[dutch_user]

Dear friends,

I need some help

I have a raspberry pi loaded with pivpn and made a few profiles wich all work from my android phone.... (using my data plan and using wifi at someones house (so outside of my network)

I also have a few tl-wr1043nd v1 (routers) loaded with dd-wrt v3.0-r33413 std (09/27/17)

I would like to use these routers to setup a vpn connection from outside the network, like connecting these at a friends house to tere network and automaticly startup the vpn so i can plugin whatever and end up at my network

(basicly using the router as an extension for my network)

(i want to use the 4 port lan switch as ports that lands on my network, and also the wifi)

I have been working on this sins may, but i cannot get it to work, Can someone please help me?


below i posted the client config for the router

[egc]

If I understand correctly you want to use a DD WRT router as an OpenVPN client.
Why not use the GUI for setting up?

The version you use has OpenVPN 2.4, some parameters are different, the GUI will take care of that.
Notably:

proto udp4
comp-lzo yes
mtu-disc yes

If you are connecting what is the OpenVPN log showing?

[dutch_user]

@above: yes, i want to use this (and other routers as a client) i have been tring to use the GUI, and so many other things, i just cant get it to work, and i dont know where i need to look for a solution.

any help is appreciated.
(even my writing stresses under it)

my updated config file that i took from the router

ca /tmp/openvpncl/ca.crt
cert /tmp/openvpncl/client.crt
key /tmp/openvpncl/client.key
management 127.0.0.1 16
management-log-cache 100
verb 5
mute 3
syslog
writepid /var/run/openvpncl.pid
client
resolv-retry infinite
nobind
persist-key
persist-tun
script-security 2
dev tun1
proto udp4
cipher aes-256-cbc
auth sha256
remote xxx.xxx.xxx.xxx 1150
comp-lzo yes
tun-mtu 1500
mtu-disc yes
ns-cert-type server
fast-io
tls-auth /tmp/openvpncl/ta.key 1


i should mention, this is done using the "client" tab in the openvpn section, so not running a deamon

[egc]

That looks normal, so what is the status/OpenVPN page showing?
If it is empty then it often is a certificate problem.

[dutch_user]

It is empty, nothing there, thats a start thank you, so i should try to do some stuff with the certificates...? I can offcourse just try..

[dutch_user]

so, i factory resetted the tl-wr1043 v1, and found systemlog, which i enabled.

i am still using the openvpn client tab and filled in the fields.

after that i took a look at the systemlog and this is the output from that.

[code]


Oct 6 12:14:11 DD-WRT user.info : openvpn : OpenVPN daemon (Client) starting/restarting...

Oct 6 12:14:11 DD-WRT daemon.warn openvpn[2334]: WARNING: file '/tmp/openvpncl/client.key' is group or others accessible

Oct 6 12:14:11 DD-WRT daemon.notice openvpn[2334]: OpenVPN 2.4.3 mips-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Sep 27 2017

Oct 6 12:14:11 DD-WRT daemon.notice openvpn[2334]: library versions: OpenSSL 1.1.0f 25 May 2017, LZO 2.09

Oct 6 12:14:11 DD-WRT daemon.notice openvpn[2336]: MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16

Oct 6 12:14:11 DD-WRT daemon.warn openvpn[2336]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

Oct 6 12:14:11 DD-WRT daemon.warn openvpn[2336]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Oct 6 12:14:11 DD-WRT daemon.err openvpn[2336]: neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Private Key Password:'. If you used --daemon, you need to use --askpass to make passphrase-protected ke

Oct 6 12:14:11 DD-WRT daemon.notice openvpn[2336]: Exiting due to fatal error

The weird thing is that i do not use a username/passphrase, just the ca,cert and key.

maybe this can help to fix my problem (should i run it as a client or as a deamon? )

[dutch_user]

Friends,

My problem is solved for a bit,

I am able to setup a vpn (will explain it below)
but run into 2 problems

1) the openvpn client cannot setup tun1, so the router is isolated.

if i want to connect to the internet i have to disable the vpn... looks like a routing issue?

second problem 2) i needed to create a passphrase file to open the ta.key,
That file is not being saved on the router just because it refuses it... How do i fix this?


i am not out of the woods yet, so if anyone can help me ... with the storing of the password, and routing problems, then that would be great.

explaining the problem:

after looking through the logs and a lot of google-ing
i remembered something that i did to connect my phone for the first time to the vpn server..

i needed to enter a password... that same password is what kept tls from connecting to the server (it's password protected) (a password for a key)

i made a file with the password and added "askpass /tmp/openvpncl/filesomething" to the additional info box in the client tab


that was it....

so the vpn works, it shows it's connected but i cannot disconnect the router from power or reboot (i have to place the password file back in the directory by hand (the second problem)