Posted: Wed Oct 10, 2012 0:32 Post subject: No OpenVPN on Buffalo WHR-300HP??
I was at Fry's today to get a router to run DD-WRT on for my office. I was going to grab a D-Link DI-615, but the clerk suggested I try one of the new Buffalo routers that come with DD-WRT pre-installed.
I bought it. Unfortunately the build of DD-WRT they have pre-installed doesn't seem to come with OpenVPN support (this was the main reason I bought the router). This is particularly odd, since their press release for these routers touted their OpenVPN support.
I tried downloading the firmware they had on their website, but I got an "Upgrade Failed" almost immediately.
Is this the same as a WHR-HP300GN that is listed in the router database?
Can I just flash that firmware?
I apologize if this is the wrong forum for this question..
Posted: Wed Oct 10, 2012 2:04 Post subject: Loaded a build, but still no vpn
After a bunch of fooling around, I managed to load the recommended build from the router database (was a "multi" build). Came up fine, but still no OpenVPN.
There doesn't seem to be any "vpn" builds specifically for that router. Does it not have enough flash or something?
Posted: Fri Oct 12, 2012 19:22 Post subject: Switched to a Linksys E2500, got it to work after much pain.
I guessed there wasn't enough flash. I bricked the buffalo router anyway (never responds to a ping) trying to install one of the vpn jffs builds. I'll make a jtag cable sometime and try to get it up and running again.
I bought a Linksys/Cisco e2500 at Frys (8mb flash) and got that to work. I installed the nv60K OpenVPN build from BrainSlayers 7/20/2012 broadcom_K26 directory:
I had the dreaded tls handshaking problem, but found that I could get it to talk if I put
tls-cipher EDH-RSA-DES-CBC3-SHA
on both the router and the client. This was suggested in one of the posts from renatopi on the bug tracker entry #2536.
I couldn't use the GUI setup directly either, because you couldn't set the netmask and have it stick. I used the GUI setup, logged in to the router with SSH, copied the GUI config file from /tmp/openvpn, and pasted it into the config section after I changed the netmask to 255.255.255.0
I'm not sure why you need the second INPUT statement, but I couldn't get it to route data without that.
The third statement lets the vpn traffic go anywhere
The fourth lets lan and wireless traffic go to the vpn
I'm not an iptables expert. Hopefully I haven't opened any gaping holes in the firewall here, but this was the most restrictive set of rules I could use and still have stuff work.
Posted: Sun Dec 30, 2012 0:28 Post subject: LOTS of flash ... simply not supported :( !?
Sash wrote:
no flash space for it
Bogus. The WHR-300HP seems to have 64k of flash... unfortunately it doesn't seem to be "properly" supported. I flashed mine with the WHR-HP-G300N v2 image, but there isn't an image for that older product with openVPN support, so I don't seem to have gained much over the stock buffalo/dd-wrt image.
It seems like it WOULD be a good little device if properly supported.