I have read through alot of post on OpenVPN. But I still can't get it to work.
I followed this link to setup my server and client --> http://wiki.openwrt.org/oldwiki/openvpnhowto
My intention is to setup a bridged vpn. I have followed the script to set up my tap0 interface. When I checked using the luci, the tap0 is created when i execute the script
Bridge Port 2
? Device: tap0 (MAC XX:XX:XX:XX)
? Type: Ethernet Adapter
but when I typed ifconfig there is no tap0 interface.
The bridging script
#!/bin/sh
#/etc/openvpn/startupscript
# OpenVPN Bridge Config File
# Creates TAP devices for use by OpenVPN and bridges them into OpenWRT Bridge
# Taken from http://openvpn.net/bridge.html
# Define Bridge Interface
# Preexisting on OpenWRT
br="br-lan"
# Define list of TAP interfaces to be bridged,
# for example tap="tap0 tap1 tap2".
tap="tap0"
case "$1" in
up)
# Make sure module is loaded
insmod tun
# Build tap devices
for t in $tap; do
openvpn --mktun --dev $t
done
# Add TAP interfaces to OpenWRT bridge
for t in $tap; do
brctl addif $br $t
done
#Configure bridged interfaces
for t in $tap; do
ifconfig $t 0.0.0.0 promisc up
done
;;
down)
for t in $tap; do
ifconfig $t 0.0.0.0 down
done
for t in $tap; do
brctl delif $br $t
done
for t in $tap; do
openvpn --rmtun --dev $t
done
rmmod tun
;;
*)
echo "$0 {up|down}"
;;
esacMy server.opvn
port 1194
proto udp
dev tap0
push "route 192.168.1.0 255.255.255.0"
keepalive 10 120
comp-lzo
max-clients 3
persist-key
persist-tun
status openvpn-status.log
log-append /tmp/log/openvpn.log
verb 3
secret /etc/openvpn/secret.keyMy client.opvn
dev tap
proto udp
remote X.X.X.X 1194
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
comp-lzo
verb 3
secret secret.key
floatwhen i test run the server it give me this output.
root@OpenWrt:/tmp/log# cat openvpn.log
Fri Oct 2 04:53:30 2009 OpenVPN 2.1_rc18 mipsel-openwrt-linux [SSL] [LZO2] built on Oct 2 2009
Fri Oct 2 04:53:31 2009 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Oct 2 04:53:31 2009 Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Oct 2 04:53:31 2009 Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Oct 2 04:53:31 2009 Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Oct 2 04:53:31 2009 Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Oct 2 04:53:31 2009 TUN/TAP device tap0 opened
Fri Oct 2 04:53:31 2009 TUN/TAP TX queue length set to 100
Fri Oct 2 04:53:31 2009 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:4 ET:32 EL:0 ]
Fri Oct 2 04:53:31 2009 Local Options hash (VER=V4): '8b888ddc'
Fri Oct 2 04:53:31 2009 Expected Remote Options hash (VER=V4): '8b888ddc'
Fri Oct 2 04:53:31 2009 Socket Buffers: R=[32767->65534] S=[32767->65534]
Fri Oct 2 04:53:31 2009 UDPv4 link local (bound): [undef]:1194
Fri Oct 2 04:53:31 2009 UDPv4 link remote: [undef]Is this the correct output? I read from openVPN and it stated that when the server initialise finished, it will give a --> Sun Feb 6 20:46:38 2005 Initialisation Sequence Completed .
What is wrong with my initialisation? How to go about solving this problem?
Summary:
1)I installed a openVPN server on my wrt54gl 1.1 with the above server.opvn config
2)I copy and paste the bridge script onto my wrt54gl /etc/openvpn
3)I edited my firewall.user with the help from the wiki
4)I setup my client with the above client.opvn
*Key used is a static key
regards
ian_wk
(Last edited by ian_wk on 7 Oct 2009, 10:56)