VPN failed?
I was using WRT54GL with TomatoVPN GUI for quite a long time without any problem.
Then today I got my new Asus RT-N16 installed. I loaded Teddy_Bear's MOD:
Tomato Firmware v1.27.9047 MIPSR2-beta16 K26 USB vpn3.6
On the OpenVPN Client config, I just copy and paste all the settings from my WRT54GL to the new RT-N16. Everything is exactly the same, at least I believe.
Then I saw the OpenVPN connected to my office OpenVPN server. I can ping any IP on the remote side. BUT I just can't browse our internal web site using http. Samba connection also failed.
here is the log from Tomato:
How can I trouble shooting this problem? I tried ssh into the router and I found the crt and key files but I didn't find the client configration file.
Please help. Thanks a lot!
I was using WRT54GL with TomatoVPN GUI for quite a long time without any problem.
Then today I got my new Asus RT-N16 installed. I loaded Teddy_Bear's MOD:
Tomato Firmware v1.27.9047 MIPSR2-beta16 K26 USB vpn3.6
On the OpenVPN Client config, I just copy and paste all the settings from my WRT54GL to the new RT-N16. Everything is exactly the same, at least I believe.
Then I saw the OpenVPN connected to my office OpenVPN server. I can ping any IP on the remote side. BUT I just can't browse our internal web site using http. Samba connection also failed.
here is the log from Tomato:
Code:
Jul 10 15:31:13 TeddyBear user.info kernel: tun: Universal TUN/TAP device driver, 1.6
Jul 10 15:31:13 TeddyBear user.info kernel: tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
Jul 10 15:31:13 TeddyBear daemon.notice openvpn[1161]: OpenVPN 2.1.1 mipsel-unknown-linux-gnu [SSL] [LZO2] [EPOLL] built on Jun 11 2010
Jul 10 15:31:13 TeddyBear daemon.warn openvpn[1161]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Jul 10 15:31:13 TeddyBear daemon.warn openvpn[1161]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Jul 10 15:31:13 TeddyBear daemon.notice openvpn[1161]: LZO compression initialized
Jul 10 15:31:13 TeddyBear daemon.notice openvpn[1161]: Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Jul 10 15:31:13 TeddyBear daemon.notice openvpn[1161]: Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Jul 10 15:31:13 TeddyBear daemon.notice openvpn[1165]: Socket Buffers: R=[112640->131072] S=[112640->131072]
Jul 10 15:31:13 TeddyBear daemon.notice openvpn[1165]: UDPv4 link local: [undef]
Jul 10 15:31:13 TeddyBear daemon.notice openvpn[1165]: UDPv4 link remote: 24.xxx.xxx.xxx:1194
Jul 10 15:31:13 TeddyBear daemon.notice openvpn[1165]: TLS: Initial packet from 24.xxx.xx.xxx:1194, sid=92a72082 07a3e54f
Jul 10 15:31:13 TeddyBear daemon.notice openvpn[1165]: VERIFY OK: depth=1, /C=CA/ST=BC/L=DELTA/O=XXXXXXXXX/CN=openvpn-gateway2/Email=admin@XXXXXXXX.com
Jul 10 15:31:14 TeddyBear daemon.notice openvpn[1165]: VERIFY OK: depth=0, /C=CA/ST=BC/O=XXXXXXXXXXXXXX/CN=openvpn-gateway2/Email=admin@XXXXXXXXXX.com
Jul 10 15:31:16 TeddyBear daemon.notice openvpn[1165]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Jul 10 15:31:16 TeddyBear daemon.notice openvpn[1165]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jul 10 15:31:16 TeddyBear daemon.notice openvpn[1165]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Jul 10 15:31:16 TeddyBear daemon.notice openvpn[1165]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jul 10 15:31:16 TeddyBear daemon.notice openvpn[1165]: Control Channel: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 2048 bit RSA
Jul 10 15:31:16 TeddyBear daemon.notice openvpn[1165]: [openvpn-gateway2] Peer Connection Initiated with 24.xxx.xxx.xxx:1194
Jul 10 15:31:18 TeddyBear daemon.notice openvpn[1165]: SENT CONTROL [openvpn-gateway2]: 'PUSH_REQUEST' (status=1)
Jul 10 15:31:18 TeddyBear daemon.notice openvpn[1165]: PUSH: Received control message: 'PUSH_REPLY,dhcp-option WINS 192.168.123.30,route 192.168.123.0 255.255.255.0,route 192.168.25.0 255.255.255.0,route 10.66.77.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.66.77.6 10.66.77.5'
Jul 10 15:31:18 TeddyBear daemon.notice openvpn[1165]: OPTIONS IMPORT: timers and/or timeouts modified
Jul 10 15:31:18 TeddyBear daemon.notice openvpn[1165]: OPTIONS IMPORT: --ifconfig/up options modified
Jul 10 15:31:18 TeddyBear daemon.notice openvpn[1165]: OPTIONS IMPORT: route options modified
Jul 10 15:31:18 TeddyBear daemon.notice openvpn[1165]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Jul 10 15:31:18 TeddyBear daemon.notice openvpn[1165]: TUN/TAP device tun11 opened
Jul 10 15:31:18 TeddyBear daemon.notice openvpn[1165]: TUN/TAP TX queue length set to 100
Jul 10 15:31:18 TeddyBear daemon.notice openvpn[1165]: /sbin/ifconfig tun11 10.66.77.6 pointopoint 10.66.77.5 mtu 1500
Jul 10 15:31:18 TeddyBear daemon.notice openvpn[1165]: /sbin/route add -net 192.168.123.0 netmask 255.255.255.0 gw 10.66.77.5
Jul 10 15:31:18 TeddyBear daemon.notice openvpn[1165]: /sbin/route add -net 192.168.25.0 netmask 255.255.255.0 gw 10.66.77.5
Jul 10 15:31:18 TeddyBear daemon.notice openvpn[1165]: /sbin/route add -net 10.66.77.0 netmask 255.255.255.0 gw 10.66.77.5
Jul 10 15:31:18 TeddyBear daemon.notice openvpn[1165]: Initialization Sequence Completed
How can I trouble shooting this problem? I tried ssh into the router and I found the crt and key files but I didn't find the client configration file.
Please help. Thanks a lot!