Posted: Mon Apr 09, 2012 9:31 Post subject: Trouble setting up VPN (resolved)
I followed the "the easy way" on VPN setup. However, the entire procedure was pretty painful. Seems OpenVPN now has two clients (the old 2.1.2 I could hardly find) and the default VPN_client (for which I can't find a version number). The problem is that the new client doesn't have the certificate creation subfolder plus a few other minor details.
Ultimately I managed to get VPN working locally (haven't yet tried remotely). I get a new "NIC" with IP in the VPN range, but without default gateway. Networking works, but I'm not even sure how to check whether it's by VPN or by ordinary wireless I use to connect to the router's VPN server. I guess I'll be able to do that once I actually test from the intended remote location.
However, I have a major issue with the client (the new one, I can't seem to make the 2.1.2 old one work):
Immediately upon connecting the client hogs one entire core and starts sending huge amounts of data over the connection - all the connection can handle.
During this time, the router doesn't register any traffic from the client computer.
So what gives? Where did I miss?
Last edited by velis on Wed Apr 18, 2012 6:31; edited 1 time in total
Tried from remote location and the traffic spamming wasn't there so I guess the major problem is solved.
The network didn't work either So I need to read up s bit more on VPN setup, particulary the routing section it seems.
Read up on routing plus googled A LOT.
I just can't seem to make the stuff work.
The client connects, logs on client and server show no errors, but nothing works.
I can't ping neither the router (tried VPN and "standard" IP) nor any other computer connected to it.
ipconfig shows that default gateway is not assigned to the tun interface created by openvpn.
In the mean time I also made client 2.1.2 work, but it's essentially the same client as mentioned before and works in the exact same way with identical logs.
How can I make the TUN interface receive a default gateway - or better asked: what am I doing wrong here?
As before, using configurations as suggested in "the easy way" VPN guide. Only changed the relevant IPs.
I made minor progress:
creating a route for 0.0.0.0 through VPN interface now allows me to ping the router both by its VPN IP and by its LAN IP. However I still can't ping any of the other computers on the LAN and DNS for the VPN network does not work.
Edit: now I tried to add these two lines:
push "dhcp-option DNS 192.168.254.100"
push "dhcp-option DOMAIN dghvoip.lan"
of course, nothing works any more
daemon
server 10.8.0.0 255.255.255.0
proto udp
port 21194
dev tap0
dh /opt/share/easy-rsa/keys/dh1024.pem
key /opt/share/easy-rsa/keys/i2server.key
cert /opt/share/easy-rsa/keys/i2server.crt
ca /opt/share/easy-rsa/keys/ca.crt
up /opt/etc/openvpn/openvpnup.sh
keepalive 10 120
comp-lzo
persist-key
persist-tun
verb 3
tls-server
mode server
tls-auth /opt/etc/openvpn/ta.key 0
status /opt/etc/openvpn/openvpn-status.log
log /opt/etc/openvpn/openvpn.log
client-to-client
client-config-dir /opt/etc/openvpn/ccd
script-security 3 system
root@DD-WRT:~# openvpn --version
OpenVPN 2.2.0 mipsel-linux [SSL] [LZO2] [EPOLL] [eurephia] built on Apr 28 2011
Originally developed by James Yonan
Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
Thanks for the help routvol. Made me realize I had version problem. Was using build 13064 as recommended by router database, but only after MUCH MORE reading i found that it's not exactly a good build.
Changing version to a more appropriate one fixed all issues at once. VPN worked in the first try after I did this.
Please guys, fix the router database! It's the best idea ever, but it's not helpful if the most popular router of all time doesn't even have a wiki page link on its database entry, not to mention suggested version (mis)information.