OpenVPN WZR-HP-G300NH V1 on Buffalo V19484

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
RangerZ
DD-WRT Novice


Joined: 24 Feb 2014
Posts: 24
PostPosted: Tue Sep 16, 2014 16:00    Post subject: OpenVPN WZR-HP-G300NH V1 on Buffalo V19484 Reply with quote
Hi

I am trying to configure a Buffalo WZR-HP-G300NH V1 running Buffalo DD_WRT v19484 with OpenVPN. I have been struggling with this for a week or so and not finding solutions in the existing posts.

I have install OpenVPN v2.3.4 on my XP SP3 laptop. I followed the Open VPN the Easy Way and some other suggestions and end up with the following log on the client side when I try to connect

Sat Sep 13 18:26:44 2014 OpenVPN 2.3.4 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Aug 7 2014
Sat Sep 13 18:26:44 2014 library versions: OpenSSL 1.0.1i 6 Aug 2014, LZO 2.05
Enter Management Password:
Sat Sep 13 18:26:46 2014 UDPv4 link local: [undef]
Sat Sep 13 18:26:46 2014 UDPv4 link remote: [AF_INET][WANIPGOESHERE]:1194
Sat Sep 13 18:26:46 2014 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Sat Sep 13 18:26:48 2014 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Sat Sep 13 18:26:52 2014 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Sat Sep 13 18:27:00 2014 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Sat Sep 13 18:27:16 2014 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Sat Sep 13 18:27:46 2014 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Sep 13 18:27:46 2014 TLS Error: TLS handshake failed
Sat Sep 13 18:27:46 2014 SIGUSR1[soft,tls-error] received, process restarting

I stuck a second router in between the cable modem and the primary router to act as a “fake” ISP for testing. The Primary router shows no activity under the Status=>OpenVPN tab. It does have the appropriate WAN IP from the Fake ISP

Services=>VPN Config: (NOTE PPTP is also enabled, but disabling it yields the same results)
OpenVPN Server - Enable
Start Type - System
Config via - Config File

Config Script
-------------------
mode server
proto udp
port 1194
dev tap0
server-bridge 192.168.1.1 255.255.255.0 192.168.1.45 192.168.1.49
# Gateway (VPN Server) Subnetmask Start-IP End-IP
keepalive 10 120
daemon
verb 5
client-to-client
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
management localhost 5001

Startup Script
--------------------
openvpn --mktun --dev tap0
brctl addif br0 tap0
ifconfig tap0 0.0.0.0 promisc up

Firewall Rules
--------------------
iptables -I FORWARD -i br1 -o br0 -m state --state NEW -j DROP
iptables -I FORWARD -i br0 -o br1 -m state --state NEW -j DROP
iptables -I INPUT -i br1 -m state --state NEW -j DROP
iptables -I INPUT -i br1 -p udp --dport 67 -j ACCEPT
iptables -I INPUT -i br1 -p udp --dport 53 -j ACCEPT
iptables -I INPUT -i br1 -p tcp --dport 53 -j ACCEPT
iptables -A INPUT -i tap0 -j ACCEPT
iptables -I INPUT -p udp --dport 1194 -j ACCEPT

I have a bridge running with a guest network, but this is no longer needed (if it's an issue) as I have setup a guest network on an AP. I tried adding br0 after the –I and –p in the last two rules but there was no difference.

To start, I do not understand what the connection reset by peer is trying to tell me, as I see no activity on the Primary Router rejecting this.

The OpenVPN network Connection shows as Network Cable Unplugged, however it appears from the OpenVPN instructions to be the correct "state" until the connection is established. (why not disconnected) I never see this change, and concerned this may be a problem.

Firewalls are on except for the Client OpenVPN. In the same area are all the connections protocols, and not sure which of these are needed, however they never seem to be discussed in any of the other posts. IPX is an issue for PPTP.

I have never tried to SSH to a router, and am not Linux friendly. I was a DOS user so command line does not scare me, but I would prefer to avoid it.

Goals
Connect my laptop to my home LAN for file browsing and Remote Desktop.
Connect my iPhone to my home LAN for file browsing
Secure access for both in remote public locations

Future Goals
Add DDNS and possibly a VPN for anonymous browsing FROM my LAN
Can I come in from my Laptop on the VPN server and go out on the VPN Client to a third party VPN service?
Back to top View user's profile Send private message
Sponsor
RangerZ
DD-WRT Novice


Joined: 24 Feb 2014
Posts: 24
PostPosted: Thu Sep 25, 2014 1:56    Post subject: Solved Reply with quote
I have solved the issue by resetting the router and reconfiguring OpenVPN without the Bridge, Guest Network or QOS. It is working as a basic router.
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum