VPN woes

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.)
Author Message
DD-WRT Novice

Joined: 14 Nov 2017
Posts: 30
Location: Scania, Sweden

PostPosted: Wed Sep 09, 2020 20:36    Post subject: VPN woes Reply with quote
There a lot of good reasons to have a VPN service on you router. In a weak moment I thought that would be a good idea.
I found a write-up and followed it. No joy.
I found another write-up and followed that. No joy.
Then you start look for what you might have done wrong. Again and again. Maybe your find something, maybe not. The result is the same. No joy.
Then you fine-combed everything, you just start changing parameters, to see if you come across som bug, feature or mishap, by chance. The result is the same. No joy.
Then you start changing groups of parameters, you know, trial and horror. The result is the same. No joy.
If you are not out to kill time, what is DD-WRT for?

Linksys WRT3200ACM: DD-WRT r41418
Linksys LGS116P Switch
Linksys EA6300: Original firmware, as bridge
Ubiqity Unifi AP AC Lite
Ubiqity Unifi AP AC LR
Ubiqity Unifi AP AC Pro

Joined: 04 Aug 2018
Posts: 1328
Location: Appalachian mountains, USA

PostPosted: Wed Sep 09, 2020 21:59    Post subject: Reply with quote
OpenVPN has improved a tremendous amount since your ancient build came out. Time to upgrade. I'd try 44048 as the least-risk modern build (but see that new-build thread in this forum).

Then for a guide to setting up an OpenVPN server, find any post by egc, easily found in the Advanced Networking forum, and check his signature.

For an OpenVPN client for a commercial provider, follow the guide from your VPN provider except (1) try it first with no "Additional Config" options and (2) don't add any iptables commands except a kill switch. Those guides are invariably for those intending all router traffic to go over the VPN. If you only want traffic from certain interfaces, subnets, machines, etc. to route over the vpn, see egc's guide to Policy Based Routing, also in his signature. I believe it covers kill switches as well (but it's been awhile since I looked).

With a new build like 44048, you also have wireguard as an alternative to OpenVPN. It's faster but requires you to commit to a single server (not just a load-balancing domain name). See the egc guides, in his signature or as sticky posts at the top of the Advanced Networking forum.

Before you upgrade your firmware, be real sure you are familiar with the Cliff Notes sticky at the top of this forum. I suspect you are, but it's worth a review, since you have not done it in awhile. The business about controlling what partition you are flashing is especially important if you want to keep your current build as backup. You're leaping across so much time buildwise that re-entering your config from scratch is safest, if it isn't so complex as to drive you insane doing it.

If you want to do a dirty flash instead of a reset, consider doing it in steps, first upgrading to something inbetween, or maybe more than one something, like 37736 and 40009, two that I had little trouble with. Careful about partitions.

Best reset method is nvram erase && reboot in the CLI. Don't rush it after flashing. Give dd-wrt a few minutes after the flash before you touch anything. It has a lot to do to get set up.

Six Linksys WRT1900ACSv2 routers on 48141: VLANs, VAPs, NAS, client mode, OpenVPN client (AirVPN), DDNS, wireguard servers and clients (AzireVPN), three DNSCrypt DNS providers (incl Quad9) via VPN clients.

Joined: 01 Jul 2018
Posts: 367

PostPosted: Wed Sep 09, 2020 22:09    Post subject: Reply with quote
It sounds like you have confirmed that your VPN setup is correct in every way. From past experience I can only recommend that you reboot both your modem and router after completing the VPN setup.

Just something to try. Disregard my post if you have already tried this.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.) All times are GMT


Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum