Firewall Protection = Disable (In older builds Enable Firewall Protection Due to "Inbound Firewall on TUN" doesn't exist. It's recommended to run Kill Switch Code: of your choice below)
I don't have this option in Services-VPN->OpenVPN Client.
Having a quick look at all files in /tmp/openvpncl, everything looks in order, and nothing looks corrupt, so it appears ca.crt, credentials, openvpn.conf, ta.key are all created correctly and route-down.sh and route-up.sh
Something I haven't mentioned is I am using a wrt54g-tm I don't know if perhaps things have got too big now for the available memory, although it doesn't look that way.
Before when I had it installed I as running some of it out of JFFS (the config,certs,keys up and down scripts etc) which was bound to the SD card, as at the time OpenVPN wasn't in the revision of DD-WRT I was running. Unfortunately when I updated and with the MMC mod bug that wiped the card, everything I had on there was destroyed.
Jan 1 00:00:09 iPhone user.info syslog: openvpn : OpenVPN daemon (Client) starting/restarting...
Jan 1 00:00:15 iPhone daemon.warn openvpn[250]: WARNING: Using --management on a TCP port WITHOUT passwords is STRONGLY discouraged and considered insecure
Jan 1 00:00:15 iPhone daemon.warn openvpn[250]: WARNING: file '/tmp/openvpncl/credentials' is group or others accessible
Jan 1 00:00:15 iPhone daemon.notice openvpn[250]: OpenVPN 2.5.1 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [MH/PKTINFO] [AEAD] built on Mar 26 2021
Jan 1 00:00:15 iPhone daemon.notice openvpn[250]: library versions: OpenSSL 1.1.1j 16 Feb 2021, LZO 2.09
Jan 1 00:00:15 iPhone daemon.notice openvpn[294]: MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16
Jan 1 00:00:15 iPhone daemon.warn openvpn[294]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jan 1 00:00:52 iPhone user.info syslog: openvpn : OpenVPN daemon (Client) successfully stopped
Jan 1 00:00:54 iPhone user.info syslog: openvpn : OpenVPN daemon (Client) hanging, send SIGKILL
Jan 1 00:00:55 iPhone user.info syslog: openvpn : OpenVPN daemon (Client) starting/restarting...
Jan 1 00:00:55 iPhone daemon.warn openvpn[666]: WARNING: Using --management on a TCP port WITHOUT passwords is STRONGLY discouraged and considered insecure
Jan 1 00:00:55 iPhone daemon.warn openvpn[666]: WARNING: file '/tmp/openvpncl/credentials' is group or others accessible
Jan 1 00:00:55 iPhone daemon.notice openvpn[666]: OpenVPN 2.5.1 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [MH/PKTINFO] [AEAD] built on Mar 26 2021
Jan 1 00:00:55 iPhone daemon.notice openvpn[666]: library versions: OpenSSL 1.1.1j 16 Feb 2021, LZO 2.09
Jan 1 00:00:55 iPhone daemon.notice openvpn[667]: MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16
Jan 1 00:00:55 iPhone daemon.warn openvpn[667]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
root@iPhone:/tmp/var/log#
I am having zero luck with this, same no matter what I try. It freezes up the web interface the moment you try and click on Status->OpenVPN, and the web interface is inaccessible until after a power cycle.
I think unless there are any other suggestions, the best I can do is try and set it up outside of the GUI, and see where it goes wrong. The issue is at the moment, I have zero idea exactly where it is going wrong.
Nordvpn now push their DNS through the tunnel. _________________ Netgear R7800 PPPoE Main Router
Network IPV4 - Isolated Vlan's with IoT Devices. Unifi AC-Pro x 3 AP's, Router Wi-Fi Disabled. OVPN Server With Paid Commercial Wireguard Client's. Gateway Mode, DNSMasq, Static Leases & DHCP, Pi-Hole DNS & Running Unbound.
No one can build you the bridge on which you, and only you, must cross the river of life!
What router are you trying to run OVPN client on?
Maybe your CPU is not fast enough to handle OpenVPN
StillBlue wrote:
I am having zero luck with this, same no matter what I try. It freezes up the web interface the moment you try and click on Status->OpenVPN, and the web interface is inaccessible until after a power cycle.
I think unless there are any other suggestions, the best I can do is try and set it up outside of the GUI, and see where it goes wrong. The issue is at the moment, I have zero idea exactly where it is going wrong.
_________________ Netgear R7800 PPPoE Main Router
Network IPV4 - Isolated Vlan's with IoT Devices. Unifi AC-Pro x 3 AP's, Router Wi-Fi Disabled. OVPN Server With Paid Commercial Wireguard Client's. Gateway Mode, DNSMasq, Static Leases & DHCP, Pi-Hole DNS & Running Unbound.
No one can build you the bridge on which you, and only you, must cross the river of life!
I thought I would try and run the following as a startup script instead of using the built in scripts, but it ended up in the same way as the built in ones. Locked up solid. At least this way, I hope to work out why, as like I said, in the older versions before I upgraded and broke everything, I had NordVPN working perfectly with DD-WRT on this same router.
A few tweaks and things to play with now at least to see if I can breath life into this version. See if I can work out what causes it to fall over (which I half assume is that it doesn't work at all looking at things so far).
I guess worst case is I could script to kill all openvpn processes, then bring it up from optware or the likes (assuming it will work from there on the newer releases).
As I say, it did used to work fine, until I updated.
Yep, it certainly does seem that OpenVPN doesn't work anymore in the K24 versions.
I have tried with pretty much zero config, and it errors straight out. I have gone back to my 2012 build, and it works straight away (along with the MMC/SD Mod).
I will attempt to work out what is going on in the current builds, but as per the MMC/SD mod issue, its no good working on solving it, when compiling the sources is near on impossible anyway in order that you can test it.