Posted: Mon Mar 21, 2011 16:11 Post subject: OpenVPN client
Good luck running OpenVPN on the WNDR3700. It connects briefly, but then locks up, and does this consistently.
I'm trying to run openvpncl and I'm seeing this behavior on a WNDR3700 v2. I'm able to connect successfully then after a few minutes the connection dies, however OpenVPN is still running. The only way to get it working again is to killall openvpn then re-run it.
Im just about ready to give up on this little critter of a router. How come E3000, WRT610N, WRT160N, WRT320N and E2000, (27 of them to be exact) don't give ANY issues at all whatsoever with the openvpn settings I have (they all connect to the same openvpn server on a colocated server),
And this wndr3700, both v1 and v2, with any build I throw at it, promptly disconnects the moment I send any real upload packets through it (upload meaning traffic going out from ddwrt to the internet).
I tried any and all MSSFIX, TUN-MTU and FRAGMENT settings known to man, even going as far as lowering fragment to 1000 when tun-mtu is 1500, on both server and client, enabling complzo, disabling it, mtu-disc, fast-io,
my conclusion is it's either impossible or sheet simple (pun intended) and I'm just missing it. I doubt that I am.
Having a similar issue here. I've a WNDR3700 as the OpenVPN server and the connection is totally unstable.
OpenVPN server = WNDR3700 running build 16214
OpenVPN client = Have tried both my laptop with OpenVPN Win32 V2.1.4 and DD-WRT v24-sp2 (04/09/11) vpn-small - build 16758M NEWD Eko on a WGR614L.
I'm using bridge mode.
I've a Windows Home Server as my test target attached to the LAN side of the WNDR3700 and I never managed to download more than the first 200KB or so off a 1MB test file.
Traceroute (or tracert on windows) from the client side shows traffic is intermittently routed through the internet interface rather than the VPN. Ping intermittently times out or "destination unreachable".
I've played around with the fragmentation and mssfix settings but neither of them gave me any improvement.
I have the same issue here, a WNDR3700 V2 running the latest version of DD-WRT.
But I believe the problem is not only located in the OpenVPN part. When I create an SSH connection from the outside to the router the behaviour is completely similar. From the moment larger block of data has to be transferred through an SSH tunnel, the connection locks up.
I have tried a lot of different settings but nothing seems to work
Indeed. Ive dabbled in it, installed several builds and it seems to work well, only thing is the iptables and routing seems to be infinitely more complex than dd-wrt, so, still a project in the making.
The issue however is that I have 32 (now) routers using dd-wrt, all of them linksys, and I wouldnt want to throw my support staff a curveball.
Its gotten to the point where Id be willing to pay NewMedia-NET to fix it.
Many thanks to Brainslayers kind assistance, here is the status report:
1. OpenVPN seems is NOT the cuplrit, nor it seems, is mssfix, tun-mtu or fragment.
Quite by chance, I needed to separate my DSL modem and the router, so I decided to use ath1 as a Client to the DSL modem, and ath0 as the home gateway at 2.4 ghz. I chose 5ghz since there would be minimal if any interference. (Don't see any other APs at 5ghz at the moment in my immediate area).
I connected as usual, minus the LAN cable connecting to the Internet yellow LAN port on the back of wndr3700.
Eureka. It does not disconnect at all. I uploaded many megabytes just to be sure, and for a good half an hour. No problem. I was not able to recreate the issue when connected to WAN via Wireless.
I proceeded to use the same config I have on my linksys routers (no tun-mtu, fragment or mssfix settings, nor comp-lzo, using BF-CBC encryption). No problem at all!
I can safely say it's 90% a certainty that the culprit is the switch chip, (again, thanks Brainslayer). I will continue to analyze and report back.
If any other users are following this, could you please check on your setup and see if this is the same for you?
Actually, something that would really help is, if you're running linux on a client computer (the build I am using for DD-WRT does not have tcpdump installed), would be for you to, once connected via LAN, so you can recreate the disconnection issue, to run:
sudo tcpdump -i $dev -vvv > dump.txt
Replace $dev with whatever your interface is called that is getting the traffic directly from wndr3700v2.
In my case for example, its
sudo tcpdump -i eth1 -vvv > dump.txt
(sudo is only necessary if you are not using root rights. on some systems replace sudo with su)
In my experience, lockups ONLY occur when trying to upload, so, go to speedtest dot net or try to upload a file to a webserver or sftp you might have like Dropbox for example. Caveat: It NEEDS to be in the outside network (internet), otherwise it won't disconnect.
Once it locks up, Ctrl+C the dump, and attach dump.txt to this thread.
Remember, you need to be connected to the internet gateway (DSL Modem, etc) via LAN to the yellow LAN port to recreate the problem. If you connect wirelessly, you will have no issues.