Hello,
I need help setting up an openVPN TAP Server on DD-WRT for the R7000 (kong version).
I want to do 2 things with the VPN server: 1) redirect/tunnel all internet traffic through the VPN including DNS information and 2) be able to access my home network as if I was on local wifi or ethernet.
I don't know what I'm doing wrong but currently the VPN client on my computer connects, but does not redirect internet traffic (I did an IP check and it still shows my non-VPN IP address) and also, I do not have access to my private home network.
Here are my settings. I'm also posting my old tomato router settings because it worked just fine on my tomato router, and I tried to copy over the same settings to the best of my ability.
OpenVPN Client Log
Old Tomato TAP Server Config
DD-WRT TAP Server Config
OpenVPN Client Config
Note that I changed the port the TAP server used to 443 in DD-WRT.
I need help setting up an openVPN TAP Server on DD-WRT for the R7000 (kong version).
I want to do 2 things with the VPN server: 1) redirect/tunnel all internet traffic through the VPN including DNS information and 2) be able to access my home network as if I was on local wifi or ethernet.
I don't know what I'm doing wrong but currently the VPN client on my computer connects, but does not redirect internet traffic (I did an IP check and it still shows my non-VPN IP address) and also, I do not have access to my private home network.
Here are my settings. I'm also posting my old tomato router settings because it worked just fine on my tomato router, and I tried to copy over the same settings to the best of my ability.
OpenVPN Client Log
Code:
Fri Jun 27 00:46:15 2014 OpenVPN 2.3.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Aug 22 2013
Fri Jun 27 00:46:15 2014 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25342
Fri Jun 27 00:46:15 2014 Need hold release from management interface, waiting...
Fri Jun 27 00:46:16 2014 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25342
Fri Jun 27 00:46:16 2014 MANAGEMENT: CMD 'state on'
Fri Jun 27 00:46:16 2014 MANAGEMENT: CMD 'log all on'
Fri Jun 27 00:46:16 2014 MANAGEMENT: CMD 'hold off'
Fri Jun 27 00:46:16 2014 MANAGEMENT: CMD 'hold release'
Fri Jun 27 00:46:16 2014 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri Jun 27 00:46:16 2014 UDPv4 link local: [undef]
Fri Jun 27 00:46:16 2014 UDPv4 link remote: [AF_INET]XXXXXXX:443
Fri Jun 27 00:46:16 2014 MANAGEMENT: >STATE:1403855176,WAIT,,,
Fri Jun 27 00:46:16 2014 MANAGEMENT: >STATE:1403855176,AUTH,,,
Fri Jun 27 00:46:16 2014 TLS: Initial packet from [AF_INET]XXXXXXXX:443, sid=6f54dc97 e5af5528
Fri Jun 27 00:46:17 2014 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=OpenVPN, OU=changeme, CN=tomatovpn, name=tomatovpn, emailAddress=mail@host.domain
Fri Jun 27 00:46:17 2014 VERIFY OK: nsCertType=SERVER
Fri Jun 27 00:46:17 2014 VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=OpenVPN, OU=changeme, CN=server, name=server, emailAddress=mail@host.domain
Fri Jun 27 00:46:17 2014 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Jun 27 00:46:17 2014 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jun 27 00:46:17 2014 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Jun 27 00:46:17 2014 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jun 27 00:46:17 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES128-SHA, 1024 bit RSA
Fri Jun 27 00:46:17 2014 [server] Peer Connection Initiated with [AF_INET]XXXXXXXX:443
Fri Jun 27 00:46:18 2014 MANAGEMENT: >STATE:1403855178,GET_CONFIG,,,
Fri Jun 27 00:46:19 2014 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Jun 27 00:46:19 2014 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,route-gateway 10.8.0.0,ping 10,ping-restart 120,ifconfig 10.8.0.1 255.255.255.0'
Fri Jun 27 00:46:19 2014 OPTIONS IMPORT: timers and/or timeouts modified
Fri Jun 27 00:46:19 2014 OPTIONS IMPORT: --ifconfig/up options modified
Fri Jun 27 00:46:19 2014 OPTIONS IMPORT: route options modified
Fri Jun 27 00:46:19 2014 OPTIONS IMPORT: route-related options modified
Fri Jun 27 00:46:19 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Jun 27 00:46:19 2014 MANAGEMENT: >STATE:1403855179,ASSIGN_IP,,10.8.0.1,
Fri Jun 27 00:46:19 2014 open_tun, tt->ipv6=0
Fri Jun 27 00:46:19 2014 TAP-WIN32 device [Local Area Connection] opened: \\.\Global\{XXXXXXXXXXX}.tap
Fri Jun 27 00:46:19 2014 TAP-Windows Driver Version 9.9
Fri Jun 27 00:46:19 2014 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.0 on interface {XXXXXXXXXXXXXXXX} [DHCP-serv: 10.8.0.0, lease-time: 31536000]
Fri Jun 27 00:46:19 2014 Successful ARP Flush on interface [12] {XXXXXXXXXXXXXX}
Fri Jun 27 00:46:21 2014 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Fri Jun 27 00:46:21 2014 C:\WINDOWS\system32\route.exe ADD XXXXXXXXXX MASK 255.255.255.255 172.20.10.1
Fri Jun 27 00:46:21 2014 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Fri Jun 27 00:46:21 2014 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.0
Fri Jun 27 00:46:21 2014 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Fri Jun 27 00:46:21 2014 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.0
Fri Jun 27 00:46:21 2014 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Fri Jun 27 00:46:21 2014 Initialization Sequence Completed
Fri Jun 27 00:46:21 2014 MANAGEMENT: >STATE:1403855181,CONNECTED,SUCCESS,10.8.0.1,XXXXXXXXXX
Old Tomato TAP Server Config
DD-WRT TAP Server Config
OpenVPN Client Config
Code:
client
dev tap
proto udp
remote XXXXXXXXXXXXXX 443
script-security 3
resolv-retry infinite
nobind
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\tomato\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\tomato\\client2.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\tomato\\client2.key"
ns-cert-type server
cipher BF-CBC
comp-lzo
verb 3
explicit-exit-notify 2
ping 10
ping-restart 60
route-method exe
route-delay 2
Note that I changed the port the TAP server used to 443 in DD-WRT.