DD-WRT Needs easier vpn config

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Goto page Previous  1, 2
Author Message
mng519
DD-WRT Novice


Joined: 04 Apr 2022
Posts: 24

PostPosted: Tue Apr 26, 2022 15:41    Post subject: vpn Reply with quote
Hmm, strange. It still works no problem in openvpn software. I guess my build/install/flash is buggy. It should work for me too in dd-wrt if it worked for you. Are the latest guides the same ones you linked to before?
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12834
Location: Netherlands

PostPosted: Tue Apr 26, 2022 15:52    Post subject: Reply with quote
Yes only updated guide from today, and yes it should work for you too Smile

https://forum.dd-wrt.com/phpBB2/download.php?id=48550

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
mng519
DD-WRT Novice


Joined: 04 Apr 2022
Posts: 24

PostPosted: Tue Apr 26, 2022 17:41    Post subject: Vpn Reply with quote
Using all the same settings as you did. This is as far as I get.

Client: AUTH
Local Address:
Remote Address:

Status
VPN Client Stats
TUN/TAP read bytes 0
TUN/TAP write bytes 0
TCP/UDP read bytes 3475
TCP/UDP write bytes 3770
Auth read bytes 0

Log
Clientlog:
20220426 13:36:42 W WARNING: Using --management on a TCP port WITHOUT passwords is STRONGLY discouraged and considered insecure
20220426 13:36:42 W WARNING: Using --management on a TCP port WITHOUT passwords is STRONGLY discouraged and considered insecure
20220426 13:36:42 W WARNING: file '/tmp/openvpncl/ta.key' is group or others accessible
20220426 13:36:42 W WARNING: file '/tmp/openvpncl/ta.key' is group or others accessible
20220426 13:36:42 Current Parameter Settings:
20220426 13:36:42 config = '/tmp/openvpncl/openvpn.conf'
20220426 13:36:42 mode = 0
20220426 13:36:42 NOTE: --mute triggered...
20220426 13:36:42 268 variation(s) on previous 3 message(s) suppressed by --mute
20220426 13:36:42 I OpenVPN 2.5.6 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Apr 12 2022
20220426 13:36:42 I library versions: OpenSSL 1.1.1n 15 Mar 2022 LZO 2.10
20220426 13:36:42 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16
20220426 13:36:42 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20220426 13:36:42 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
20220426 13:36:42 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
20220426 13:36:42 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400)
20220426 13:36:42 Control Channel MTU parms [ L:1521 D:1140 EF:110 EB:0 ET:0 EL:3 ]
20220426 13:36:42 Data Channel MTU parms [ L:1521 D:1450 EF:121 EB:389 ET:0 EL:3 ]
20220426 13:36:42 Local Options String (VER=V4): 'V4 dev-type tun link-mtu 1501 tun-mtu 1400 proto UDPv4 keydir 1 cipher AES-256-CBC auth SHA512 keysize 256 tls-auth key-method 2 tls-client'
20220426 13:36:42 Expected Remote Options String (VER=V4): 'V4 dev-type tun link-mtu 1501 tun-mtu 1400 proto UDPv4 keydir 0 cipher AES-256-CBC auth SHA512 keysize 256 tls-auth key-method 2 tls-server'
20220426 13:36:42 I TCP/UDP: Preserving recently used remote address: [AF_INET]192.99.44.200:4443
20220426 13:36:42 Socket Buffers: R=[262144->262144] S=[262144->262144]
20220426 13:36:42 I UDPv4 link local: (not bound)
20220426 13:36:42 I UDPv4 link remote: [AF_INET]192.99.44.200:4443
20220426 13:36:42 TLS: Initial packet from [AF_INET]192.99.44.200:4443 sid=aaa83435 1da295b2
20220426 13:36:42 VERIFY OK: depth=2 CN=BVInternet RSA ROOT CA
20220426 13:36:42 VERIFY OK: depth=1 CN=BVInternet Secure-VPN-Server CA
20220426 13:36:42 NOTE: --mute triggered...
20220426 13:36:43 5 variation(s) on previous 3 message(s) suppressed by --mute
20220426 13:36:43 W WARNING: 'link-mtu' is used inconsistently local='link-mtu 1501' remote='link-mtu 1601'
20220426 13:36:43 W WARNING: 'tun-mtu' is used inconsistently local='tun-mtu 1400' remote='tun-mtu 1500'
20220426 13:36:43 W WARNING: 'keysize' is used inconsistently local='keysize 256' remote='keysize 128'
20220426 13:36:43 Control Channel: TLSv1.3 cipher TLSv1.3 TLS_AES_256_GCM_SHA384 peer certificate: 4096 bit RSA signature: RSA-SHA512
20220426 13:36:43 I [bviserver] Peer Connection Initiated with [AF_INET]192.99.44.200:4443
20220426 13:36:43 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20220426 13:36:43 D MANAGEMENT: CMD 'state'
20220426 13:36:43 MANAGEMENT: Client disconnected
20220426 13:36:43 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20220426 13:36:43 D MANAGEMENT: CMD 'state'
20220426 13:36:43 MANAGEMENT: Client disconnected
20220426 13:36:43 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20220426 13:36:43 D MANAGEMENT: CMD 'state'
20220426 13:36:43 MANAGEMENT: Client disconnected
20220426 13:36:43 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20220426 13:36:43 D MANAGEMENT: CMD 'status 2'
20220426 13:36:43 MANAGEMENT: Client disconnected
20220426 13:36:43 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20220426 13:36:43 D MANAGEMENT: CMD 'log 500'
19691231 19:00:00
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12834
Location: Netherlands

PostPosted: Wed Apr 27, 2022 5:51    Post subject: Reply with quote
It means the server will not authenticate you which happens if someone is already using your keys/certs or if they have epxired.

I would request a new config file from your provider

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
mng519
DD-WRT Novice


Joined: 04 Apr 2022
Posts: 24

PostPosted: Wed Apr 27, 2022 16:57    Post subject: Vpn Reply with quote
Thanks egc. I would never get past AUTH even before you connected with the settings.

I have a new config for a different username, and that never gets past the AUTH status either.

The .ovpn configs work without problems in OpenVPN software, so I have no idea why it won't work in dd-wrt.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12834
Location: Netherlands

PostPosted: Wed Apr 27, 2022 17:00    Post subject: Reply with quote
I have no idea why it does not work on your router, it works on mine and that is running DDWRT.

Only advice I can give reset to defaults and rebuild manually.

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
mng519
DD-WRT Novice


Joined: 04 Apr 2022
Posts: 24

PostPosted: Wed Apr 27, 2022 17:25    Post subject: Vpn Reply with quote
Makes two of us. Brand new flash with latest build too. I'll have to experiment with other firmware I suppose. Thanks for your help.

Tried fresh tomato. It connected through that. Weird.

Thanks again for all your help egc Wink
NetJackACDC
DD-WRT Novice


Joined: 24 Apr 2022
Posts: 12

PostPosted: Sun May 01, 2022 7:32    Post subject: Reply with quote
It would be nice if it could be more like the GLinet AX1800. It only took me a minute to set up and save 5 server locations. It uses OpenWRT, but very user friendly.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12834
Location: Netherlands

PostPosted: Sun May 01, 2022 7:52    Post subject: Reply with quote
A lot of providers have config files which are very large and rapidly fill up your nvram, often also with redundant and false settings.

But indeed you have to copy the keys and tick some boxes as outlined in the OpenVPN Client setup guide.

if you want fast and simple use WireGuard Smile

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
mng519
DD-WRT Novice


Joined: 04 Apr 2022
Posts: 24

PostPosted: Sun May 01, 2022 19:33    Post subject: OpenWRT Reply with quote
NetJackACDC wrote:
It would be nice if it could be more like the GLinet AX1800. It only took me a minute to set up and save 5 server locations. It uses OpenWRT, but very user friendly.


I tried flashing latest openwrt on my r8000. Internet didn't work at all. Maybe I just needed to find the setting somewhere. Should've just worked by default. FT worked fine from the start.
Goto page Previous  1, 2 Display posts from previous:    Page 2 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum