OpenVPN and DD-WRT: connection but no web trafic

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
FTP
OpenVpn Newbie
Posts: 4
Joined: Sat Nov 03, 2018 10:07 pm

OpenVPN and DD-WRT: connection but no web trafic

Post by FTP » Sat Dec 08, 2018 5:13 pm

Hi,

I've setup an OpenVPN server on my DD-WRT router.
But when I try to connect on the router from the OpenVPN client of a laptop under Windows 10, it works, the client connects to the server, some trafic is working (like the TresorIt cloud sync), but I can't get any trafic for the web, I don't have access to my NAS on my local network and I don't have access to the shared folder too :roll:

Here are configs and logs...
  • My WAN IP address has been replaced by 82.0.0.0
  • The client IP address has been replaced by 37.0.0.0
  • My OpenVPN username has been replaced by MyUsername
Server
OpenVPN server of DD-WRT build 36995.

Config...
Image
Image

Firewall...

Code: Select all

iptables -I INPUT 1 -p udp --dport 1194 -j ACCEPT
iptables -t nat -I POSTROUTING -s 10.1.0.0/24 -o $(nvram get wan_iface) -j MASQUERADE
But I've tried several, among other this one...

Code: Select all

iptables -t nat -A POSTROUTING -s 10.1.0.0/24 -j MASQUERADE
iptables -I INPUT 1 -p udp -–dport 1194 -j ACCEPT
iptables -I FORWARD 1 –-source 10.1.0.0/24 -j ACCEPT
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
Log...

Code: Select all

Serverlog:
20181208 16:40:17 W WARNING: Using --management on a TCP port WITHOUT passwords is STRONGLY discouraged and considered insecure
20181208 16:40:17 I OpenVPN 2.4.6 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Sep 19 2018
20181208 16:40:17 I library versions: OpenSSL 1.1.1 11 Sep 2018 LZO 2.09
20181208 16:40:17 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:14
20181208 16:40:17 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20181208 16:40:17 Diffie-Hellman initialized with 2048 bit key
20181208 16:40:17 I TUN/TAP device tun2 opened
20181208 16:40:17 TUN/TAP TX queue length set to 100
20181208 16:40:17 D do_ifconfig tt->did_ifconfig_ipv6_setup=0
20181208 16:40:17 I /sbin/ifconfig tun2 10.1.0.1 netmask 255.255.255.0 mtu 1500 broadcast 10.1.0.255
20181208 16:40:17 Socket Buffers: R=[172032->172032] S=[172032->172032]
20181208 16:40:17 I UDPv4 link local (bound): [AF_INET][undef]:1194
20181208 16:40:17 I UDPv4 link remote: [AF_UNSPEC]
20181208 16:40:17 MULTI: multi_init called r=256 v=256
20181208 16:40:17 IFCONFIG POOL: base=10.1.0.2 size=252 ipv6=0
20181208 16:40:17 I ifconfig_pool_read() in='MyUsername 10.1.0.2' TODO: IPv6
20181208 16:40:17 I succeeded -> ifconfig_pool_set()
20181208 16:40:17 IFCONFIG POOL LIST
20181208 16:40:17 MyUsername 10.1.0.2
20181208 16:40:17 I Initialization Sequence Completed
20181208 16:40:30 37.0.0.0:21709 TLS: Initial packet from [AF_INET]37.0.0.0:21709 sid=f5b847ec 74e5fa49
20181208 16:40:31 37.0.0.0:21709 VERIFY OK: depth=1 C=FR ST=74 L=Location O=ET OU=changeme CN=OpenVPN-ET name=changeme emailAddress=MyEmail
20181208 16:40:31 37.0.0.0:21709 VERIFY OK: depth=0 C=FR ST=74 L=Location O=ET OU=changeme CN=MyUsername name=changeme emailAddress=MyEmail
20181208 16:40:31 I 37.0.0.0:21709 peer info: IV_VER=2.4.6
20181208 16:40:31 I 37.0.0.0:21709 peer info: IV_PLAT=win
20181208 16:40:31 I 37.0.0.0:21709 peer info: IV_PROTO=2
20181208 16:40:31 I 37.0.0.0:21709 peer info: IV_NCP=2
20181208 16:40:31 I 37.0.0.0:21709 peer info: IV_LZ4=1
20181208 16:40:31 I 37.0.0.0:21709 peer info: IV_LZ4v2=1
20181208 16:40:31 I 37.0.0.0:21709 peer info: IV_LZO=1
20181208 16:40:31 I 37.0.0.0:21709 peer info: IV_COMP_STUB=1
20181208 16:40:31 I 37.0.0.0:21709 peer info: IV_COMP_STUBv2=1
20181208 16:40:31 I 37.0.0.0:21709 peer info: IV_TCPNL=1
20181208 16:40:31 I 37.0.0.0:21709 peer info: IV_GUI_VER=OpenVPN_GUI_11
20181208 16:40:31 37.0.0.0:21709 Control Channel: TLSv1.2 cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 4096 bit RSA
20181208 16:40:31 I 37.0.0.0:21709 [MyUsername] Peer Connection Initiated with [AF_INET]37.0.0.0:21709
20181208 16:40:31 I MyUsername/37.0.0.0:21709 MULTI_sva: pool returned IPv4=10.1.0.2 IPv6=(Not enabled)
20181208 16:40:31 MyUsername/37.0.0.0:21709 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_01a461763fd38d62.tmp
20181208 16:40:31 MyUsername/37.0.0.0:21709 MULTI: Learn: 10.1.0.2 -> MyUsername/37.0.0.0:21709
20181208 16:40:31 MyUsername/37.0.0.0:21709 MULTI: primary virtual IP for MyUsername/37.0.0.0:21709: 10.1.0.2
20181208 16:40:32 MyUsername/37.0.0.0:21709 PUSH: Received control message: 'PUSH_REQUEST'
20181208 16:40:32 MyUsername/37.0.0.0:21709 SENT CONTROL [MyUsername]: 'PUSH_REPLY redirect-gateway def1 route 192.168.0.0 255.255.255.0 dhcp-option DNS 10.1.0.1 redirect-gateway def1 route-gateway 10.1.0.1 topology subnet ping 10 ping-restart 120 ifconfig 10.1.0.2 255.255.255.0 peer-id 0 cipher AES-256-GCM' (status=1)
20181208 16:40:32 MyUsername/37.0.0.0:21709 Data Channel: using negotiated cipher 'AES-256-GCM'
20181208 16:40:32 MyUsername/37.0.0.0:21709 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
20181208 16:40:32 MyUsername/37.0.0.0:21709 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
20181208 16:40:43 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:14
20181208 16:40:43 D MANAGEMENT: CMD 'state'
20181208 16:40:43 MANAGEMENT: Client disconnected
20181208 16:40:43 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:14
20181208 16:40:43 D MANAGEMENT: CMD 'state'
20181208 16:40:43 MANAGEMENT: Client disconnected
20181208 16:40:43 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:14
20181208 16:40:43 D MANAGEMENT: CMD 'state'
20181208 16:40:43 MANAGEMENT: Client disconnected
20181208 16:40:43 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:14
20181208 16:40:43 MANAGEMENT: Client disconnected
20181208 16:40:43 NOTE: --mute triggered...
20181208 16:40:43 1 variation(s) on previous 3 message(s) suppressed by --mute
20181208 16:40:43 D MANAGEMENT: CMD 'status 2'
20181208 16:40:43 MANAGEMENT: Client disconnected
20181208 16:40:43 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:14
20181208 16:40:43 D MANAGEMENT: CMD 'status 2'
20181208 16:40:43 MANAGEMENT: Client disconnected
20181208 16:40:43 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:14
20181208 16:40:43 D MANAGEMENT: CMD 'log 500'
Client
OpenVPN 2.4.6-I602 on Windows 10.

Config...
client
client
dev tun
remote 82.0.0.0 1194
proto udp
nobind
persist-key
persist-tun
resolv-retry infinite
verb 4
cipher AES-256-CBC
auth SHA256
auth-nocache

<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
...
-----END ENCRYPTED PRIVATE KEY-----
</key>


Log...

Code: Select all

Sat Dec 08 16:40:22 2018 us=669850 Current Parameter Settings:
Sat Dec 08 16:40:22 2018 us=670921   config = 'Home_VPN_MyUsername.ovpn'
Sat Dec 08 16:40:22 2018 us=670921   mode = 0
Sat Dec 08 16:40:22 2018 us=670921   show_ciphers = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   show_digests = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   show_engines = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   genkey = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   key_pass_file = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   show_tls_ciphers = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   connect_retry_max = 0
Sat Dec 08 16:40:22 2018 us=670921 Connection profiles [0]:
Sat Dec 08 16:40:22 2018 us=670921   proto = udp
Sat Dec 08 16:40:22 2018 us=670921   local = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   local_port = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   remote = '82.0.0.0'
Sat Dec 08 16:40:22 2018 us=670921   remote_port = '1194'
Sat Dec 08 16:40:22 2018 us=670921   remote_float = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   bind_defined = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   bind_local = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   bind_ipv6_only = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   connect_retry_seconds = 5
Sat Dec 08 16:40:22 2018 us=670921   connect_timeout = 120
Sat Dec 08 16:40:22 2018 us=670921   socks_proxy_server = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   socks_proxy_port = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   tun_mtu = 1500
Sat Dec 08 16:40:22 2018 us=670921   tun_mtu_defined = ENABLED
Sat Dec 08 16:40:22 2018 us=670921   link_mtu = 1500
Sat Dec 08 16:40:22 2018 us=670921   link_mtu_defined = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   tun_mtu_extra = 0
Sat Dec 08 16:40:22 2018 us=670921   tun_mtu_extra_defined = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   mtu_discover_type = -1
Sat Dec 08 16:40:22 2018 us=670921   fragment = 0
Sat Dec 08 16:40:22 2018 us=670921   mssfix = 1450
Sat Dec 08 16:40:22 2018 us=670921   explicit_exit_notification = 0
Sat Dec 08 16:40:22 2018 us=670921 Connection profiles END
Sat Dec 08 16:40:22 2018 us=670921   remote_random = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   ipchange = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   dev = 'tun'
Sat Dec 08 16:40:22 2018 us=670921   dev_type = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   dev_node = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   lladdr = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   topology = 1
Sat Dec 08 16:40:22 2018 us=670921   ifconfig_local = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   ifconfig_remote_netmask = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   ifconfig_noexec = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   ifconfig_nowarn = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   ifconfig_ipv6_local = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   ifconfig_ipv6_netbits = 0
Sat Dec 08 16:40:22 2018 us=670921   ifconfig_ipv6_remote = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   shaper = 0
Sat Dec 08 16:40:22 2018 us=670921   mtu_test = 0
Sat Dec 08 16:40:22 2018 us=670921   mlock = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   keepalive_ping = 0
Sat Dec 08 16:40:22 2018 us=670921   keepalive_timeout = 0
Sat Dec 08 16:40:22 2018 us=670921   inactivity_timeout = 0
Sat Dec 08 16:40:22 2018 us=670921   ping_send_timeout = 0
Sat Dec 08 16:40:22 2018 us=670921   ping_rec_timeout = 0
Sat Dec 08 16:40:22 2018 us=670921   ping_rec_timeout_action = 0
Sat Dec 08 16:40:22 2018 us=670921   ping_timer_remote = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   remap_sigusr1 = 0
Sat Dec 08 16:40:22 2018 us=670921   persist_tun = ENABLED
Sat Dec 08 16:40:22 2018 us=670921   persist_local_ip = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   persist_remote_ip = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   persist_key = ENABLED
Sat Dec 08 16:40:22 2018 us=670921   passtos = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   resolve_retry_seconds = 1000000000
Sat Dec 08 16:40:22 2018 us=670921   resolve_in_advance = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   username = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   groupname = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   chroot_dir = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   cd_dir = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   writepid = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   up_script = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   down_script = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=670921   down_pre = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   up_restart = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   up_delay = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   daemon = DISABLED
Sat Dec 08 16:40:22 2018 us=670921   inetd = 0
Sat Dec 08 16:40:22 2018 us=671914   log = ENABLED
Sat Dec 08 16:40:22 2018 us=671914   suppress_timestamps = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   machine_readable_output = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   nice = 0
Sat Dec 08 16:40:22 2018 us=671914   verbosity = 4
Sat Dec 08 16:40:22 2018 us=671914   mute = 0
Sat Dec 08 16:40:22 2018 us=671914   gremlin = 0
Sat Dec 08 16:40:22 2018 us=671914   status_file = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   status_file_version = 1
Sat Dec 08 16:40:22 2018 us=671914   status_file_update_freq = 60
Sat Dec 08 16:40:22 2018 us=671914   occ = ENABLED
Sat Dec 08 16:40:22 2018 us=671914   rcvbuf = 0
Sat Dec 08 16:40:22 2018 us=671914   sndbuf = 0
Sat Dec 08 16:40:22 2018 us=671914   sockflags = 0
Sat Dec 08 16:40:22 2018 us=671914   fast_io = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   comp.alg = 0
Sat Dec 08 16:40:22 2018 us=671914   comp.flags = 0
Sat Dec 08 16:40:22 2018 us=671914   route_script = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   route_default_gateway = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   route_default_metric = 0
Sat Dec 08 16:40:22 2018 us=671914   route_noexec = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   route_delay = 5
Sat Dec 08 16:40:22 2018 us=671914   route_delay_window = 30
Sat Dec 08 16:40:22 2018 us=671914   route_delay_defined = ENABLED
Sat Dec 08 16:40:22 2018 us=671914   route_nopull = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   route_gateway_via_dhcp = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   allow_pull_fqdn = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   management_addr = '127.0.0.1'
Sat Dec 08 16:40:22 2018 us=671914   management_port = '25340'
Sat Dec 08 16:40:22 2018 us=671914   management_user_pass = 'stdin'
Sat Dec 08 16:40:22 2018 us=671914   management_log_history_cache = 250
Sat Dec 08 16:40:22 2018 us=671914   management_echo_buffer_size = 100
Sat Dec 08 16:40:22 2018 us=671914   management_write_peer_info_file = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   management_client_user = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   management_client_group = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   management_flags = 6
Sat Dec 08 16:40:22 2018 us=671914   shared_secret_file = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   key_direction = not set
Sat Dec 08 16:40:22 2018 us=671914   ciphername = 'AES-256-CBC'
Sat Dec 08 16:40:22 2018 us=671914   ncp_enabled = ENABLED
Sat Dec 08 16:40:22 2018 us=671914   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Sat Dec 08 16:40:22 2018 us=671914   authname = 'SHA256'
Sat Dec 08 16:40:22 2018 us=671914   prng_hash = 'SHA1'
Sat Dec 08 16:40:22 2018 us=671914   prng_nonce_secret_len = 16
Sat Dec 08 16:40:22 2018 us=671914   keysize = 0
Sat Dec 08 16:40:22 2018 us=671914   engine = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   replay = ENABLED
Sat Dec 08 16:40:22 2018 us=671914   mute_replay_warnings = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   replay_window = 64
Sat Dec 08 16:40:22 2018 us=671914   replay_time = 15
Sat Dec 08 16:40:22 2018 us=671914   packet_id_file = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   use_iv = ENABLED
Sat Dec 08 16:40:22 2018 us=671914   test_crypto = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   tls_server = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   tls_client = ENABLED
Sat Dec 08 16:40:22 2018 us=671914   key_method = 2
Sat Dec 08 16:40:22 2018 us=671914   ca_file = '[[INLINE]]'
Sat Dec 08 16:40:22 2018 us=671914   ca_path = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   dh_file = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   cert_file = '[[INLINE]]'
Sat Dec 08 16:40:22 2018 us=671914   extra_certs_file = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   priv_key_file = '[[INLINE]]'
Sat Dec 08 16:40:22 2018 us=671914   pkcs12_file = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   cryptoapi_cert = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   cipher_list = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   tls_cert_profile = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   tls_verify = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   tls_export_cert = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   verify_x509_type = 0
Sat Dec 08 16:40:22 2018 us=671914   verify_x509_name = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   crl_file = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   ns_cert_type = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_ku[i] = 0
Sat Dec 08 16:40:22 2018 us=671914   remote_cert_eku = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   ssl_flags = 0
Sat Dec 08 16:40:22 2018 us=671914   tls_timeout = 2
Sat Dec 08 16:40:22 2018 us=671914   renegotiate_bytes = -1
Sat Dec 08 16:40:22 2018 us=671914   renegotiate_packets = 0
Sat Dec 08 16:40:22 2018 us=671914   renegotiate_seconds = 3600
Sat Dec 08 16:40:22 2018 us=671914   handshake_window = 60
Sat Dec 08 16:40:22 2018 us=671914   transition_window = 3600
Sat Dec 08 16:40:22 2018 us=671914   single_session = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   push_peer_info = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   tls_exit = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   tls_auth_file = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   tls_crypt_file = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_protected_authentication = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_private_mode = 00000000
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_cert_private = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_pin_cache_period = -1
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_id = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   pkcs11_id_management = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   server_network = 0.0.0.0
Sat Dec 08 16:40:22 2018 us=671914   server_netmask = 0.0.0.0
Sat Dec 08 16:40:22 2018 us=671914   server_network_ipv6 = ::
Sat Dec 08 16:40:22 2018 us=671914   server_netbits_ipv6 = 0
Sat Dec 08 16:40:22 2018 us=671914   server_bridge_ip = 0.0.0.0
Sat Dec 08 16:40:22 2018 us=671914   server_bridge_netmask = 0.0.0.0
Sat Dec 08 16:40:22 2018 us=671914   server_bridge_pool_start = 0.0.0.0
Sat Dec 08 16:40:22 2018 us=671914   server_bridge_pool_end = 0.0.0.0
Sat Dec 08 16:40:22 2018 us=671914   ifconfig_pool_defined = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   ifconfig_pool_start = 0.0.0.0
Sat Dec 08 16:40:22 2018 us=671914   ifconfig_pool_end = 0.0.0.0
Sat Dec 08 16:40:22 2018 us=671914   ifconfig_pool_netmask = 0.0.0.0
Sat Dec 08 16:40:22 2018 us=671914   ifconfig_pool_persist_filename = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=671914   ifconfig_pool_persist_refresh_freq = 600
Sat Dec 08 16:40:22 2018 us=671914   ifconfig_ipv6_pool_defined = DISABLED
Sat Dec 08 16:40:22 2018 us=671914   ifconfig_ipv6_pool_base = ::
Sat Dec 08 16:40:22 2018 us=671914   ifconfig_ipv6_pool_netbits = 0
Sat Dec 08 16:40:22 2018 us=672926   n_bcast_buf = 256
Sat Dec 08 16:40:22 2018 us=672926   tcp_queue_limit = 64
Sat Dec 08 16:40:22 2018 us=672926   real_hash_size = 256
Sat Dec 08 16:40:22 2018 us=672926   virtual_hash_size = 256
Sat Dec 08 16:40:22 2018 us=672926   client_connect_script = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=672926   learn_address_script = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=672926   client_disconnect_script = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=672926   client_config_dir = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=672926   ccd_exclusive = DISABLED
Sat Dec 08 16:40:22 2018 us=672926   tmp_dir = 'C:\Users\MyUsername\AppData\Local\Temp\'
Sat Dec 08 16:40:22 2018 us=672926   push_ifconfig_defined = DISABLED
Sat Dec 08 16:40:22 2018 us=672926   push_ifconfig_local = 0.0.0.0
Sat Dec 08 16:40:22 2018 us=672926   push_ifconfig_remote_netmask = 0.0.0.0
Sat Dec 08 16:40:22 2018 us=672926   push_ifconfig_ipv6_defined = DISABLED
Sat Dec 08 16:40:22 2018 us=672926   push_ifconfig_ipv6_local = ::/0
Sat Dec 08 16:40:22 2018 us=672926   push_ifconfig_ipv6_remote = ::
Sat Dec 08 16:40:22 2018 us=672926   enable_c2c = DISABLED
Sat Dec 08 16:40:22 2018 us=672926   duplicate_cn = DISABLED
Sat Dec 08 16:40:22 2018 us=672926   cf_max = 0
Sat Dec 08 16:40:22 2018 us=672926   cf_per = 0
Sat Dec 08 16:40:22 2018 us=672926   max_clients = 1024
Sat Dec 08 16:40:22 2018 us=672926   max_routes_per_client = 256
Sat Dec 08 16:40:22 2018 us=672926   auth_user_pass_verify_script = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=672926   auth_user_pass_verify_script_via_file = DISABLED
Sat Dec 08 16:40:22 2018 us=672926   auth_token_generate = DISABLED
Sat Dec 08 16:40:22 2018 us=672926   auth_token_lifetime = 0
Sat Dec 08 16:40:22 2018 us=672926   client = ENABLED
Sat Dec 08 16:40:22 2018 us=672926   pull = ENABLED
Sat Dec 08 16:40:22 2018 us=672926   auth_user_pass_file = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=672926   show_net_up = DISABLED
Sat Dec 08 16:40:22 2018 us=672926   route_method = 3
Sat Dec 08 16:40:22 2018 us=672926   block_outside_dns = DISABLED
Sat Dec 08 16:40:22 2018 us=672926   ip_win32_defined = DISABLED
Sat Dec 08 16:40:22 2018 us=672926   ip_win32_type = 3
Sat Dec 08 16:40:22 2018 us=672926   dhcp_masq_offset = 0
Sat Dec 08 16:40:22 2018 us=672926   dhcp_lease_time = 31536000
Sat Dec 08 16:40:22 2018 us=672926   tap_sleep = 0
Sat Dec 08 16:40:22 2018 us=672926   dhcp_options = DISABLED
Sat Dec 08 16:40:22 2018 us=672926   dhcp_renew = DISABLED
Sat Dec 08 16:40:22 2018 us=672926   dhcp_pre_release = DISABLED
Sat Dec 08 16:40:22 2018 us=672926   domain = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=672926   netbios_scope = '[UNDEF]'
Sat Dec 08 16:40:22 2018 us=672926   netbios_node_type = 0
Sat Dec 08 16:40:22 2018 us=672926   disable_nbt = DISABLED
Sat Dec 08 16:40:22 2018 us=672926 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Sat Dec 08 16:40:22 2018 us=672926 Windows version 6.2 (Windows 8 or greater) 64bit
Sat Dec 08 16:40:22 2018 us=672926 library versions: OpenSSL 1.1.0h  27 Mar 2018, LZO 2.10
Enter Management Password:
Sat Dec 08 16:40:22 2018 us=673580 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sat Dec 08 16:40:22 2018 us=673580 Need hold release from management interface, waiting...
Sat Dec 08 16:40:23 2018 us=137330 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sat Dec 08 16:40:23 2018 us=239998 MANAGEMENT: CMD 'state on'
Sat Dec 08 16:40:23 2018 us=239998 MANAGEMENT: CMD 'log all on'
Sat Dec 08 16:40:23 2018 us=368896 MANAGEMENT: CMD 'echo all on'
Sat Dec 08 16:40:23 2018 us=369930 MANAGEMENT: CMD 'bytecount 5'
Sat Dec 08 16:40:23 2018 us=373397 MANAGEMENT: CMD 'hold off'
Sat Dec 08 16:40:23 2018 us=374435 MANAGEMENT: CMD 'hold release'
Sat Dec 08 16:40:23 2018 us=374435 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Sat Dec 08 16:40:31 2018 us=640862 MANAGEMENT: CMD 'password [...]'
Sat Dec 08 16:40:31 2018 us=643855 Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Dec 08 16:40:31 2018 us=643855 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Sat Dec 08 16:40:31 2018 us=644850 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client'
Sat Dec 08 16:40:31 2018 us=644850 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server'
Sat Dec 08 16:40:31 2018 us=644850 TCP/UDP: Preserving recently used remote address: [AF_INET]82.0.0.0:1194
Sat Dec 08 16:40:31 2018 us=644850 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sat Dec 08 16:40:31 2018 us=644850 UDP link local: (not bound)
Sat Dec 08 16:40:31 2018 us=644850 UDP link remote: [AF_INET]82.0.0.0:1194
Sat Dec 08 16:40:31 2018 us=644850 MANAGEMENT: >STATE:1544283631,WAIT,,,,,,
Sat Dec 08 16:40:31 2018 us=721213 MANAGEMENT: >STATE:1544283631,AUTH,,,,,,
Sat Dec 08 16:40:31 2018 us=721213 TLS: Initial packet from [AF_INET]82.0.0.0:1194, sid=d3d608d1 e6c22d86
Sat Dec 08 16:40:32 2018 us=687415 VERIFY OK: depth=1, C=FR, ST=74, L=Location, O=ET, OU=changeme, CN=OpenVPN-ET, name=changeme, emailAddress=MyEmail
Sat Dec 08 16:40:32 2018 us=687415 VERIFY OK: depth=0, C=FR, ST=74, L=Location, O=ET, OU=changeme, CN=server, name=changeme, emailAddress=MyEmail
Sat Dec 08 16:40:32 2018 us=872282 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Sat Dec 08 16:40:32 2018 us=872282 [server] Peer Connection Initiated with [AF_INET]82.0.0.0:1194
Sat Dec 08 16:40:34 2018 us=102269 MANAGEMENT: >STATE:1544283634,GET_CONFIG,,,,,,
Sat Dec 08 16:40:34 2018 us=102269 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Sat Dec 08 16:40:34 2018 us=201522 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,route 192.168.0.0 255.255.255.0,dhcp-option DNS 10.1.0.1,redirect-gateway def1,route-gateway 10.1.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.1.0.2 255.255.255.0,peer-id 0,cipher AES-256-GCM'
Sat Dec 08 16:40:34 2018 us=201522 OPTIONS IMPORT: timers and/or timeouts modified
Sat Dec 08 16:40:34 2018 us=201522 OPTIONS IMPORT: --ifconfig/up options modified
Sat Dec 08 16:40:34 2018 us=201522 OPTIONS IMPORT: route options modified
Sat Dec 08 16:40:34 2018 us=201522 OPTIONS IMPORT: route-related options modified
Sat Dec 08 16:40:34 2018 us=201522 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Dec 08 16:40:34 2018 us=201522 OPTIONS IMPORT: peer-id set
Sat Dec 08 16:40:34 2018 us=201522 OPTIONS IMPORT: adjusting link_mtu to 1624
Sat Dec 08 16:40:34 2018 us=201522 OPTIONS IMPORT: data channel crypto options modified
Sat Dec 08 16:40:34 2018 us=201522 Data Channel: using negotiated cipher 'AES-256-GCM'
Sat Dec 08 16:40:34 2018 us=202569 Data Channel MTU parms [ L:1552 D:1450 EF:52 EB:406 ET:0 EL:3 ]
Sat Dec 08 16:40:34 2018 us=202569 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sat Dec 08 16:40:34 2018 us=202569 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sat Dec 08 16:40:34 2018 us=202569 interactive service msg_channel=120
Sat Dec 08 16:40:34 2018 us=218858 ROUTE_GATEWAY 172.20.10.1/255.255.255.240 I=24 HWADDR=de:0c:5c:b6:23:2d
Sat Dec 08 16:40:34 2018 us=245784 open_tun
Sat Dec 08 16:40:34 2018 us=246779 TAP-WIN32 device [Ethernet 6] opened: \\.\Global\{1080A922-06F8-4829-943D-67CF56869E96}.tap
Sat Dec 08 16:40:34 2018 us=247778 TAP-Windows Driver Version 9.21 
Sat Dec 08 16:40:34 2018 us=247778 TAP-Windows MTU=1500
Sat Dec 08 16:40:34 2018 us=249775 Set TAP-Windows TUN subnet mode network/local/netmask = 10.1.0.0/10.1.0.2/255.255.255.0 [SUCCEEDED]
Sat Dec 08 16:40:34 2018 us=249775 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.1.0.2/255.255.255.0 on interface {1080A922-06F8-4829-943D-67CF56869E96} [DHCP-serv: 10.1.0.254, lease-time: 31536000]
Sat Dec 08 16:40:34 2018 us=249775 DHCP option string: 06040a01 0001
Sat Dec 08 16:40:34 2018 us=249775 Successful ARP Flush on interface [5] {1080A922-06F8-4829-943D-67CF56869E96}
Sat Dec 08 16:40:34 2018 us=258705 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sat Dec 08 16:40:34 2018 us=258705 MANAGEMENT: >STATE:1544283634,ASSIGN_IP,,10.1.0.2,,,,
Sat Dec 08 16:40:39 2018 us=353351 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Sat Dec 08 16:40:39 2018 us=353351 C:\Windows\system32\route.exe ADD 82.0.0.0 MASK 255.255.255.255 172.20.10.1
Sat Dec 08 16:40:39 2018 us=355346 Route addition via service succeeded
Sat Dec 08 16:40:39 2018 us=355346 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.1.0.1
Sat Dec 08 16:40:39 2018 us=358145 Route addition via service succeeded
Sat Dec 08 16:40:39 2018 us=358145 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.1.0.1
Sat Dec 08 16:40:39 2018 us=360647 Route addition via service succeeded
Sat Dec 08 16:40:39 2018 us=360647 MANAGEMENT: >STATE:1544283639,ADD_ROUTES,,,,,,
Sat Dec 08 16:40:39 2018 us=360647 C:\Windows\system32\route.exe ADD 192.168.0.0 MASK 255.255.255.0 10.1.0.1
Sat Dec 08 16:40:39 2018 us=363000 Route addition via service succeeded
Sat Dec 08 16:40:39 2018 us=363000 Initialization Sequence Completed
Sat Dec 08 16:40:39 2018 us=363000 MANAGEMENT: >STATE:1544283639,CONNECTED,SUCCESS,10.1.0.2,82.0.0.0,1194,,
Any idea?
Thanks for your help! :)

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 5086
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN and DD-WRT: connection but no web trafic

Post by TinCanTech » Sat Dec 08, 2018 6:28 pm

FTP wrote:
Sat Dec 08, 2018 5:13 pm
the client connects to the server, some trafic is working (like the TresorIt cloud sync), but I can't get any trafic for the web,
Are you sure that Tresorit is going via the VPN ? If so, all other website should work as well ..
FTP wrote:
Sat Dec 08, 2018 5:13 pm
I don't have access to my NAS on my local network and I don't have access to the shared folder too
Try connecting via the IP address not the name

eg:

Code: Select all

net use x: //19.168.n.n/sharename

FTP
OpenVpn Newbie
Posts: 4
Joined: Sat Nov 03, 2018 10:07 pm

Re: OpenVPN and DD-WRT: connection but no web trafic

Post by FTP » Sat Dec 08, 2018 10:33 pm

TinCanTech wrote:
Sat Dec 08, 2018 6:28 pm
Are you sure that Tresorit is going via the VPN ? If so, all other website should work as well ..
I'm not an expert of networks, so no I'm not 100% sure.
I just observe that once the OpenVPN client of the laptop is connected to my router, browsers are not able to display any website, but the Tresorit sync software (not website !) keeps on working fine. Even if I stop it and run it again while the VPN is connected, it starts and run fine.
TinCanTech wrote:
Sat Dec 08, 2018 6:28 pm
Try connecting via the IP address not the name

eg:

Code: Select all

net use x: //19.168.n.n/sharename
It partially works.
It asked for Username & Password, then ended up on "The command completed successfully.".
Then when you go on z:, via the Command prompt, "z:" is ok but "dir" takes 2mn 10s before to display the list of 7 files, no sub dir, and via Windows Explorer it connects to the folder, but ends up on timeout before to display any file list.

So there's a problem somewhere. Everything is far too slow.
The router is on Optical fibre and the laptop in 4G.

Post Reply