OpenVPN or PPTP server in 19342 or later?

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Author Message
iLac
DD-WRT Novice


Joined: 22 Dec 2010
Posts: 45

PostPosted: Mon Jan 28, 2013 1:10    Post subject: OpenVPN or PPTP server in 19342 or later? Reply with quote
Hi,
In the model-specific thread I learnt that my VPN issues are unlikely to be model-specific after all, so I could have dared to post it here in the first place.
http://www.dd-wrt.com/phpBB2/viewtopic.php?p=736784#736784

Sticking to the wiki for my Linksys E900, I currently have eko's 19342 big. Are the VPN servers supposed to work there? If not, is there a newer version where they are?

Of course, I could easily have got the setup wrong, this would be my first VPN server. (The whole point of the router and DD-WRT, by the way.)

Thanks!
Sponsor
iLac
DD-WRT Novice


Joined: 22 Dec 2010
Posts: 45

PostPosted: Mon Jan 28, 2013 15:44    Post subject: Re: OpenVPN or PPTP server in 19342 or later? Reply with quote
iLac wrote:
Of course, I could easily have got the setup wrong, this would be my first VPN server. (The whole point of the router and DD-WRT, by the way.)


I did follow the PPTP VPN server wiki. Please let me know if any of that is out of date for the 19342 big build, or Mountain Lion. (I did try different things about encryption on either end, but I could not get PPTP VPN working anyway.)
http://www.dd-wrt.com/wiki/index.php/PPTP_Server_Configuration

By the way, the Mac OS VPN client complains about communication problems, if this helps anyone. (So it is not an authentication issue, e.g.. Though I was worried that I somehow misunderstand Krikkit's comment from 2006: "The admin password of the router is inserted into chap-secrets by default!")

The router seems to be working fine now, I could get remote management going, and it also means I know my WAN IP, of course.

I am pasting a screenshot of settings -- is there anything else to do? (Apart from turning off encryption for the mac client, or running the force-encryption command on the router?)
Sash
DD-WRT Guru


Joined: 20 Sep 2006
Posts: 17379
Location: Hesse/Germany

PostPosted: Mon Jan 28, 2013 18:28    Post subject: Reply with quote
read:
_________________
GEGEN die EEG-UMLAGE auf EIGENVERBRAUCH!
_________________
Forum Guidelines...How to get help
&
Forum Rules
&
RTFM/STFW
&
Throw some buzzwords into the WIKI search Exclamation
_________________
I'm NOT rude, just offer pure facts!
_________________
Atheros (TP-Link & Clones, etc ) debrick service in EU
_________________
Guide on HowTo be Safe, Secure and Protect Your Online Anonymity!
iLac
DD-WRT Novice


Joined: 22 Dec 2010
Posts: 45

PostPosted: Mon Jan 28, 2013 18:52    Post subject: Reply with quote
Sash wrote:
read:


Sure you are not.

I am sorry I couldn't help you more helping me. Google "Knightian uncertainty" or Rumsfeldian unknown unknowns. Or see http://en.wikipedia.org/wiki/Curse_of_knowledge

I followed many/most posting guidelines, and guess what, lost a weekend reading the fucking manual and searching the fucking web.

I am also sorry that the manual and the wikis did not produce the result I expected. That's why I posted my question, with the model number and the build.

Plus I even had a pretty concrete question, as somebody simply said the VPN servers don't work in these later builds while I cannot put older ones on the router. I could not confirm this though.

Thanks again, I still hope I'll find something.
Sash
DD-WRT Guru


Joined: 20 Sep 2006
Posts: 17379
Location: Hesse/Germany

PostPosted: Mon Jan 28, 2013 21:07    Post subject: Reply with quote
as always. when somthing doenst work: UPGRADE!
_________________
GEGEN die EEG-UMLAGE auf EIGENVERBRAUCH!
_________________
Forum Guidelines...How to get help
&
Forum Rules
&
RTFM/STFW
&
Throw some buzzwords into the WIKI search Exclamation
_________________
I'm NOT rude, just offer pure facts!
_________________
Atheros (TP-Link & Clones, etc ) debrick service in EU
_________________
Guide on HowTo be Safe, Secure and Protect Your Online Anonymity!
Vaako
DD-WRT User


Joined: 10 Jun 2009
Posts: 246

PostPosted: Mon Jan 28, 2013 21:18    Post subject: Reply with quote
I also had trouble getting it to work on an D-Link DIR-615 read here:
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=164588&highlight=&sid=6917361e899252823106f3dbd2de77a1
But on ASUS RT-N16 it works perfect even on an old WRT54GL v1.1 Cool

Try 0.0.0.0 as server IP.

_________________
Regards,
Vaako

1x Netgear R7000 Nighthawk DD-WRT DD-WRT v24-sp2 (02/04/14) std (SVN revision 23503)
1x Ubiquiti RouterStation Pro DD-WRT v24-sp2 (12/24/13) std (SVN revision 23204)
1x Asus RT-N16 SVN revision 20675 NEWD-2 K2.6
1x Linksys E4200 v24-sp2 (12/24/13) mega NEWD-2 K3.x (SVN revision 23204)
1x Buffalo WZR-HP-G300NH B0 B0 Gargoyle FW
1x Linksys WRT600N v1.1 (Bricked)
1x Linksys WRT54GL v1.1 (DD-WRT)
1x Linksys WRT54GS v2.2 (DD-WRT)
1x Linksys RVS4000 (stock fw)
3x D-Link DWL-7100AP (openWRT)
2x TP-Link TL-WA801ND (Bridge mode) 100mW TX-Power
Asus WL-520GU SVN 16403M NEWD-2 Eko std-nokaid
4x Fonera with Gargoyle FW
iLac
DD-WRT Novice


Joined: 22 Dec 2010
Posts: 45

PostPosted: Mon Jan 28, 2013 23:32    Post subject: Reply with quote
Thanks!

By the way, I wrote up a more detailed log of my attempt at an OpenVPN configuration for review at the Tunnelblick discussion forum, in case anyone is interested: https://groups.google.com/d/topic/tunnelblick-discuss/HvICscXvaLY/discussion


Last edited by iLac on Tue Jan 29, 2013 16:47; edited 1 time in total
iLac
DD-WRT Novice


Joined: 22 Dec 2010
Posts: 45

PostPosted: Tue Jan 29, 2013 16:22    Post subject: Reply with quote
iLac wrote:
By the way, I wrote up a more detailed log of my attempt at an OpenVPN configuration for review at the Tunnelblick discussion forum, in case anyone is interested.


I only forgot the link: https://groups.google.com/d/topic/tunnelblick-discuss/HvICscXvaLY/discussion

In any case, the simple TCP handshake is not going through (I can paste Tunnelblick links below). Could anyone comment on whether TCP OpenVPN worked for you in build 19342?

Tunnelblick log wrote:

2013-01-29 11:15:07 *Tunnelblick: openvpnstart starting OpenVPN:
* /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn --cd /Library/Application Support/Tunnelblick/Shared/seim.tblk/Contents/Resources --daemon --management 127.0.0.1 1337 --config /Library/Application Support/Tunnelblick/Shared/seim.tblk/Contents/Resources/config.ovpn --log /Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-Sseim.tblk-SContents-SResources-Sconfig.ovpn.1_0_3_0_370.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up "/Library/Application Support/Tunnelblick/Shared/seim.tblk/Contents/Resources/up.tunnelblick.sh" -m -w -d -a -f -atADGNWradsgnw --down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -a -f -atADGNWradsgnw --up-restart
2013-01-29 11:15:08 OpenVPN 2.2.1 i386-apple-darwin10.8.0 [SSL] [LZO2] [PKCS11] [eurephia] built on Oct 20 2012
2013-01-29 11:15:08 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2013-01-29 11:15:08 Need hold release from management interface, waiting...
2013-01-29 11:15:08 MANAGEMENT: Client connected from 127.0.0.1:1337
2013-01-29 11:15:08 MANAGEMENT: CMD 'pid'
2013-01-29 11:15:08 MANAGEMENT: CMD 'state on'
2013-01-29 11:15:08 MANAGEMENT: CMD 'state'
2013-01-29 11:15:08 MANAGEMENT: CMD 'bytecount 1'
2013-01-29 11:15:08 MANAGEMENT: CMD 'hold release'
2013-01-29 11:15:08 *Tunnelblick: Established communication with OpenVPN
2013-01-29 11:15:08 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2013-01-29 11:15:08 LZO compression initialized
2013-01-29 11:15:08 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
2013-01-29 11:15:08 Socket Buffers: R=[131072->65536] S=[131072->65536]
2013-01-29 11:15:08 MANAGEMENT: >STATE:1359476108,RESOLVE,,,
2013-01-29 11:15:08 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
2013-01-29 11:15:08 Local Options hash (VER=V4): '31fdf004'
2013-01-29 11:15:08 Expected Remote Options hash (VER=V4): '3e6d1056'
2013-01-29 11:15:08 Attempting to establish TCP connection with 83.251.117.191:1194 [nonblock]
2013-01-29 11:15:08 MANAGEMENT: >STATE:1359476108,TCP_CONNECT,,,
2013-01-29 11:15:09 TCP: connect to SERVERIP:1194 failed, will try again in 5 seconds: Connection refused
2013-01-29 11:15:14 MANAGEMENT: >STATE:1359476114,RESOLVE,,,
2013-01-29 11:15:14 MANAGEMENT: >STATE:1359476114,TCP_CONNECT,,,
2013-01-29 11:15:15 TCP: connect to SERVERIP:1194 failed, will try again in 5 seconds: Connection refused
2013-01-29 11:15:20 MANAGEMENT: >STATE:1359476120,RESOLVE,,,
2013-01-29 11:15:20 MANAGEMENT: >STATE:1359476120,TCP_CONNECT,,,
2013-01-29 11:15:21 TCP: connect to SERVERIP:1194 failed, will try again in 5 seconds: Connection refused
2013-01-29 11:15:26 MANAGEMENT: >STATE:1359476126,RESOLVE,,,
2013-01-29 11:15:26 MANAGEMENT: >STATE:1359476126,TCP_CONNECT,,,
2013-01-29 11:15:27 TCP: connect to SERVER:1194 failed, will try again in 5 seconds: Connection refused
2013-01-29 11:15:30 *Tunnelblick: Disconnecting; Disconnect button pressed
2013-01-29 11:15:30 *Tunnelblick: Disconnecting using 'killall'
2013-01-29 11:15:30 SIGTERM[hard,init_instance] received, process exiting
2013-01-29 11:15:30 MANAGEMENT: >STATE:1359476130,EXITING,init_instance,,


Last edited by iLac on Tue Jan 29, 2013 16:47; edited 1 time in total
iLac
DD-WRT Novice


Joined: 22 Dec 2010
Posts: 45

PostPosted: Tue Jan 29, 2013 16:45    Post subject: Reply with quote
And if this helps, the router's incoming log shows the TCP connection accepted.

Sorry for not sharing this information before.
iLac
DD-WRT Novice


Joined: 22 Dec 2010
Posts: 45

PostPosted: Tue Jan 29, 2013 16:52    Post subject: Reply with quote
Vaako wrote:
I also had trouble getting it to work on an D-Link DIR-615 read here:
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=164588&highlight=&sid=6917361e899252823106f3dbd2de77a1
But on ASUS RT-N16 it works perfect even on an old WRT54GL v1.1 Cool

Try 0.0.0.0 as server IP.


Vaako, I tried the server IP (and no encryption, and it still does not work). Is there a better build where it should? (And any views on OpenVPN? My TCP handshake does not go through either.)
iLac
DD-WRT Novice


Joined: 22 Dec 2010
Posts: 45

PostPosted: Tue Jan 29, 2013 21:01    Post subject: Reply with quote
We can close this thread. Other people had issues with OpenVPN in this build anyway — and I could get PPTP working on a newer build, DD-WRT v24-sp2 (01/24/13) mini.

The network is surprisingly slow, but maybe this is what I can expect from a home router on a residential ISP a continent away.

Thanks for bearing with me.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum