[dlaroche]

Dear community.

I have setup a DD-WRT on a linksys router (old WRT-54GS) using dd-wrt.v24_vpn_generic.bin under broadcom. It's working with R36808.

I am not changing any configuration and i upgraded to latest release R43904 that includes a fix to display the OpenVPN configuration page ( support ticket #7169 ).

After the upgrade, i am unable to connect via VPN anymore. I have not change a configuration on both openvpn server and client. I have made many attempt to change parameters and searching in the forum but without success.

The error i got is (client connection)
Fri Jul 24 17:55:22 2020 MANAGEMENT: >STATE:1595606122,WAIT,,,,,,
Fri Jul 24 17:56:22 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Jul 24 17:56:22 2020 TLS Error: TLS handshake failed

I notice that there is no more TLS: Initial packet from reply.

I am posting my configuration below that works with R36808 and not with R43904

Has somebody any idea about the issue?



Home setup
-----------------

Internet -> Wireless / Router ( home DHCP ) -> Router (DD-WRT) with openvpn


client configuration:
---------------------
client
dev tun2
proto udp4
remote 192.168.8.2 1194
remote 80.218.89.21 1194
topology subnet
ca [inline]
cert [inline]
key [inline]
tls-version-min 1.2
nobind
persist-key
persist-tun
remote-cert-tls server
auth-nocache
verb 4
float
tun-mtu 1500
auth SHA256
cipher AES-256-CBC
<ca>
-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----

-----END PRIVATE KEY-----
</key>

key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----

-----END OpenVPN Static key V1-----
</tls-auth>


Router (DD-WRT) with openvpn configuration
------------------------------------------

dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
keepalive 10 120
verb 3
mute 3
syslog
writepid /var/run/openvpnd.pid
management 127.0.0.1 14
management-log-cache 100
topology subnet
script-security 2
port 1194
proto udp4
cipher aes-256-cbc
auth sha256
client-connect /tmp/openvpn/clcon.sh
client-disconnect /tmp/openvpn/cldiscon.sh
client-config-dir /tmp/openvpn/ccd
tls-server
ifconfig-pool-persist /tmp/openvpn/ip-pool 86400
client-to-client
push "redirect-gateway def1"
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
fast-io
tun-mtu 1500
mtu-disc yes
server 10.8.0.0 255.255.255.0
dev tun2
tls-auth /tmp/openvpn/ta.key 0
route-up /tmp/openvpn/route-up.sh
route-pre-down /tmp/openvpn/route-down.sh
ncp-disable
dh none
ecdh-curve secp384r1

Firewall script
---------------
WAN_IF="$(route -n | awk '/^0.0.0.0/{wif=$NF} END {print wif}')"
iptables -t nat -I POSTROUTING -s 10.8.0.0/24 -o $WAN_IF -j MASQUERADE
iptables -t nat -I POSTROUTING -o br0 -s $(nvram get openvpn_net)/$(nvram get openvpn_tunmask) -j MASQUERADE

Route information
-----------------
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.8.0 * 255.255.255.0 U 0 0 0 br0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 192.168.8.1 0.0.0.0 UG 0 0 0 br0

[egc]

You probably found the OpenVPN server setup guide (link in my signature) seeing your settings

First running an OpenVPN server on such an old router with Kernel 2.4 is not much done (performance 2-3 Mb/s?) so it might just be broken.

Regarding your settings you are using a Diffie Helmann parameter file so no need to put in:

[dlaroche]

Yes, i found it and re-align my setup before posting to make sure that i did not miss something.
It's an old router but does the job that i need (vpn access to access my domotic device).
I removed the configuration that you suggested and it is the same. Again R36808 works well and when i upgrade to R43904 it does not work.

Key used is 2048 size, status page is empty on R43904. I investigated a bit more and this is what i found comparing both version:

1. running and ifconfig on both version:
- br0:0 ... inet addr:169.254.255.1 does not exist on R43904 (should not be an issue)
- tun2 interface (10.8.0.1) does not exist on R43904: it's not be added as part of the openvpn start as far as i understand how it works.
-> all other interfaces are the same.


2. running a ps via telnet,
- R36808: /tmp/openvpnserver --config /tmp/openvpn/openvpn.con
- R43904: /tmp/openvpnserver --config /tmp/openvpn/openvpn.conf --daemon
-> could this be due to the last parameter --daemon (i set it up as server to be able to put the certificates)?

Thanks

[egc]

You should setup as server, daemon is about something else (runs the process detached) and is the normal mode at least for K3 and K4.

tun2 is not made because the server does not start.

Why it is not starting has to be investigated like I said it could be that it is a bug, OpenVPN server on these old K2.4 routers is not much used

Anything in syslog?

[dlaroche]

In the interface, i set it up as server and not as daemon but the openvpn service is started as daemon as per previous post.
-> could this be a bug ?


Below the syslog after upgrading from R36808 to R43904

in red the log related to openvpn

Jan 1 01:00:02 DD-WRT syslog.info syslogd started: BusyBox v1.32.0
Jan 1 01:00:02 DD-WRT kern.notice kernel: klogd started: BusyBox v1.32.0 (2020-07-23 06:31:30 +04)
Jan 1 01:00:02 DD-WRT kern.emerg kernel: CPU ProcId is: 0x00029008, options: 0x0000004d
Jan 1 01:00:02 DD-WRT kern.emerg kernel: Linux version 2.4.37 (root@linux) (gcc version 10.1.0 (GCC) ) #61282 Thu Jul 23 06:32:13 +04 2020
Jan 1 01:00:02 DD-WRT kern.emerg kernel: Setting the PFC to its default value
Jan 1 01:00:02 DD-WRT kern.info kernel: found 32kb nvram
Jan 1 01:00:02 DD-WRT kern.emerg kernel: Determined physical RAM map:
Jan 1 01:00:02 DD-WRT kern.emerg kernel: memory: 01000000 @ 00000000 (usable)
Jan 1 01:00:02 DD-WRT kern.emerg kernel: On node 0 totalpages: 4096
Jan 1 01:00:02 DD-WRT kern.emerg kernel: zone(0): 4096 pages.
Jan 1 01:00:02 DD-WRT kern.emerg kernel: zone(1): 0 pages.
Jan 1 01:00:02 DD-WRT kern.emerg kernel: zone(2): 0 pages.
Jan 1 01:00:02 DD-WRT kern.emerg kernel: Kernel command line: root=/dev/mtdblock2 rootfstype=squashfs,jffs2 noinitrd console=ttyS0,115200
Jan 1 01:00:02 DD-WRT kern.emerg kernel: CPU: BCM5352 rev 0 at 200 MHz
Jan 1 01:00:02 DD-WRT kern.emerg kernel: Using 100.000 MHz high precision timer.
Jan 1 01:00:02 DD-WRT kern.emerg kernel: Calibrating delay loop... 199.88 BogoMIPS
Jan 1 01:00:02 DD-WRT kern.info kernel: Dentry cache hash table entries: 2048 (order: 2, 16384 bytes)
Jan 1 01:00:02 DD-WRT kern.info kernel: Inode cache hash table entries: 1024 (order: 1, 8192 bytes)
Jan 1 01:00:02 DD-WRT kern.info kernel: Mount cache hash table entries: 512 (order: 0, 4096 bytes)
Jan 1 01:00:02 DD-WRT kern.info kernel: Buffer cache hash table entries: 1024 (order: 0, 4096 bytes)
Jan 1 01:00:02 DD-WRT kern.emerg kernel: Page-cache hash table entries: 4096 (order: 2, 16384 bytes)
Jan 1 01:00:02 DD-WRT kern.emerg kernel: Checking for 'wait' instruction... unavailable.
Jan 1 01:00:02 DD-WRT kern.emerg kernel: POSIX conformance testing by UNIFIX
Jan 1 01:00:02 DD-WRT kern.emerg kernel: PCI: Fixing up bus 0
Jan 1 01:00:02 DD-WRT kern.emerg kernel: Initializing RT netlink socket
Jan 1 01:00:02 DD-WRT kern.emerg kernel: Starting kswapd
Jan 1 01:00:02 DD-WRT kern.info kernel: devfs: v1.12c (20020818) Richard Gooch (rgooch@atnf.csiro.au)
Jan 1 01:00:02 DD-WRT kern.info kernel: devfs: boot_options: 0x1
Jan 1 01:00:02 DD-WRT kern.info kernel: squashfs: version 3.0 (2006/03/15) Phillip Lougher
Jan 1 01:00:02 DD-WRT user.info syslog: resetbutton : resetbutton daemon successfully started
Jan 1 01:00:02 DD-WRT kern.alert kernel: register_vlan_device: ALREADY had VLAN registered
Jan 1 01:00:02 DD-WRT kern.debug kernel: vlan0: add 01:00:5e:00:00:01 mcast address to master interface
Jan 1 01:00:02 DD-WRT kern.alert kernel: register_vlan_device: ALREADY had VLAN registered
Jan 1 01:00:02 DD-WRT kern.debug kernel: vlan1: add 01:00:5e:00:00:01 mcast address to master interface
Jan 1 01:00:04 DD-WRT kern.warn kernel: Warning: DQ5 raised while program operation was in progress, however operation completed OK
Jan 1 01:00:04 DD-WRT user.info syslog: bridge : bridge br0 successfully added
Jan 1 01:00:04 DD-WRT kern.info kernel: device br0 entered promiscuous mode
Jan 1 01:00:04 DD-WRT kern.debug kernel: vlan0: del 01:00:5e:00:00:01 mcast address from vlan interface
Jan 1 01:00:04 DD-WRT kern.debug kernel: vlan0: del 01:00:5e:00:00:01 mcast address from master interface
Jan 1 01:00:04 DD-WRT kern.emerg kernel: vlan0: Setting MAC address to 00 1d 7e 55 20 3f.
Jan 1 01:00:04 DD-WRT kern.emerg kernel: VLAN (vlan0): Underlying device (eth0) has same MAC, not checking promiscious mode.
Jan 1 01:00:04 DD-WRT kern.debug kernel: vlan0: add 01:00:5e:00:00:01 mcast address to master interface
Jan 1 01:00:05 DD-WRT kern.debug kernel: vlan0: del 01:00:5e:00:00:01 mcast address from vlan interface
Jan 1 01:00:05 DD-WRT kern.debug kernel: vlan0: del 01:00:5e:00:00:01 mcast address from master interface
Jan 1 01:00:05 DD-WRT kern.emerg kernel: vlan0: Setting MAC address to 00 1d 7e 55 20 3f.
Jan 1 01:00:05 DD-WRT kern.emerg kernel: VLAN (vlan0): Underlying device (eth0) has same MAC, not checking promiscious mode.
Jan 1 01:00:05 DD-WRT kern.debug kernel: vlan0: add 01:00:5e:00:00:01 mcast address to master interface
Jan 1 01:00:05 DD-WRT user.info syslog: bridge : interface vlan0 successfully added to bridge br0
Jan 1 01:00:05 DD-WRT kern.info kernel: vlan0: dev_set_promiscuity(master, 1)
Jan 1 01:00:05 DD-WRT kern.info kernel: device eth0 entered promiscuous mode
Jan 1 01:00:05 DD-WRT kern.info kernel: device vlan0 entered promiscuous mode
Jan 1 01:00:05 DD-WRT user.info syslog: bridge : interface eth1 successfully added to bridge br0
Jan 1 01:00:05 DD-WRT kern.info kernel: device eth1 entered promiscuous mode
Jan 1 01:00:05 DD-WRT kern.debug kernel: vlan1: del 01:00:5e:00:00:01 mcast address from vlan interface
Jan 1 01:00:05 DD-WRT kern.debug kernel: vlan1: del 01:00:5e:00:00:01 mcast address from master interface
Jan 1 01:00:05 DD-WRT kern.emerg kernel: vlan1: Setting MAC address to 00 1d 7e 55 20 3f.
Jan 1 01:00:05 DD-WRT kern.emerg kernel: VLAN (vlan1): Underlying device (eth0) has same MAC, not checking promiscious mode.
Jan 1 01:00:06 DD-WRT kern.debug kernel: vlan1: add 01:00:5e:00:00:01 mcast address to master interface
Jan 1 01:00:06 DD-WRT kern.debug kernel: vlan1: del 01:00:5e:00:00:01 mcast address from vlan interface
Jan 1 01:00:06 DD-WRT kern.debug kernel: vlan1: del 01:00:5e:00:00:01 mcast address from master interface
Jan 1 01:00:06 DD-WRT kern.emerg kernel: vlan1: Setting MAC address to 00 1d 7e 55 20 3f.
Jan 1 01:00:06 DD-WRT kern.emerg kernel: VLAN (vlan1): Underlying device (eth0) has same MAC, not checking promiscious mode.
Jan 1 01:00:06 DD-WRT kern.debug kernel: vlan1: add 01:00:5e:00:00:01 mcast address to master interface
Jan 1 01:00:06 DD-WRT user.info syslog: bridge : interface vlan1 successfully added to bridge br0
Jan 1 01:00:06 DD-WRT kern.info kernel: vlan1: dev_set_promiscuity(master, 1)
Jan 1 01:00:06 DD-WRT kern.info kernel: device vlan1 entered promiscuous mode
Jan 1 01:00:06 DD-WRT kern.info kernel: device br0 left promiscuous mode
Jan 1 01:00:06 DD-WRT kern.info kernel: device br0 entered promiscuous mode
Jan 1 01:00:06 DD-WRT kern.info kernel: device br0 left promiscuous mode
Jan 1 01:00:06 DD-WRT user.info syslog: klogd : kernel log daemon successfully stopped
Jan 1 01:00:06 DD-WRT kern.notice kernel: klogd: exiting
Jan 1 01:00:06 DD-WRT user.info syslog: telnetd : daemon successfully started
Jan 1 01:00:06 DD-WRT user.info syslog: syslogd : syslog daemon successfully stopped
Jan 1 01:00:07 DD-WRT syslog.info syslogd exiting
Jan 1 01:00:07 DD-WRT syslog.info syslogd started: BusyBox v1.32.0
Jan 1 01:00:08 DD-WRT user.info syslog: wland : daemon successfully started
Jan 1 01:00:08 DD-WRT user.info syslog: klogd : daemon successfully started
Jan 1 01:00:08 DD-WRT kern.notice kernel: klogd started: BusyBox v1.32.0 (2020-07-23 06:31:30 +04)
Jan 1 01:00:08 DD-WRT user.info syslog: cron : daemon successfully started
Jan 1 01:00:08 DD-WRT user.info syslog: openvpn : OpenVPN daemon (Server) starting/restarting...
Jan 1 01:00:08 DD-WRT cron.info cron[205]: (CRON) STARTUP (fork ok)
Jan 1 01:00:08 DD-WRT daemon.info dnsmasq[207]: started, version 2.82 cachesize 1500
Jan 1 01:00:08 DD-WRT daemon.info dnsmasq[207]: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua no-TFTP no-conntrack no-ipset no-auth no-DNSSEC loop-detect no-inotify no-dumpfile
Jan 1 01:00:08 DD-WRT daemon.info dnsmasq[207]: using nameserver 8.8.4.4#53
Jan 1 01:00:08 DD-WRT user.info syslog: dnsmasq : daemon successfully started
Jan 1 01:00:08 DD-WRT daemon.info dnsmasq[207]: using nameserver 8.8.8.8#53
Jan 1 01:00:08 DD-WRT daemon.info dnsmasq[207]: using only locally-known addresses for domain test
Jan 1 01:00:08 DD-WRT daemon.info dnsmasq[207]: using only locally-known addresses for domain onion
Jan 1 01:00:08 DD-WRT daemon.info dnsmasq[207]: using only locally-known addresses for domain localhost
Jan 1 01:00:08 DD-WRT daemon.info dnsmasq[207]: using only locally-known addresses for domain local
Jan 1 01:00:08 DD-WRT daemon.info dnsmasq[207]: using only locally-known addresses for domain invalid
Jan 1 01:00:08 DD-WRT daemon.info dnsmasq[207]: using only locally-known addresses for domain bind
Jan 1 01:00:08 DD-WRT daemon.warn dnsmasq[207]: no servers found in /tmp/resolv.dnsmasq, will retry
Jan 1 01:00:08 DD-WRT daemon.info dnsmasq[207]: read /etc/hosts - 2 addresses
Jan 1 01:00:10 DD-WRT daemon.info httpd[220]: httpd : httpd server started at port 80
Jan 1 01:00:11 DD-WRT user.info syslog: httpd : http daemon successfully started
Jan 1 01:00:12 DD-WRT daemon.warn openvpn[212]: WARNING: Using --management on a TCP port WITHOUT passwords is STRONGLY discouraged and considered insecure
Jan 1 01:00:12 DD-WRT daemon.warn openvpn[212]: WARNING: file '/tmp/openvpn/ta.key' is group or others accessible
Jan 1 01:00:12 DD-WRT daemon.notice openvpn[212]: OpenVPN 2.4.9 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [MH/PKTINFO] [AEAD] built on Jul 23 2020
Jan 1 01:00:12 DD-WRT daemon.notice openvpn[212]: library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.09
Jan 1 01:00:12 DD-WRT daemon.notice openvpn[250]: MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:14
Jan 1 01:00:12 DD-WRT daemon.warn openvpn[250]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts[/color]
Jan 1 01:00:13 DD-WRT daemon.info dnsmasq[207]: exiting on receipt of SIGTERM
Jan 1 01:00:13 DD-WRT daemon.info dnsmasq[286]: started, version 2.82 cachesize 1500
Jan 1 01:00:13 DD-WRT daemon.info dnsmasq[286]: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua no-TFTP no-conntrack no-ipset no-auth no-DNSSEC loop-detect no-inotify no-dumpfile
Jan 1 01:00:13 DD-WRT user.info syslog: dnsmasq : daemon successfully started
Jan 1 01:00:13 DD-WRT user.info syslog: wland : daemon successfully stopped
Jan 1 01:00:14 DD-WRT daemon.info dnsmasq[286]: using nameserver 8.8.4.4#53
Jan 1 01:00:14 DD-WRT daemon.info dnsmasq[286]: using nameserver 8.8.8.8#53
Jan 1 01:00:14 DD-WRT daemon.info dnsmasq[286]: using only locally-known addresses for domain test
Jan 1 01:00:14 DD-WRT daemon.info dnsmasq[286]: using only locally-known addresses for domain onion
Jan 1 01:00:14 DD-WRT daemon.info dnsmasq[286]: using only locally-known addresses for domain localhost
Jan 1 01:00:14 DD-WRT daemon.info dnsmasq[286]: using only locally-known addresses for domain local
Jan 1 01:00:14 DD-WRT daemon.info dnsmasq[286]: using only locally-known addresses for domain invalid
Jan 1 01:00:14 DD-WRT daemon.info dnsmasq[286]: using only locally-known addresses for domain bind
Jan 1 01:00:14 DD-WRT daemon.warn dnsmasq[286]: no servers found in /tmp/resolv.dnsmasq, will retry
Jan 1 01:00:14 DD-WRT daemon.info dnsmasq[286]: read /etc/hosts - 2 addresses
Jan 1 01:00:14 DD-WRT user.info syslog: wland : daemon successfully started
Jan 1 01:00:16 DD-WRT user.info syslog: process_monitor : successfully started
Jan 1 01:00:16 DD-WRT daemon.debug ntpclient[363]: Connecting to 0.ch.pool.ntp.org [62.112.134.4] ...
Jul 29 15:30:22 DD-WRT daemon.info ntpclient[363]: Time set from 0.ch.pool.ntp.org [62.112.134.4].
Jul 29 15:30:22 DD-WRT daemon.info process_monitor[361]: cyclic NTP Update success (servers 0.ch.pool.ntp.org)
Jul 29 15:30:24 DD-WRT user.info syslog: nas : wait for network init
Jul 29 15:30:24 DD-WRT daemon.debug process_monitor[361]: Restarting cron (time sync change)
Jul 29 15:30:24 DD-WRT user.info syslog: cron : daemon successfully stopped
Jul 29 15:30:24 DD-WRT user.info syslog: cron : daemon successfully started
Jul 29 15:30:24 DD-WRT cron.info cron[427]: (CRON) STARTUP (fork ok)
Jul 29 15:30:24 DD-WRT user.info syslog: process_monitor : daemon successfully stopped
Jul 29 15:30:24 DD-WRT daemon.info process_monitor[361]: process_monitor : cleanup timers
Jul 29 15:30:25 DD-WRT user.info syslog: process_monitor : successfully started
Jul 29 15:30:25 DD-WRT daemon.debug process_monitor[432]: We need to re-update after 3600 seconds
Jul 29 15:30:25 DD-WRT daemon.info process_monitor[432]: process_monitor : set timer: 3600 seconds, callback: ntp_main()
Jul 29 15:30:34 DD-WRT user.info syslog: nas : start nas lan
Jul 29 15:30:34 DD-WRT user.info syslog: nas : start nas for wl0
Jul 29 15:30:35 DD-WRT user.info syslog: nas : start nas lan
Jul 29 15:30:35 DD-WRT user.info syslog: nas : start nas for wl0
Jul 29 15:30:35 DD-WRT user.info syslog: httpd : daemon successfully stopped
Jul 29 15:30:35 DD-WRT daemon.info httpd[236]: httpd : httpd server shutdown
Jul 29 15:30:35 DD-WRT daemon.info httpd[441]: httpd : httpd server started at port 80
Jul 29 15:30:35 DD-WRT user.info syslog: httpd : http daemon successfully started
Jul 29 15:30:35 DD-WRT user.info syslog: resetbutton : daemon successfully stopped
Jul 29 15:30:36 DD-WRT user.info syslog: resetbutton : resetbutton daemon successfully started
Jul 29 15:32:42 DD-WRT auth.info login[486]: root login on 'pts/0'

[egc]

You should setup as server the choice between server and daemon is kind of misleading it always runs as daemon.
Setup as daemon means you do not use the GUI but dump your settings in the Additional config.

The server tries to start but stops when tun2 should be opened/initialized

Can you list the modules which are present: from CLI:

[dlaroche]

lsmod:

switch-robo 5372 0 (unused)
switch-core 5312 0 [switch-robo]

when adding the modprobe tun

Jul 29 16:42:32 DD-WRT daemon.err openvpn[713]: Options error: Unrecognized option or missing or extra parameter(s) in /tmp/openvpn/openvpn.conf:38: modprobe (2.4.9)

when starting using telnet
root@DD-WRT:/opt# modprobe tun
-sh: modprobe: not found
root@DD-WRT:/opt#

[egc]

try:
insmod tun.ko

the tun.ko module should be in /lib/modules/[kernel version]/

[dlaroche]

This is what i have in /lib/modules/2.4.37; tun module is not there

root@DD-WRT:/lib/modules/2.4.37# ls
bcm57xxlsys.o ebt_mark.o ebtable_nat.o ip_conntrack_proto_gre.o ipt_CONNMARK.o ipt_mark.o
diag.o ebt_mark_m.o ebtables.o ip_nat_pptp.o ipt_IMQ.o ipt_webstr.o
ebt_arpnat.o ebt_redirect.o etherip.o ip_nat_proto_gre.o ipt_ipp2p.o switch-adm.o
ebt_dnat.o ebt_snat.o imq.o ip_wccp.o ipt_layer7.o switch-core.o
ebt_ip.o ebtable_filter.o ip_conntrack_pptp.o ipip.o ipt_mac.o switch-robo.o


i did a find -iname 'tun.ko' and find -iname 'tun.ko.gz' at the / level and nothing found.

and when adding insmod tun.ko in openvpn additional config, i get in the log:

Jul 29 19:55:08 DD-WRT user.info syslog: openvpn : OpenVPN daemon (Server) starting/restarting...
Jul 29 19:55:08 DD-WRT daemon.err openvpn[1483]: Options error: Unrecognized option or missing or extra parameter(s) in /tmp/openvpn/openvpn.conf:38: insmod (2.4.9)

[egc]

It looks like tun.ko is missing.

Consider filing a bug report

[dlaroche]

thanks

for reference, ticket created: https://svn.dd-wrt.com/ticket/7177#ticket

[BrainSlayer]

[eibgrad]

https://svn.dd-wrt.com/ticket/7177#comment:7