Problems getting OpenVPN client working

[tdurden123]

I'm having problems getting the router to send traffic over the VPN. I know that the VPN config file is working and that the rest of my network is setup properly. I have another router that's running openwrt and using the same VPN config file that router just works.

The Asus router I'm trying to get working is a RT-N66U running 380.62_1. I have all the firewalls and filtering turned off on the router. I've uploaded the VPN config file and I can set "Redirect Internet traffic" to either No or All, doesn't matter which, once I turn on the VPN client all LAN and wireless devices can't access the internet. If I ssh into the router and try to ping out to an internet site, doesn't work. Internet connection goes dead, the only devices I can access are local to my network.

Here's the odd thing. I reboot the router and ssh to it. I load the tun module (modprobe tun) and make the tun device with openvpn. I scp the vpn config file to the router and start up the vpn manually from the commandline. Still any LAN or wireless client doesn't have internet access, but from the ssh shell, I can access the internet and it goes out over the VPN tunnel.

Any ideas what is going on to cause this?

 

[john9527]

I have all the firewalls and filtering turned off on the router.

Try turning the router firewall back on.

 

[tdurden123]

Try turning the router firewall back on.

Doesn't help any. If I start with the gui I can't ping out wireless or sshing into the router. If I start manual I can still ping if I ssh in.

I have found that if I start openvpn manually from ssh and after it's up and running I give this command:

iptables -t nat -A POSTROUTING -o tun1 -j MASQUERADE

then I can go out through the VPN tunnel from the LAN/wifi. If I start the VPN from the gui and issue this command, doesn't help any.

 

[john9527]

The VPN client instances started by the router are started as tun11 through tun15, not tun1.

Do a search for posts by yorgi....he has written some guides on setting up VPN clients on the router.

 

[tdurden123]

The VPN client instances started by the router are started as tun11 through tun15, not tun1.

Do a search for posts by yorgi....he has written some guides on setting up VPN clients on the router.

Yeah, I know that when you use the gui the interface is tun11. The tun1 is when I set it up manually. I found some of yorgi's posts and nothing there helped. The guides seemed to be mostly for PIA vpn.

I've been comparing the iptables and routing table but can't see why when I ssh into the router and start openvpn manually I can at least go through the VPN tunnel from there. But when I start the vpn from the gui, everything goes down, there's no access to the VPN tunnel.

I even tried saving the iptable with iptables-save when I manually start up the vpn and using iptables-restore to load those same tables when I start the vpn with the gui - but still no access to the vpn.