OpenVPN Connects but cant see networks.

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
larva_pro
DD-WRT Novice


Joined: 29 Jun 2006
Posts: 39
PostPosted: Fri Mar 07, 2014 3:57    Post subject: OpenVPN Connects but cant see networks. Reply with quote
Hello, i been trying to setup OpenVPN server in my ddwrt. I'm a compleate noob regarding OpenVPN.

Im using Netgear WNDR3700 v2 with Firmware: DD-WRT v24-sp2 (06/14/11) std build 17201.

Right now the rotuer does detect the external client.And the client acquires IP. but im not able to interact across networks. Cant ping, can see computers etc.

This is my current configuration in the Router.
Local LAN Default 192.168.1.0

Code:
OpenVPN Server/Daemon
Start OpenVPN Server  ENABLE
Start Type WAN Up
Config via GUI  Config File
Server mode Router (TUN)
Network  192.168.10.0
Netmask  255.255.255.0
Port      1194
Tunnel Protocol UDP
Encryption Cipher  BLOWFISH CBD
Hash Algorithm  sha1

Aditional Configuration

push "route 192.168.1.0 255.255.255.0"
push "route 192.168.10.0 255.255.255.0"
push "dhcp-option DNS 192.168.10.1"
server 192.168.10.0 255.255.255.0

dev tun0
proto udp
keepalive 10 120
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem

Firewall Rules
iptables -I INPUT 1 -p udp --dport 1194 -j ACCEPT
iptables -I FORWARD 1 --source 192.168.10.0/24 -j ACCEPT
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT


All this was compiled from different tutorial that i found in the internet

if any one could let me in the right direction, that would be awesome.

Thanks for your time.
_________________
If you like how your Router Runs whit a firmware based on linux,, Try to Use A whole Linux in Your Computer, Like OpenSUSE It's Great. Very Happy

Last edited by larva_pro on Fri Mar 07, 2014 5:28; edited 2 times in total
Back to top View user's profile Send private message
Sponsor
larva_pro
DD-WRT Novice


Joined: 29 Jun 2006
Posts: 39
PostPosted: Fri Mar 07, 2014 5:24    Post subject: Reply with quote
I want to add.

I also noticed that the TAP network adapter "Client"

is not acquiring Gateway and the network is undefined.

this is the log of the client once it connects.

Code:
Thu Mar 06 21:23:45 2014 OpenVPN 2.3.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Aug 22 2013
Thu Mar 06 21:23:45 2014 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Thu Mar 06 21:23:45 2014 Need hold release from management interface, waiting...
Thu Mar 06 21:23:45 2014 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Thu Mar 06 21:23:45 2014 MANAGEMENT: CMD 'state on'
Thu Mar 06 21:23:45 2014 MANAGEMENT: CMD 'log all on'
Thu Mar 06 21:23:45 2014 MANAGEMENT: CMD 'hold off'
Thu Mar 06 21:23:45 2014 MANAGEMENT: CMD 'hold release'
Thu Mar 06 21:23:46 2014 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Mar 06 21:23:46 2014 MANAGEMENT: >STATE:1394169826,RESOLVE,,,
Thu Mar 06 21:23:46 2014 UDPv4 link local: [undef]
Thu Mar 06 21:23:46 2014 UDPv4 link remote: [AF_INET]108.83.77.212:1194
Thu Mar 06 21:23:46 2014 MANAGEMENT: >STATE:1394169826,WAIT,,,
Thu Mar 06 21:23:46 2014 MANAGEMENT: >STATE:1394169826,AUTH,,,
Thu Mar 06 21:23:46 2014 TLS: Initial packet from [AF_INET]108.83.77.212:1194, sid=10bf50f7 7d55fe54
Thu Mar 06 21:23:49 2014 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=OpenVPN, CN=UltimaVPN-CA, emailAddress=mail@host.domain
Thu Mar 06 21:23:49 2014 VERIFY OK: nsCertType=SERVER
Thu Mar 06 21:23:49 2014 VERIFY OK: depth=0, C=US, ST=CA, O=OpenVPN, CN=Server, emailAddress=mail@host.domain
Thu Mar 06 21:23:50 2014 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1542', remote='link-mtu 1541'
Thu Mar 06 21:23:50 2014 WARNING: 'comp-lzo' is present in local config but missing in remote config, local='comp-lzo'
Thu Mar 06 21:23:50 2014 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Mar 06 21:23:50 2014 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Mar 06 21:23:50 2014 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Mar 06 21:23:50 2014 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Mar 06 21:23:50 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Mar 06 21:23:50 2014 [Server] Peer Connection Initiated with [AF_INET]108.83.77.212:1194
Thu Mar 06 21:23:51 2014 MANAGEMENT: >STATE:1394169831,GET_CONFIG,,,
Thu Mar 06 21:23:52 2014 SENT CONTROL [Server]: 'PUSH_REQUEST' (status=1)
Thu Mar 06 21:23:55 2014 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway 192.168.1.1,route 192.168.1.0 255.255.255.0,route 192.168.10.0 255.255.255.0,dhcp-option DNS 192.168.10.1,route-gateway 192.168.10.1,topology subnet,ping 10,ping-restart 120,ifconfig 192.168.10.2 255.255.255.0'
Thu Mar 06 21:23:55 2014 Options error: unknown --redirect-gateway flag: 192.168.1.1
Thu Mar 06 21:23:55 2014 OPTIONS IMPORT: timers and/or timeouts modified
Thu Mar 06 21:23:55 2014 OPTIONS IMPORT: --ifconfig/up options modified
Thu Mar 06 21:23:55 2014 OPTIONS IMPORT: route options modified
Thu Mar 06 21:23:55 2014 OPTIONS IMPORT: route-related options modified
Thu Mar 06 21:23:55 2014 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Mar 06 21:23:55 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Mar 06 21:23:55 2014 MANAGEMENT: >STATE:1394169835,ASSIGN_IP,,192.168.10.2,
Thu Mar 06 21:23:55 2014 open_tun, tt->ipv6=0
Thu Mar 06 21:23:55 2014 TAP-WIN32 device [Local Area Connection 3] opened: \\.\Global\{91E27E7D-E420-49B0-95DA-D460CD018AC7}.tap
Thu Mar 06 21:23:55 2014 TAP-Windows Driver Version 9.9
Thu Mar 06 21:23:55 2014 Set TAP-Windows TUN subnet mode network/local/netmask = 192.168.10.0/192.168.10.2/255.255.255.0 [SUCCEEDED]
Thu Mar 06 21:23:55 2014 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.10.2/255.255.255.0 on interface {91E27E7D-E420-49B0-95DA-D460CD018AC7} [DHCP-serv: 192.168.10.254, lease-time: 31536000]
Thu Mar 06 21:23:55 2014 Successful ARP Flush on interface [24] {91E27E7D-E420-49B0-95DA-D460CD018AC7}
Thu Mar 06 21:24:00 2014 TEST ROUTES: 2/2 succeeded len=2 ret=1 a=0 u/d=up
Thu Mar 06 21:24:00 2014 MANAGEMENT: >STATE:1394169840,ADD_ROUTES,,,
Thu Mar 06 21:24:00 2014 C:\Windows\system32\route.exe ADD 192.168.1.0 MASK 255.255.255.0 192.168.10.1
Thu Mar 06 21:24:00 2014 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Thu Mar 06 21:24:00 2014 Route addition via IPAPI succeeded [adaptive]
Thu Mar 06 21:24:00 2014 C:\Windows\system32\route.exe ADD 192.168.10.0 MASK 255.255.255.0 192.168.10.1
Thu Mar 06 21:24:00 2014 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Thu Mar 06 21:24:00 2014 Route addition via IPAPI succeeded [adaptive]
Thu Mar 06 21:24:00 2014 Initialization Sequence Completed
Thu Mar 06 21:24:00 2014 MANAGEMENT: >STATE:1394169840,CONNECTED,SUCCESS,192.168.10.2,108.83.77.212

_________________
If you like how your Router Runs whit a firmware based on linux,, Try to Use A whole Linux in Your Computer, Like OpenSUSE It's Great. Very Happy
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum