Jump to content
Not connected, Your IP: 3.86.235.207
Sign in to follow this  
hhall310

[SOLVED]Can connect with DD-WRT but will not route

Recommended Posts

Hi, I followed the instructions found on your site to set up my DD-WRT router, and I was able to get the router to connect via OpenVPN (status screen on DD-WRT showed it was connected and I had a 10.x.x.x IP address that I can ping to). But the problem is the router doesn't seem to route out any traffic through that connection. I couldn't access any website, and all my traceroutes die at hop #1 (the router). Can you help?

Share this post


Link to post

Hi, I followed the instructions found on your site to set up my DD-WRT router, and I was able to get the router to connect via OpenVPN (status screen on DD-WRT showed it was connected and I had a 10.x.x.x IP address that I can ping to). But the problem is the router doesn't seem to route out any traffic through that connection. I couldn't access any website, and all my traceroutes die at hop #1 (the router). Can you help?

Hello!

Are you able to ping the 10.x.0.1 IP address (for example, if you connect to port 443 UDP, are you able to ping 10.4.0.1)?

Could you please publish the routing table after the connection (delete your real IP address for privacy reasons)?

Kind regards

Share this post


Link to post

Ok, my route table is as follows:

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

108.59.8.147 192.168.128.1 255.255.255.255 UGH 0 0 0 vlan1

192.168.128.1 0.0.0.0 255.255.255.255 UH 0 0 0 vlan1

10.4.7.217 0.0.0.0 255.255.255.255 UH 0 0 0 tun1

10.4.0.1 10.4.7.217 255.255.255.255 UGH 0 0 0 tun1

192.168.129.0 0.0.0.0 255.255.255.0 U 0 0 0 br0

192.168.128.0 0.0.0.0 255.255.255.0 U 0 0 0 vlan1

169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br0

127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo

0.0.0.0 10.4.7.217 128.0.0.0 UG 0 0 0 tun1

128.0.0.0 10.4.7.217 128.0.0.0 UG 0 0 0 tun1

0.0.0.0 192.168.128.1 0.0.0.0 UG 0 0 0 vlan1

My routers are connected this way:

Internet <--- Cable Modem <--- Primary Router <--- DD-WRT Router for AirVPN

My Primary Router's LAN IP is 192.168.128.1

My DD-WRT Router has a WAN IP of 192.168.128.59, and LAN IP of 192.168.129.1

I have two routers so my computers that do not need AirVPN can connect to the primary router, and those that do can connect to my DD-WRT router.

I am connected to my DD-WRT router via wifi interface.

Thank you!

Thank you.

Share this post


Link to post

My pings:

Ping to 10.4.0.1: Fail

Ping to 108.59.8.147: OK

Ping to 10.4.7.217: Fail

Ping to 10.4.7.218: OK

Ping to 192.168.128.1: OK

Share this post


Link to post

Ok it looks like using TCP instead of UDP helped resolve the problem. Will test it out thoroughly. Thanks!

Share this post


Link to post

Ok it looks like using TCP instead of UDP helped resolve the problem. Will test it out thoroughly. Thanks!

Hello!

Can we put [sOLVED] in the thread subject, for future references?

Kind regards

Share this post


Link to post

Yes you can mark this as solved. But I was wondering if you can help with one more request.

Do you know how I can restrict my dd-wrt router to only use a VPN connection? Right now, if the router's VPN connection drops, everything gets automatically routed through my normal connection. My current configuration is like this:

[DD-WRT Router] ---> [Regular Router] ---> (Internet) ---> (AirVPN) ---> Destination

I would like it so if the VPN connection is disconnected, then it doesn't go anywhere. I think this should be possible through some firewall or routing rules, but unfortunately I'm not familiar enough with that.

Share this post


Link to post

Hello!

We have received this e-mail from one of our customers and we gladly re-publish it here, because we think it may be helpful for anybody running a DD-WRT router behind other routers. The example configuration is with Vega, you can easily change that according to your favorite server and port.

======================================

Hi Guys,

I just thought I'd let you know I figured it all out.

The DD-WRT I have is the latest generic openvpn (DD-WRT v24-sp2 (08/07/10) vpn) installed on an old WRT54G v2.0. My ISP's router is a DLink BCM96358 which is pretty locked down.

I reset to defaults, turned on syslog, set the VPN settings as per your help page, and used the following startup script (containing what you generated for me) -

date 032601152012
sleep 30
echo "client
dev tun
proto tcp
remote 69.163.36.66 443
resolv-retry infinite
nobind
ca /tmp/openvpncl/ca.crt
cert /tmp/openvpncl/client.crt
key /tmp/openvpncl/client.key
ns-cert-type server
cipher AES-256-CBC
comp-lzo
verb 3" > /tmp/openvpncl/myopenvpn.conf
( sleep 20 ; killall openvpn ; /usr/sbin/openvpn --config /tmp/openvpncl/myopenvpn.conf --route-up /tmp/openvpncl/route-up.sh --down /tmp/openvpncl/route-down.sh --daemon ) &

The date is necessary because otherwise the system date is in 1970 and the certs don't work. The other key is the sleep statements. Nothing works if the init processes too fast.

I also had to add a line to the firewall rule too for the wireless to work -

iptables -I FORWARD -i br0 -o tun0 -j ACCEPT 
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT 
iptables -I INPUT -i tun0 -j REJECT
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o tap0 -j MASQUERADE

This gives me a VPN behind my DD-WRT and non-VPN behind the ISP router.

Cheers.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...