I'm trying to setup OpenVPN on a WHITE RUSSIAN (RC4) install on a new WRT54GL. The router is working until I install and configure it for OpenVPN. Upon reboot, I'm locked out of the router. I can't ping, telnet, ssh, etc. The only way I can get back in is by using failsafe mode. Next, I run firstboot and the router works again, but without OpenVPN. Below is some information about my install and config. Any help would be appreciated.
The text that follows is my attempt of a HOWTO. I've combined info from the OpenVPN Static Key Mini-HowTO and the HotspotOpenvpnHowto.
Install the required software.
ipkg install openvpn
Let's create the directory and a private key for our VPN.
mkdir /etc/openvpn
openvpn --genkey --secret /etc/openvpn/static.key
Load the tunneling module and add it to the autoloader.
insmod tun
echo "tun" > /etc/modules
(Note: If you get a "read-only" error, remember that all the default configuration files for the squashfs firmware are stored unter /rom/etc
which is a read-only partition. The system looks for it's files in /etc so there are symbolic links created there that point to the files in
/rom/etc. You need to remove the symbolic link and copy the real file to the /etc directory).
# ls -l /etc/modules (shows link)
# rm /etc/modules
#cp /rom/etc/modules /etc
#echo "tun" > /etc/modules
Create Server configurtation file /etc/openvpn/wan.conf
cd /etc/openvpn
vim wan.conf
enter the following:
dev tun
ifconfig 10.8.0.1 10.8.0.2
secret static.key
:wq (saves file in vim)
Create script in /etc/init.d/S60openvpn
cd /etc/init.d
vim S60openvpn
enter the following:
#!/bin/sh
openvpn --daemon --config /etc/openvpn/wan.conf
:wq (saves file in vim)
Don't forget to assign executable rights to this file.
chmod a+x /etc/init.d/S60openvpn
Iptables setup
Edit the /etc/firewall.user
[...]
Append the following:
iptables -A FORWARD -i tun0 -o vlan0 -j ACCEPT
iptables -A FORWARD -i tun0 -o vlan1 -j ACCEPT
Finally you can do a last reboot.(Last edited by wook on 26 Feb 2006, 02:58)
