1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

OpenVPN access server with Tomato

Discussion in 'Tomato Firmware' started by kk5000, Oct 8, 2013.

  1. kk5000

    kk5000 Serious Server Member

    I recently bought a VPS from www.myhosting.com They don't allow you to install VPN on your own and require you to buy a OpenVPN access server license from them. I did that and OpenVPN access server has been installed on my VPS. They provide the openVPN client :

    http://swupdate.openvpn.net/downloads/openvpn-client.msi

    I am able to install the client on my computer and then connect to the VPN through it. All works great.

    However, how do I get this working on Tomato? I have added the details on the OpenVPN client page in Tomato but when I try to start the VPN I see this error in the logs :

    You must define CA file (--ca) or CA path (--capath)

    So I guess I have to generate the CA etc. as per http://tomatousb.org/tut:openvpn

    The first instruction on that page appears to be :

    cd /usr/share/doc/openvpn/examples/easy-rsa/2.0/
    Not only does that directory not exist on the VPS there is no directory with the words rsa :

    [root@vps~]# cd /usr/share/doc/openvpn/examples/easy-rsa/2.0/
    -bash: cd: /usr/share/doc/openvpn/examples/easy-rsa/2.0/: No such file or directory
    [root@vps~]# locate easy-rsa
    [root@vps~]# locate easyrsa
    [root@vps~]#

    Any help would be greatly appreciated :)
     
    Last edited: Oct 8, 2013
  2. kk5000

    kk5000 Serious Server Member

    Continuing this. I have found some files in :

    /usr/local/openvpn_as/etc/web-ssl/

    I proceeded to enter the contents of ca.crt & ca.key into tomato which apparently "started" the VPN client within tomato. Still doesn't work however and now we see these errors :

    Oct 8 08:36:08 unknown daemon.warn openvpn[29160]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    Oct 8 08:36:08 unknown daemon.warn openvpn[29160]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Oct 8 08:36:08 unknown daemon.notice openvpn[29160]: Socket Buffers: R=[87380->131072] S=[16384->131072]
    Oct 8 08:36:08 unknown daemon.notice openvpn[29160]: Attempting to establish TCP connection with [AF_INET]IP-REMOVED:943 [nonblock]
    Oct 8 08:36:09 unknown daemon.notice openvpn[29160]: TCP connection established with [AF_INET]IP-REMOVED:943
    Oct 8 08:36:09 unknown daemon.notice openvpn[29160]: TCPv4_CLIENT link local: [undef]
    Oct 8 08:36:09 unknown daemon.notice openvpn[29160]: TCPv4_CLIENT link remote: [AF_INET]IP-REMOVED:943
    Oct 8 08:36:09 unknown daemon.err openvpn[29160]: Connection reset, restarting [0]
    Oct 8 08:36:09 unknown daemon.notice openvpn[29160]: SIGUSR1[soft,connection-reset] received, process restarting
    Oct 8 08:36:09 unknown daemon.notice openvpn[29160]: Restart pause, 5 second(s)
     
  3. RMerlin

    RMerlin Network Guru Member

Share This Page