1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Help configure WRT as VPN network appliance

Discussion in 'Tomato Firmware' started by alpine1, Dec 23, 2008.

  1. alpine1

    alpine1 Network Guru Member

    I need help setting up my WRT as a dedicated VPN server. It's sitting my behind my DLink DGL-4300 with WAN, DHCP, and Wireless all disabled. Port 1194 on the 4300 is also forwarded to the WRT. When I go to make the client connection, it can't seem to find the WRT. I've tried this with a OpenVPN server installed in the local network and it works but not the WRT. Anyone have any insight?
     
  2. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    For starters, what firmware do you have on the WRT?
     
  3. alpine1

    alpine1 Network Guru Member

    Hi SgtPepperKSU,
    I am testing your 1.23vpn2.0005 Web GUI build.
    The WRT is connected to the LAN using Port 1 and ip manually configured.
    One thing I notice is I can connect and admin the WRT from within the subnet but can't remotely even though I've enabled remote admin in the Tomato GUI.
     
  4. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    That option is for admin via the WAN interface. Since you have WAN disabled, it won't do anything. However, if you forward an external port to the router's LAN IP, port 80, I would imagine that would work.

    Back to the VPN stuff, though: Can you connect to the WRT VPN server from inside your network?
     
  5. alpine1

    alpine1 Network Guru Member

    Yes, no problem connecting locally.
     
  6. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    Then I'm afraid I can't be of a whole lot of help. I don't have any experience with the DLink DGL-4300, and it would appear that that is where the problem lies.

    Since you want the VPN server to operate on the LAN interface (you've confirmed that is working), all that is left to do is get to the connection to the WRT LAN IP. If you've port forwarded the correct port and protocol (have you double checked you're forwarding the right protocol?) to the WRT LAP IP, then it should work.
     
  7. alpine1

    alpine1 Network Guru Member

    Yup, I've tried all combination of UDP and TCP. It appears I can't see the WRT at all outside the network. Thats why I mentioned the Tomato admin screen.
     
  8. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    When you attempt to connect to the WRT VPN from outside your network, do you see anything at all in the WRT syslog? It's possible that the return traffic is the problem.

    Could you log in to your WRT via ssh/telnet and show what the output of
    Code:
    route -n
    is?
     
  9. alpine1

    alpine1 Network Guru Member

    Sure, I'll try that tonight and post the results. Thank you.
     
  10. alpine1

    alpine1 Network Guru Member

    Thank you for your suggestions, SgtPepperKSU. I corrected the routing table and got it working. Yay!!!

    Happy Holidays!
     
  11. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    Great! So I know for the future if people ask about using a configuration similar to yours, what was the missing route? Was it the default route (0.0.0.0) to br0?
     
  12. alpine1

    alpine1 Network Guru Member

    Yup. On the WRT, I just had to update my br0 to point to my gateway.

    Your firmware is working great for me. I now have a nice dedicated low-powered OpenVPN server I can leave on 24/7. Long live WRT. :)
     

Share This Page