Sticking to the wiki for my Linksys E900, I currently have eko's 19342 big. Are the VPN servers supposed to work there? If not, is there a newer version where they are?
Of course, I could easily have got the setup wrong, this would be my first VPN server. (The whole point of the router and DD-WRT, by the way.)
Posted: Mon Jan 28, 2013 15:44 Post subject: Re: OpenVPN or PPTP server in 19342 or later?
iLac wrote:
Of course, I could easily have got the setup wrong, this would be my first VPN server. (The whole point of the router and DD-WRT, by the way.)
I did follow the PPTP VPN server wiki. Please let me know if any of that is out of date for the 19342 big build, or Mountain Lion. (I did try different things about encryption on either end, but I could not get PPTP VPN working anyway.)
http://www.dd-wrt.com/wiki/index.php/PPTP_Server_Configuration
By the way, the Mac OS VPN client complains about communication problems, if this helps anyone. (So it is not an authentication issue, e.g.. Though I was worried that I somehow misunderstand Krikkit's comment from 2006: "The admin password of the router is inserted into chap-secrets by default!")
The router seems to be working fine now, I could get remote management going, and it also means I know my WAN IP, of course.
I am pasting a screenshot of settings -- is there anything else to do? (Apart from turning off encryption for the mac client, or running the force-encryption command on the router?)
I followed many/most posting guidelines, and guess what, lost a weekend reading the fucking manual and searching the fucking web.
I am also sorry that the manual and the wikis did not produce the result I expected. That's why I posted my question, with the model number and the build.
Plus I even had a pretty concrete question, as somebody simply said the VPN servers don't work in these later builds while I cannot put older ones on the router. I could not confirm this though.
By the way, I wrote up a more detailed log of my attempt at an OpenVPN configuration for review at the Tunnelblick discussion forum, in case anyone is interested.
In any case, the simple TCP handshake is not going through (I can paste Tunnelblick links below). Could anyone comment on whether TCP OpenVPN worked for you in build 19342?
Tunnelblick log wrote:
2013-01-29 11:15:07 *Tunnelblick: openvpnstart starting OpenVPN:
* /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn --cd /Library/Application Support/Tunnelblick/Shared/seim.tblk/Contents/Resources --daemon --management 127.0.0.1 1337 --config /Library/Application Support/Tunnelblick/Shared/seim.tblk/Contents/Resources/config.ovpn --log /Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-Sseim.tblk-SContents-SResources-Sconfig.ovpn.1_0_3_0_370.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up "/Library/Application Support/Tunnelblick/Shared/seim.tblk/Contents/Resources/up.tunnelblick.sh" -m -w -d -a -f -atADGNWradsgnw --down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -f -atADGNWradsgnw --up-restart
2013-01-29 11:15:08 OpenVPN 2.2.1 i386-apple-darwin10.8.0 [SSL] [LZO2] [PKCS11] [eurephia] built on Oct 20 2012
2013-01-29 11:15:08 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2013-01-29 11:15:08 Need hold release from management interface, waiting...
2013-01-29 11:15:08 MANAGEMENT: Client connected from 127.0.0.1:1337
2013-01-29 11:15:08 MANAGEMENT: CMD 'pid'
2013-01-29 11:15:08 MANAGEMENT: CMD 'state on'
2013-01-29 11:15:08 MANAGEMENT: CMD 'state'
2013-01-29 11:15:08 MANAGEMENT: CMD 'bytecount 1'
2013-01-29 11:15:08 MANAGEMENT: CMD 'hold release'
2013-01-29 11:15:08 *Tunnelblick: Established communication with OpenVPN
2013-01-29 11:15:08 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2013-01-29 11:15:08 LZO compression initialized
2013-01-29 11:15:08 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
2013-01-29 11:15:08 Socket Buffers: R=[131072->65536] S=[131072->65536]
2013-01-29 11:15:08 MANAGEMENT: >STATE:1359476108,RESOLVE,,,
2013-01-29 11:15:08 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
2013-01-29 11:15:08 Local Options hash (VER=V4): '31fdf004'
2013-01-29 11:15:08 Expected Remote Options hash (VER=V4): '3e6d1056'
2013-01-29 11:15:08 Attempting to establish TCP connection with 83.251.117.191:1194 [nonblock]
2013-01-29 11:15:08 MANAGEMENT: >STATE:1359476108,TCP_CONNECT,,,
2013-01-29 11:15:09 TCP: connect to SERVERIP:1194 failed, will try again in 5 seconds: Connection refused
2013-01-29 11:15:14 MANAGEMENT: >STATE:1359476114,RESOLVE,,,
2013-01-29 11:15:14 MANAGEMENT: >STATE:1359476114,TCP_CONNECT,,,
2013-01-29 11:15:15 TCP: connect to SERVERIP:1194 failed, will try again in 5 seconds: Connection refused
2013-01-29 11:15:20 MANAGEMENT: >STATE:1359476120,RESOLVE,,,
2013-01-29 11:15:20 MANAGEMENT: >STATE:1359476120,TCP_CONNECT,,,
2013-01-29 11:15:21 TCP: connect to SERVERIP:1194 failed, will try again in 5 seconds: Connection refused
2013-01-29 11:15:26 MANAGEMENT: >STATE:1359476126,RESOLVE,,,
2013-01-29 11:15:26 MANAGEMENT: >STATE:1359476126,TCP_CONNECT,,,
2013-01-29 11:15:27 TCP: connect to SERVER:1194 failed, will try again in 5 seconds: Connection refused
2013-01-29 11:15:30 *Tunnelblick: Disconnecting; Disconnect button pressed
2013-01-29 11:15:30 *Tunnelblick: Disconnecting using 'killall'
2013-01-29 11:15:30 SIGTERM[hard,init_instance] received, process exiting
2013-01-29 11:15:30 MANAGEMENT: >STATE:1359476130,EXITING,init_instance,,
Last edited by iLac on Tue Jan 29, 2013 16:47; edited 1 time in total
Vaako, I tried the server IP (and no encryption, and it still does not work). Is there a better build where it should? (And any views on OpenVPN? My TCP handshake does not go through either.)
We can close this thread. Other people had issues with OpenVPN in this build anyway — and I could get PPTP working on a newer build, DD-WRT v24-sp2 (01/24/13) mini.
The network is surprisingly slow, but maybe this is what I can expect from a home router on a residential ISP a continent away.