[jl303]

Hi,

I use dd-wrt.v24-30016_NEWD-2_K2.6_mega.bin on rt-n16.
Router IP: 192.168.1.1
Local DHCP Server starts: 192.168.1.100
OpenVPN: Enabled
Start Type: System
Config as: Server
Server mode: Bridge (TAP)
DHCP-Proxy mode: Disabled
Pool start IP: 192.168.1.3
Pool end IP: 192.168.1.10
Gateway: 192.168.1.1
Netmask: 255.255.255.0
Block DHCP across the tunnel: Disabled
Here's my client config without the keys.
client
dev tap
proto udp
remote home.dns.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
verb 3
My OpenVPN on iPhone complained ifconfig "ip addresses are not in the same subnet topology net30."
Someone suggested to add the following to Additional Config.
push "topology subnet"
push "dhcp-option DNS 192.168.1.1"
Now the OpenVPN on iPhone indicates it's connected, but the log says "Tun Write Error: cannot identify ip version for prefix."
Also the external ip address is from my carrier instead of my ISP.
How can I properly set OpenVPN on dd-wrt for IOS?
Thanks!

[jl303]

I also tried enabling DHCP-Proxy mode, but OpenVPN on IOS says "one of ifconfig or ifconfig-ipv6 must be specified." Then it disconnects.
Basically I'd like to connect to my router remotely and access a server on the local network.
Any suggestion would be appreciated.
Thanks!

[jl303]

After some googling, I found that IOS doesn't support tap-based OpenVPN connection.
Now I'm trying to set up routing mode. I seem to have local access, but not internet access. Here are the settings.

1. Services > VPN > OpenVPN Server/Daemon
OpenVPN: Enabled
Start Type: System
Config as: Server
Server mode: Router (TUN)
Network: 192.168.2.0
Netmask: 255.255.255.0
Additional Config: push "route 192.168.1.0 255.255.255.0"

2. Status > OpenVPN
server 192.168.2.0 255.255.255.0
dev tun2 tun-ipv6
push "route 192.168.1.0 255.255.255.0"

3. Adinistration > Commands > Firewall
iptables -I INPUT 1 -p udp --dport 1194 -j ACCEPT
iptables -I FORWARD 1 --source 192.168.1.0/24 -j ACCEPT
iptables -I FORWARD -i br0 -o tun2 -j ACCEPT
iptables -I FORWARD -i tun2 -o br0 -j ACCEPT

[Mike42Smith]

That might be a NAT issue. Change your Firewall setting to the following:

iptables -I INPUT 1 -p udp --dport 1194 -j ACCEPT
iptables -I FORWARD 1 -i br0 -o tun2 -j ACCEPT
iptables -I FORWARD 2 -i tun2 -o br0 -j ACCEPT
iptables -t nat -I POSTROUTING 1 -i tun2 -o vlan2 -j MASQUERADE

The last line is important for the NAT between client in the local / vpn network and the internet.

[je24]

I had the same issue and came across the following settings that worked for me:

iptables -I INPUT 1 -p tcp –dport 443 -j ACCEPT
iptables -I FORWARD 1 –source 10.10.10.0/24 -j ACCEPT
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.10.10.0/24 -j MASQUERADE

I am using port 443 instead of 1194
10.10.10.0 is my VPN ip

I am able to connect to my VPN and access the internet over the VPN however am having issues connecting to the admin page of the router or a USB drive connected to the router (created a thread for those issues).