May 27 21:42:52 r39855 daemon.notice openvpn[5286]: OpenVPN 2.4.7 mips-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on May 25 2019
May 27 21:42:52 r39855 daemon.notice openvpn[5286]: library versions: OpenSSL 1.1.1b 26 Feb 2019, LZO 2.09
May 27 21:42:52 r39855 daemon.notice openvpn[5288]: MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16
May 27 21:42:52 r39855 daemon.warn openvpn[5288]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
May 27 21:42:52 r39855 daemon.warn openvpn[5288]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
May 27 21:42:52 r39855 daemon.notice openvpn[5288]: TCP/UDP: Preserving recently used remote address: [AF_INET]193.148.18.149:443
May 27 21:42:52 r39855 daemon.notice openvpn[5288]: Socket Buffers: R=[87380->87380] S=[16384->16384]
May 27 21:42:52 r39855 daemon.notice openvpn[5288]: Attempting to establish TCP connection with [AF_INET]193.148.18.149:443 [nonblock]
May 27 21:42:53 r39855 daemon.notice openvpn[5288]: TCP connection established with [AF_INET]193.148.18.149:443
May 27 21:42:53 r39855 daemon.notice openvpn[5288]: TCPv4_CLIENT link local: (not bound)
May 27 21:42:53 r39855 daemon.notice openvpn[5288]: TCPv4_CLIENT link remote: [AF_INET]193.148.18.149:443
May 27 21:42:53 r39855 daemon.notice openvpn[5288]: TLS: Initial packet from [AF_INET]193.148.18.149:443, sid=15df7d41 4703ad55
May 27 21:42:53 r39855 daemon.warn openvpn[5288]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
May 27 21:42:53 r39855 daemon.notice openvpn[5288]: VERIFY OK: depth=1, C=RO, L=Bucharest, O=CyberGhost S.A., CN=CyberGhost Root CA, emailAddress=info@cyberghost.ro
May 27 21:42:53 r39855 daemon.notice openvpn[5288]: VERIFY OK: depth=0, C=RO, L=Bucharest, O=CyberGhost S.A., CN=CyberGhost VPN Server Node newyork-s13, emailAddress=info@cyberghost.ro
May 27 21:42:54 r39855 daemon.notice openvpn[5288]: Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
May 27 21:42:54 r39855 daemon.notice openvpn[5288]: [CyberGhost VPN Server Node newyork-s13] Peer Connection Initiated with [AF_INET]193.148.18.149:443
May 27 21:42:55 r39855 daemon.notice openvpn[5288]: SENT CONTROL [CyberGhost VPN Server Node newyork-s13]: 'PUSH_REQUEST' (status=1)
May 27 21:42:56 r39855 daemon.notice openvpn[5288]: PUSH: Received control message: 'PUSH_REPLY,sndbuf 393216,rcvbuf 393216,comp-lzo no,redirect-gateway def1,dhcp-option DNS 38.132.106.139,dhcp-option DNS 194.187.251.67,dhcp-option DNS 185.93.180.131,route 10.251.204.1,to
May 27 21:42:56 r39855 daemon.notice openvpn[5288]: OPTIONS IMPORT: timers and/or timeouts modified
May 27 21:42:56 r39855 daemon.notice openvpn[5288]: NOTE: --mute triggered...
May 27 21:42:56 r39855 daemon.notice openvpn[5288]: 2 variation(s) on previous 3 message(s) suppressed by --mute
May 27 21:42:56 r39855 daemon.notice openvpn[5288]: Socket Buffers: R=[331520->344064] S=[45440->344064]
May 27 21:42:56 r39855 daemon.notice openvpn[5288]: OPTIONS IMPORT: --ifconfig/up options modified
May 27 21:42:56 r39855 daemon.notice openvpn[5288]: OPTIONS IMPORT: route options modified
May 27 21:42:56 r39855 daemon.notice openvpn[5288]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
May 27 21:42:56 r39855 daemon.notice openvpn[5288]: NOTE: --mute triggered...
May 27 21:42:56 r39855 daemon.notice openvpn[5288]: 3 variation(s) on previous 3 message(s) suppressed by --mute
May 27 21:42:56 r39855 daemon.notice openvpn[5288]: Data Channel: using negotiated cipher 'AES-256-GCM'
May 27 21:42:56 r39855 daemon.notice openvpn[5288]: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
May 27 21:42:56 r39855 daemon.notice openvpn[5288]: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
May 27 21:42:56 r39855 daemon.notice openvpn[5288]: TUN/TAP device tun1 opened
can i ask additionally if, to your knowledge, there is any way to store multiple vpn profiles in dd-wrt so one (me in this case, but i doubt that i would be the only one interested) could swith easily between the profiles?