OpenWrt Forum Archive

Topic: Optimized and feature rich trunk build for select routers

The content of this topic has been archived between 20 Aug 2014 and 5 May 2018. Unfortunately there are posts – most likely complete pages – missing.

Sorry, posts 51 to 51 are missing from our archive.

Check that you use udp4 and not udp in the config. Keep in mind that the default configuration is working, so if you want back to start just copy /rom/etc/config/openvpn to /etc/config/openvpn and restart the service.

That's exactly what I did... But it's still constantly restarting.

Set option verb to 9 and look for hints in the log.

Ah, I think the restart is because of the keepalive. Disable the keepalive option to turn off, it's restarting the tunnel on inactivity. I'll remove that in next build.

In the next build, could you also change the default OpenVPN port to a different one? It conflicts with the default SSL port.

It doesnt conflict, udp 443. Uhttpd is tcp 443.

Oh, derp.

I chose udp 443 because its more likely to be opened in hotspots.

Woohoo, I got VPN working! All it took was changing the client.ovpn server IP to ssl.mccoy.cf (Which points to my IPv6 and IPv4 IP address). It even works over LAN now.

Again, P.S: If you would like me to set up a mirror website, please get a free domain at Freenom (my account was blacklisted for no reason, I'm not trying to just be pushy...)

Your WAN IP is supposed to be picked up automatically and put in the generated .ovpn, did that not happen?

I'll get around to signing up for a domain, if you're eager feel free to just register a domain for me I don't care about control smile I'm still not convinced it will be very helpful compared to the current plain directory view... Is it that hard to choose a release and download sysupgrade/factory image?

LATEST RELEASE HAS A DEFAULT ROOT PASSWORD changeme

Found the patch on the mailing list, haven't been able to test this build but it looks like the hash got created properly. So the root user has a default password now, this is why you won't be able to telnet after a clean flash.

(Last edited by arokh on 16 Jun 2014, 12:22)

It did pick up my IP and put it in OpenWRT.ovpn, but for some reason it didn't want to work without using my domain.

If your domain points to the same IP there should be no difference.

Whelp, I suppose I might as well try it with and without the IP. I'll report back soon...

Hmm, never mind. It now gets stuck at "Adding routes" either way...

Check your /etc/config/openvpn and your client .ovpn for differences in port or compress method. It would be nice if you could test a factory image with default settings, I'm confused as to if you are having problems because you changed something manually or if there is something wrong in the image.

I copied everything back from /rom/etc/config/openvpn and tried to make sure that the ports, protocols, IPs, and compression all matched. Is there a way I can re-generate the OpenWRT.ovpn file?

Yes, just remove it and restart the openvpn service.

On server side it should be

# OpenVPN 2.4 syntax
compress lzo

On client side it should be

# OpenVPN 2.3 syntax
comp-lzo

(Last edited by arokh on 16 Jun 2014, 13:01)

That doesn't make sense because the default config binds only to IPv4 (udp4).

(Last edited by arokh on 16 Jun 2014, 13:28)

It looks like it has something to do with IPV6. I can connected to VPN over IPv6, but not my IPv4 address.
Edit: waiiiiit a second...

Could not determine IPv4/IPv6 protocol. Using AF_INET6

/etc/config/openvpn:

option proto udp

So there's where I messed up. How do I get it to bond to both udp4 and udp6?

I think you would need to run two different configurations to listen to both. IPv6 will at least require other addresses on the server/client tun interface as well. I suggest you go with the default IPv4 setup or dig into the documentation, have fun smile

(Last edited by arokh on 16 Jun 2014, 13:29)

re-posting as it seems my post got lost. I tried the default config but no luck it seems to set the port but I see nothing through, either the windows openvpn does not work, I am also trying to do this from my home network, I used to use PPP and it worked fine but want to swap to something more secure.

I have tried the default but that did not work, also it would be nice if the client file used the DDNS name as that is how I have mine set.

(Last edited by wesleyhey on 17 Jun 2014, 02:13)

Please post some details. What version of OpenVPN client are you using? Post your .ovpn (without the key), post your /etc/config/openvpn and server/client logs. If you are connecting from your own LAN that won't work. Try from the internet.

How do you figure I would make my build guess your DDNS name? It should be blank after a flash. Anyways, if you want to use a DDNS name just edit the configuration file. It should grab your WAN IP by default, which should get you up and running.

(Last edited by arokh on 17 Jun 2014, 09:53)

Any changes in r41224?