[myatix]

Hi All,

I am having issues with the setup of the OpenVPN server deamon on my WNDR3700v2 running the latest dd-wrt build 18777.

I keep getting the following error in the event log:

connect to 87.60.xxx.xxx:1194 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)

I tried disabling the firewall all together on the router but this didn't help!

I would be really grateful for any help or tips...

I have the following setup...

ISP Modem with WAN Address
In the DMZ zone of the ISP Modem I have my dd-wrt which is used as my DHCP and Wireless router.

ISP WAN IP: 87.60.xxx.xxx
ISP LAN IP: 192.168.0.1
|
DD-WRT WAN IP: 192.168.0.2
DD-WRT LAN IP: 192.168.1.1
|
CLIENTS

OpenVPN Config:
Start Type: WAN up
Config Via: GUI
Server Mode: Router(TUN)
Network: 192.168.11.0
Subnet: 255.255.255.0
Port: 1194
Tunnel Protocol: TCP
Cipher: AES-256 CBC
Hash: SA1

Additional Config:
push "route 192.168.1.0 255.255.255.0"
push "dhcp-option DNS 192.168.1.1"


Client Config File:

remote 87.60.XXX.XXX 1194
client
remote-cert-tls server
dev tun0
proto tcp
resolv-retry infinite
nobind
persist-key
persist-tun
float
ca ca.crt
cert client1.crt
key client1.key
ns-cert-type server
cipher AES-256-CBC
comp-lzo
verb 5



Firewall Rules:
# Replace 1194 with your OpenVPN port number:
iptables -I INPUT 1 -p tcp --dport 1194 -j ACCEPT
iptables -I INPUT 1 -p udp --dport 1194 -j ACCEPT

# Replace 192.168.1.0/24 with your OpenVPN server subnet:
iptables -I FORWARD 1 --source 192.168.1.0/24 -j ACCEPT

# These next two lines may or may not be necessary.
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT

[Sash]

data and time check (ntp)!

[myatix]

Hi Sash,

The routers time is set correctly as is the clients... Both use the same ntp servers to set the time so I cannot see that this is the issue???

Any other ideas greatly appritiated!

Thanks...

[jaisal]

[sabidabi]