BUFFALO AirStation N300 (WHR-300HP2D) - OpenVPN ??

This forum is for all inquiries relating to the installation of OpenVPN from source and with binaries.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
Post Reply
wickiman
OpenVpn Newbie
Posts: 1
Joined: Thu Mar 12, 2015 11:24 pm

BUFFALO AirStation N300 (WHR-300HP2D) - OpenVPN ??

Post by wickiman » Sat Mar 28, 2015 4:54 am

Hello OpenVPN Experts,

I have purchased the BUFFALO AirStation N300 Open Source DD-WRT (WHR-300HP2D).
The Version I am running is 22750.

I got the PPTP VPN running and no issues. Now I started to try the openVPN.
I tried now for weeks to get openVPN running but I only can connect my phone or my laptop via mobile hotspot, but I cannot reach my router or the internet.

The router is behind another router, connected via LAN - WAN. DMZ is activated for his IP.
The static WAN IP is 192.168.1.90. The internal IP is 192.168.11.1.
The VPN Server IP is 192.168.66.0.
The VPN Server is running as Server.

Here are some configurations and I hope somebody has tried to setup this router with openVPN.
Every Help is appreciated.

Open VPN Config:
push "route 192.168.11.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 192.168.66.1"
server 192.168.66.0 255.255.255.0

dev tun2
proto udp
keepalive 10 120
dh tmp/openvpn/dh.pem
cert tmp/openvpn/cert.pem
ca tmp/openvpn/ca.crt
key tmp/openvpn/key.pem


Firewall config:
iptables -I INPUT -p udp --dport 1194 -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.66.0/24 -j MASQUERADE
iptables -I FORWARD 1 --source 192.168.66.0/24 -j ACCEPT
iptables -I FORWARD -i br0 -o tun2 -j ACCEPT
iptables -I FORWARD -i tun2 -o br0 -j ACCEPT

I have attached the iptables (iptables -L -v -n) with and without Firewall. Connectivity to the Internet or router is the same: 0.
without firewall:

DD-WRT v24-sp2 std (c) 2013 NewMedia-NET GmbH
Release: 11/05/13 (SVN revision: 22750)

DD-WRT login: root
Password:
==========================================================

____ ___ __ ______ _____ ____ _ _
| _ \| _ \ \ \ / / _ \_ _| __ _|___ \| || |
|| | || ||____\ \ /\ / /| |_) || | \ \ / / __) | || |_
||_| ||_||_____\ V V / | _ < | | \ V / / __/|__ _|
|___/|___/ \_/\_/ |_| \_\|_| \_/ |_____| |_|

DD-WRT v24-sp2
http://www.dd-wrt.com

==========================================================


BusyBox v1.21.1 (2013-11-05 20:13:20 CET) built-in shell (ash)
Enter 'help' for a list of built-in commands.

root@DD-WRT:~# iptables -L -v -n --line-numbers
Chain INPUT (policy ACCEPT 89 packets, 8081 bytes)
num pkts bytes target prot opt in out source destination
1 70 11747 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1194
2 0 0 logdrop tcp -- vlan2 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080
3 0 0 logdrop tcp -- vlan2 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
4 0 0 logdrop tcp -- vlan2 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
5 0 0 logdrop tcp -- vlan2 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:69
6 0 0 logdrop tcp -- vlan2 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
7 2 120 logdrop tcp -- vlan2 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:23

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT 0 -- tun2 br0 0.0.0.0/0 0.0.0.0/0
2 0 0 ACCEPT 0 -- br0 tun2 0.0.0.0/0 0.0.0.0/0
3 0 0 ACCEPT 0 -- * * 192.168.66.0/24 0.0.0.0/0
4 33 8810 logaccept 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
5 8 4842 lan2wan 0 -- * * 0.0.0.0/0 0.0.0.0/0
6 0 0 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
7 0 0 logreject tcp -- br0 vlan2 0.0.0.0/0 0.0.0.0/0 WEBSTR match content 15
8 0 0 logaccept 0 -- br0 br0 0.0.0.0/0 0.0.0.0/0
9 8 4842 logaccept 0 -- br0 vlan2 0.0.0.0/0 0.0.0.0/0
10 0 0 TRIGGER 0 -- vlan2 br0 0.0.0.0/0 0.0.0.0/0 TRIGGER type:in match:0 relate:0
11 0 0 trigger_out 0 -- br0 * 0.0.0.0/0 0.0.0.0/0
12 0 0 logaccept 0 -- br0 * 0.0.0.0/0 0.0.0.0/0 state NEW

Chain OUTPUT (policy ACCEPT 104 packets, 12334 bytes)
num pkts bytes target prot opt in out source destination

Chain advgrp_1 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_10 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_2 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_3 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_4 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_5 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_6 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_7 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_8 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_9 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_1 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_10 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_2 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_3 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_4 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_5 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_6 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_7 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_8 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_9 (0 references)
num pkts bytes target prot opt in out source destination

Chain lan2wan (1 references)
num pkts bytes target prot opt in out source destination

Chain logaccept (4 references)
num pkts bytes target prot opt in out source destination
1 41 13652 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0

Chain logdrop (6 references)
num pkts bytes target prot opt in out source destination
1 2 120 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0

Chain logreject (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset

Chain trigger_out (1 references)
num pkts bytes target prot opt in out source destination
root@DD-WRT:~#

with firewall enabled:

DD-WRT v24-sp2 std (c) 2013 NewMedia-NET GmbH
Release: 11/05/13 (SVN revision: 22750)

DD-WRT login: root
Password:
==========================================================

____ ___ __ ______ _____ ____ _ _
| _ \| _ \ \ \ / / _ \_ _| __ _|___ \| || |
|| | || ||____\ \ /\ / /| |_) || | \ \ / / __) | || |_
||_| ||_||_____\ V V / | _ < | | \ V / / __/|__ _|
|___/|___/ \_/\_/ |_| \_\|_| \_/ |_____| |_|

DD-WRT v24-sp2
http://www.dd-wrt.com

==========================================================


BusyBox v1.21.1 (2013-11-05 20:13:20 CET) built-in shell (ash)
Enter 'help' for a list of built-in commands.

root@DD-WRT:~# iptables -L -v -n --line-numbers
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 787 122K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1194
2 1104 104K logaccept 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
3 0 0 logaccept tcp -- vlan2 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723
4 0 0 logaccept tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723
5 0 0 logaccept 47 -- * * 0.0.0.0/0 0.0.0.0/0
6 0 0 logaccept udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1194
7 0 0 logaccept 0 -- tun2 * 0.0.0.0/0 0.0.0.0/0
8 0 0 logdrop udp -- vlan2 * 0.0.0.0/0 0.0.0.0/0 udp dpt:520
9 0 0 logdrop udp -- br0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:520
10 0 0 logaccept udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:520
11 384 29351 logaccept 0 -- br0 * 0.0.0.0/0 0.0.0.0/0
12 0 0 logdrop icmp -- vlan2 * 0.0.0.0/0 0.0.0.0/0
13 0 0 logdrop 2 -- * * 0.0.0.0/0 0.0.0.0/0
14 0 0 ACCEPT 0 -- lo * 0.0.0.0/0 0.0.0.0/0 state NEW
15 0 0 logaccept 0 -- br0 * 0.0.0.0/0 0.0.0.0/0 state NEW
16 80 7918 logdrop 0 -- * * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT 0 -- tun2 br0 0.0.0.0/0 0.0.0.0/0
2 0 0 ACCEPT 0 -- br0 tun2 0.0.0.0/0 0.0.0.0/0
3 0 0 ACCEPT 0 -- * * 192.168.66.0/24 0.0.0.0/0
4 0 0 logaccept 47 -- * vlan2 192.168.11.0/24 0.0.0.0/0
5 0 0 logaccept tcp -- * vlan2 192.168.11.0/24 0.0.0.0/0 tcp dpt:1723
6 0 0 logaccept 0 -- tun2 * 0.0.0.0/0 0.0.0.0/0
7 0 0 logaccept 0 -- * tun2 0.0.0.0/0 0.0.0.0/0
8 3831 1845K logaccept 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
9 163 8690 lan2wan 0 -- * * 0.0.0.0/0 0.0.0.0/0
10 102 5284 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
11 0 0 logreject tcp -- br0 vlan2 0.0.0.0/0 0.0.0.0/0 WEBSTR match content 15
12 0 0 logaccept 0 -- br0 br0 0.0.0.0/0 0.0.0.0/0
13 163 8690 logaccept 0 -- br0 vlan2 0.0.0.0/0 0.0.0.0/0
14 0 0 TRIGGER 0 -- vlan2 br0 0.0.0.0/0 0.0.0.0/0 TRIGGER type:in match:0 relate:0
15 0 0 trigger_out 0 -- br0 * 0.0.0.0/0 0.0.0.0/0
16 0 0 logaccept 0 -- br0 * 0.0.0.0/0 0.0.0.0/0 state NEW
17 0 0 logdrop 0 -- * * 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT 198 packets, 22930 bytes)
num pkts bytes target prot opt in out source destination
1 1524 1291K logaccept 0 -- * br0 0.0.0.0/0 0.0.0.0/0

Chain advgrp_1 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_10 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_2 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_3 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_4 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_5 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_6 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_7 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_8 (0 references)
num pkts bytes target prot opt in out source destination

Chain advgrp_9 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_1 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_10 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_2 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_3 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_4 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_5 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_6 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_7 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_8 (0 references)
num pkts bytes target prot opt in out source destination

Chain grp_9 (0 references)
num pkts bytes target prot opt in out source destination

Chain lan2wan (1 references)
num pkts bytes target prot opt in out source destination

Chain logaccept (18 references)
num pkts bytes target prot opt in out source destination
1 535 38713 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 state NEW LOG flags 7 level 4 prefix `ACCEPT '
2 7006 3278K ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0

Chain logdrop (6 references)
num pkts bytes target prot opt in out source destination
1 66 6239 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 state NEW LOG flags 7 level 4 prefix `DROP '
2 14 1679 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 7 level 4 prefix `DROP '
3 80 7918 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0

Chain logreject (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 7 level 4 prefix `WEBDROP '
2 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset

Chain trigger_out (1 references)
num pkts bytes target prot opt in out source destination
root@DD-WRT:~#

My question is why I cannot reach the internet? What might be wrong with my connection?
What is blocking the Router to have a connecting with him or the Internet?

Thanks for your help.

Regards
Wickiman

chasatwill
OpenVpn Newbie
Posts: 1
Joined: Sun Apr 23, 2017 7:44 am

Re: BUFFALO AirStation N300 (WHR-300HP2D) - OpenVPN ??

Post by chasatwill » Sun Apr 23, 2017 7:49 am

Hate to dig up an old thread but I just piced one of these up myself and was getting a simiar error after settin up my Buffalo

Did you find out what was up?
Any help woud be appreciated

Post Reply