I recently had to replace 1 of my dd-wrt openvpn routers and decided to take the opportunity to convert to public private keys. I previsouly had a static key VPN configured and working well for quite a while.
It looks to me like my certificates and pub/priv keys are all working just fine, as soon as I power on the DD-WRT OpenVPN server[server] the DD-WRT OpenVPN client[client1] connects and gets a private address, but I am not able to connect or ping any devices on the client1 lan.
So I think I think my problem is either in routing or the iptables firewall on either server or client1. My knowledge of iptables and routing is very minimal
I have been following the vpn guide at:
http://www.dd-wrt.com/wiki/index.php/VPN_%28the_easy_way)_v24+#Enough_NVRAM_storage_space.3F
I'll try to explain my configuration as best as possible:
Server:
Linksys WRT54G
LAN: 192.168.3.x
VPN Private Routing: 192.168.66.0
OpenVPN Server Config Script:
##################################################
push "route 192.168.3.0 255.255.255.0"
server 192.168.66.0 255.255.255.0
dev tun0
proto udp
keepalive 10 120
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
# Only use crl-verify if you are using the revoke list - otherwise leave it commented out
# crl-verify /tmp/openvpn/ca.crl
# management parameter allows DD-WRT\s OpenVPN Status web page to access the server\s management port
# port must be 5001 for scripts embedded in firmware to work
management localhost 5001
##################################################
IPTABLES:
iptables -I INPUT 1 -p udp --dport 1194 -j ACCEPT
iptables -I FORWARD 1 --source 192.168.66.0/24 -j ACCEPT
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
*****************************************************************
Client1
Linksys WRT54G
LAN: 192.168.2.x
VPN Private Routing: 192.168.66.0
IPTABLES:
NONE
It looks to me like my certificates and pub/priv keys are all working just fine, as soon as I power on the DD-WRT OpenVPN server[server] the DD-WRT OpenVPN client[client1] connects and gets a private address, but I am not able to connect or ping any devices on the client1 lan.
So I think I think my problem is either in routing or the iptables firewall on either server or client1. My knowledge of iptables and routing is very minimal
I have been following the vpn guide at:
http://www.dd-wrt.com/wiki/index.php/VPN_%28the_easy_way)_v24+#Enough_NVRAM_storage_space.3F
I'll try to explain my configuration as best as possible:
Server:
Linksys WRT54G
LAN: 192.168.3.x
VPN Private Routing: 192.168.66.0
OpenVPN Server Config Script:
##################################################
push "route 192.168.3.0 255.255.255.0"
server 192.168.66.0 255.255.255.0
dev tun0
proto udp
keepalive 10 120
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
# Only use crl-verify if you are using the revoke list - otherwise leave it commented out
# crl-verify /tmp/openvpn/ca.crl
# management parameter allows DD-WRT\s OpenVPN Status web page to access the server\s management port
# port must be 5001 for scripts embedded in firmware to work
management localhost 5001
##################################################
IPTABLES:
iptables -I INPUT 1 -p udp --dport 1194 -j ACCEPT
iptables -I FORWARD 1 --source 192.168.66.0/24 -j ACCEPT
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
*****************************************************************
Client1
Linksys WRT54G
LAN: 192.168.2.x
VPN Private Routing: 192.168.66.0
IPTABLES:
NONE
Last edited:
Facebook
Twitter