OpenVPN on Asus RT-N56U
Posted: Thu Feb 23, 2012 10:40 am
I have installed OpenVPN on a USB-stick connected to my Asus RT-N56U router. I have followed this guide: http://code.google.com/p/rt-n56u/wiki/H ... nvpnServer But I can't get it to work, when I try to connect to my VPN-server through Internet with the OpenVPN Client it just times out, I enter my IP-address and press connect and the it asks for username and password and then nothing more happens.
My openvpn.conf looks like this:
/opt/home/admin # cat /opt/etc/openvpn/openvpn.conf
## Openvpn configuration file
## /opt/etc/openvpn/openvpn.conf
#******************************************************************************#
# There are 3 ranges of configuration below. If you want to change your server #
# ip range, you can comment lines in current configuration and uncomment #
# another section or change it to your own range. #
#******************************************************************************#
#########################################
# config. 1 (current configuration)
#----------------------------------------
ifconfig 10.249.84.1 255.255.255.0
server 10.249.84.0 255.255.255.0
push "route 10.249.84.0 255.255.255.0"
push "dhcp-option DNS 10.249.84.1"
#########################################
# config. 2
#----------------------------------------
;ifconfig 172.29.167.1 255.255.255.0
;server 172.29.167.0 255.255.255.0
;push "route 172.29.167.0 255.255.255.0"
;push "dhcp-option DNS 172.29.167.1"
#########################################
# config. 3
#----------------------------------------
;ifconfig 192.168.214.1 255.255.255.0
;server 192.168.214.0 255.255.255.0
;push "route 192.168.214.0 255.255.255.0"
;push "dhcp-option DNS 192.168.214.1"
#******************************************************************************#
# ------------- There is no need to edit anything below this line ------------ #
#******************************************************************************#
dev tap
proto udp
port 1194
client-to-client
push "route 224.0.0.0 240.0.0.0"
push "route 192.168.1.0 255.255.255.0"
push "dhcp-option WINS 192.168.1.1"
up ./openvpn.up
tls-server
script-security 2
cipher aes-128-cbc
ca /opt/etc/openvpn/keys/ca.crt
dh /opt/etc/openvpn/keys/dh1024.pem
cert /opt/etc/openvpn/keys/server.crt
key /opt/etc/openvpn/keys/server.key
comp-lzo
persist-tun
persist-key
verb 3
user nobody
group nobody
keepalive 10 60
My /opt/etc/openvpn/secrets looks like this:
/opt/home/admin # cat /opt/etc/openvpn/secrets
## username secret
MyOwnUsername MyOwnPassword
/opt/home/admin #
My /opt/var/log/openvpn.log looks like this when I start the service:
Thu Feb 23 11:36:35 2012 OpenVPN 2.2.0 mipsel-linux [SSL] [LZO2] [EPOLL] [eurephia] built on Apr 28 2011
Thu Feb 23 11:36:35 2012 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Feb 23 11:36:35 2012 Diffie-Hellman initialized with 1024 bit key
Thu Feb 23 11:36:35 2012 WARNING: POTENTIALLY DANGEROUS OPTION --client-cert-not-required may accept clients which do not present a certificate
Thu Feb 23 11:36:35 2012 TLS-Auth MTU parms [ L:1590 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu Feb 23 11:36:35 2012 Socket Buffers: R=[108544->131072] S=[108544->131072]
Thu Feb 23 11:36:35 2012 TUN/TAP device tap0 opened
Thu Feb 23 11:36:35 2012 TUN/TAP TX queue length set to 100
Thu Feb 23 11:36:35 2012 /sbin/ifconfig tap0 10.249.84.1 netmask 255.255.255.0 mtu 1500 broadcast 10.249.84.255
Thu Feb 23 11:36:36 2012 ./openvpn.up tap0 1500 1590 10.249.84.1 255.255.255.0 init
sh: 10.249.84.0: bad number
Thu Feb 23 11:36:36 2012 Data Channel MTU parms [ L:1590 D:1450 EF:58 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Feb 23 11:36:36 2012 nice 5 succeeded
Thu Feb 23 11:36:36 2012 GID set to nobody
Thu Feb 23 11:36:36 2012 UID set to nobody
Thu Feb 23 11:36:36 2012 UDPv4 link local (bound): [undef]:1194
Thu Feb 23 11:36:36 2012 UDPv4 link remote: [undef]
Thu Feb 23 11:36:36 2012 MULTI: multi_init called, r=256 v=256
Thu Feb 23 11:36:37 2012 IFCONFIG POOL: base=10.249.84.2 size=253
Thu Feb 23 11:36:37 2012 Initialization Sequence Completed
My openvpn.conf looks like this:
/opt/home/admin # cat /opt/etc/openvpn/openvpn.conf
## Openvpn configuration file
## /opt/etc/openvpn/openvpn.conf
#******************************************************************************#
# There are 3 ranges of configuration below. If you want to change your server #
# ip range, you can comment lines in current configuration and uncomment #
# another section or change it to your own range. #
#******************************************************************************#
#########################################
# config. 1 (current configuration)
#----------------------------------------
ifconfig 10.249.84.1 255.255.255.0
server 10.249.84.0 255.255.255.0
push "route 10.249.84.0 255.255.255.0"
push "dhcp-option DNS 10.249.84.1"
#########################################
# config. 2
#----------------------------------------
;ifconfig 172.29.167.1 255.255.255.0
;server 172.29.167.0 255.255.255.0
;push "route 172.29.167.0 255.255.255.0"
;push "dhcp-option DNS 172.29.167.1"
#########################################
# config. 3
#----------------------------------------
;ifconfig 192.168.214.1 255.255.255.0
;server 192.168.214.0 255.255.255.0
;push "route 192.168.214.0 255.255.255.0"
;push "dhcp-option DNS 192.168.214.1"
#******************************************************************************#
# ------------- There is no need to edit anything below this line ------------ #
#******************************************************************************#
dev tap
proto udp
port 1194
client-to-client
push "route 224.0.0.0 240.0.0.0"
push "route 192.168.1.0 255.255.255.0"
push "dhcp-option WINS 192.168.1.1"
up ./openvpn.up
tls-server
script-security 2
cipher aes-128-cbc
ca /opt/etc/openvpn/keys/ca.crt
dh /opt/etc/openvpn/keys/dh1024.pem
cert /opt/etc/openvpn/keys/server.crt
key /opt/etc/openvpn/keys/server.key
comp-lzo
persist-tun
persist-key
verb 3
user nobody
group nobody
keepalive 10 60
My /opt/etc/openvpn/secrets looks like this:
/opt/home/admin # cat /opt/etc/openvpn/secrets
## username secret
MyOwnUsername MyOwnPassword
/opt/home/admin #
My /opt/var/log/openvpn.log looks like this when I start the service:
Thu Feb 23 11:36:35 2012 OpenVPN 2.2.0 mipsel-linux [SSL] [LZO2] [EPOLL] [eurephia] built on Apr 28 2011
Thu Feb 23 11:36:35 2012 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Feb 23 11:36:35 2012 Diffie-Hellman initialized with 1024 bit key
Thu Feb 23 11:36:35 2012 WARNING: POTENTIALLY DANGEROUS OPTION --client-cert-not-required may accept clients which do not present a certificate
Thu Feb 23 11:36:35 2012 TLS-Auth MTU parms [ L:1590 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu Feb 23 11:36:35 2012 Socket Buffers: R=[108544->131072] S=[108544->131072]
Thu Feb 23 11:36:35 2012 TUN/TAP device tap0 opened
Thu Feb 23 11:36:35 2012 TUN/TAP TX queue length set to 100
Thu Feb 23 11:36:35 2012 /sbin/ifconfig tap0 10.249.84.1 netmask 255.255.255.0 mtu 1500 broadcast 10.249.84.255
Thu Feb 23 11:36:36 2012 ./openvpn.up tap0 1500 1590 10.249.84.1 255.255.255.0 init
sh: 10.249.84.0: bad number
Thu Feb 23 11:36:36 2012 Data Channel MTU parms [ L:1590 D:1450 EF:58 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Feb 23 11:36:36 2012 nice 5 succeeded
Thu Feb 23 11:36:36 2012 GID set to nobody
Thu Feb 23 11:36:36 2012 UID set to nobody
Thu Feb 23 11:36:36 2012 UDPv4 link local (bound): [undef]:1194
Thu Feb 23 11:36:36 2012 UDPv4 link remote: [undef]
Thu Feb 23 11:36:36 2012 MULTI: multi_init called, r=256 v=256
Thu Feb 23 11:36:37 2012 IFCONFIG POOL: base=10.249.84.2 size=253
Thu Feb 23 11:36:37 2012 Initialization Sequence Completed