1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

openvpn setup help with NEWER versions of Tomato

Discussion in 'Tomato Firmware' started by MIkey0124, Oct 1, 2012.

  1. MIkey0124

    MIkey0124 Networkin' Nut Member

    Hello all,
    I am hoping someone can help me out here I am trying to setup a VPN through openvpn through my tomato router. I am using a newer version on Tomato by Shibby. So may setup is a little different then the actually tomato USB version. I am trying to connect to a vpn called ibvpn. The have a DDWRT setup guide but no tomato version and there support isn't any help.
    In my basic setup section of Tomato I can enter the server I want to connect to and also enter in my user name and password. So I will not need to make up a start up script in my router.
    also I copy and pasted the keys off of there website.
    BAsicly my username password server and crt keys are added.
    My problem is the advanced TAB- Then custom configeration: Under custom config I need to enter some commands in order for it to connect this is where I need someones help.
    If I enter this:
    float
    client
    dev tap
    proto udp
    script-security 3
    ns-cert-type server
    persist-key
    persist-tun
    tls-client
    comp-lzo
    verb 3
    I am almost getting connected with some errors in the log. Here is what my log is saying:
    unknown daemon.notice openvpn[1652]: Control Channel MTU parms [ L:1578 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Sep 30 23:49:20 unknown daemon.notice openvpn[1652]: Socket Buffers: R=[32767->65534] S=[32767->65534]
    Sep 30 23:49:20 unknown daemon.notice openvpn[1652]: Data Channel MTU parms [ L:1578 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
    Sep 30 23:49:20 unknown daemon.notice openvpn[1652]: UDPv4 link local: [undef]
    Sep 30 23:49:20 unknown daemon.notice openvpn[1652]: UDPv4 link remote: 173.254.253.50:1194
    Sep 30 23:49:20 unknown daemon.notice openvpn[1652]: TLS: Initial packet from 173.254.253.50:1194, sid=cd5c6802 301ec215
    Sep 30 23:49:20 unknown daemon.notice openvpn[1652]: VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=me@myhost.mydomain
    Sep 30 23:49:20 unknown daemon.notice openvpn[1652]: VERIFY OK: nsCertType=SERVER
    Sep 30 23:49:20 unknown daemon.notice openvpn[1652]: VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=server/emailAddress=me@myhost.mydomain
    Sep 30 23:49:21 unknown daemon.notice openvpn[1652]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Sep 30 23:49:21 unknown daemon.notice openvpn[1652]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sep 30 23:49:21 unknown daemon.notice openvpn[1652]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Sep 30 23:49:21 unknown daemon.notice openvpn[1652]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sep 30 23:49:21 unknown daemon.notice openvpn[1652]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    Sep 30 23:49:21 unknown daemon.notice openvpn[1652]: [server] Peer Connection Initiated with 173.254.253.50:1194
    Sep 30 23:49:23 unknown daemon.notice openvpn[1652]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
    Sep 30 23:49:23 unknown daemon.notice openvpn[1652]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,show-net-up,route-gateway 96.44.188.129,ping 10,ping-restart 60,ifconfig 96.44.188.149 255.255.255.128'
    Sep 30 23:49:23 unknown daemon.err openvpn[1652]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:4: show-net-up (2.2.2)
    Sep 30 23:49:23 unknown daemon.notice openvpn[1652]: OPTIONS IMPORT: timers and/or timeouts modified
    Sep 30 23:49:23 unknown daemon.notice openvpn[1652]: OPTIONS IMPORT: ifconfig/up options modified
    Sep 30 23:49:23 unknown daemon.notice openvpn[1652]: OPTIONS IMPORT: route options modified
    Sep 30 23:49:23 unknown daemon.notice openvpn[1652]: OPTIONS IMPORT: route-related options modified
    Sep 30 23:49:23 unknown daemon.notice openvpn[1652]: OPTIONS IMPORT: —ip-win32 and/or —dhcp-option options modified
    Sep 30 23:49:23 unknown daemon.notice openvpn[1652]: Preserving previous TUN/TAP instance: tap0
    Sep 30 23:49:23 unknown daemon.notice openvpn[1652]: Initialization Sequence Completed
    Sep 30 23:49:53 unknown daemon.err openvpn[1652]: event_wait : Interrupted system call (code=4)
    Sep 30 23:49:53 unknown daemon.notice openvpn[1652]: OpenVPN STATISTICS
    Sep 30 23:49:53 unknown daemon.notice openvpn[1652]: Updated,Sun Sep 30 23:49:53 2012
    Sep 30 23:49:53 unknown daemon.notice openvpn[1652]: TUN/TAP read bytes,294
    Sep 30 23:49:53 unknown daemon.notice openvpn[1652]: TUN/TAP write bytes,0
    Sep 30 23:49:53 unknown daemon.notice openvpn[1652]: TCP/UDP read bytes,5180
    Sep 30 23:49:53 unknown daemon.notice openvpn[1652]: TCP/UDP write bytes,2040
    Sep 30 23:49:53 unknown daemon.notice openvpn[1652]: Auth read bytes,0
    Sep 30 23:49:53 unknown daemon.notice openvpn[1652]: pre-compress bytes,0
    Sep 30 23:49:53 unknown daemon.notice openvpn[1652]: post-compress bytes,0
    Sep 30 23:50:23 unknown daemon.notice openvpn[1652]: [server] Inactivity timeout (
    ping-restart), restarting
    Sep 30 23:50:23 unknown daemon.notice openvpn[1652]: TCP/UDP: Closing socket
    Sep 30 23:50:23 unknown daemon.notice openvpn[1652]: SIGUSR1[soft,ping-restart] received, process restarting
    Sep 30 23:50:23 unknown daemon.notice openvpn[1652]: Restart pause, 2 second(s)
    Sep 30 23:50:24 unknown daemon.notice openvpn[1652]: /sbin/route del -net 173.254.253.50 netmask 255.255.255.255
    Sep 30 23:50:24 unknown daemon.notice openvpn[1652]: /sbin/route del -net 0.0.0.0 netmask 128.0.0.0
    Sep 30 23:50:24 unknown daemon.notice openvpn[1652]: /sbin/route del -net 128.0.0.0 netmask 128.0.0.0
    Sep 30 23:50:24 unknown daemon.notice openvpn[1652]: Closing TUN/TAP interface
    Sep 30 23:50:24 unknown daemon.notice openvpn[1652]: /sbin/ifconfig tap0 0.0.0.0
    Sep 30 23:50:24 unknown daemon.notice openvpn[1652]: SIGTERM[hard,init_instance] received, process exiting
    Oct 1 00:00:01 unknown syslog.info root: — MARK
    Oct 1 00:16:13 unknown user.info kernel: Universal TUN/TAP device driver 1.5 (C)1999-2002 Maxim Krasnyansky
    Oct 1 00:16:13 unknown daemon.notice openvpn[1768]: OpenVPN 2.2.2 mipsel-linux [SSL] [LZO2] [EPOLL] built on Sep 2 2012
    Oct 1 00:16:13 unknown daemon.warn openvpn[1768]: NOTE: the current —script-security setting may allow this configuration to call user-defined scripts
    Oct 1 00:16:13 unknown daemon.notice openvpn[1768]: LZO compression initialized
    Oct 1 00:16:14 unknown daemon.notice openvpn[1774]: UDPv4 link local: [undef]
    Oct 1 00:16:14 unknown daemon.notice openvpn[1774]: UDPv4 link remote: 173.254.253.50:1194
    Oct 1 00:16:14 unknown daemon.warn openvpn[1774]: WARNING: this configuration may cache passwords in memory — use the auth-nocache option to prevent this
    Oct 1 00:16:15 unknown daemon.notice openvpn[1774]: [server] Peer Connection Initiated with 173.254.253.50:1194
    Oct 1 00:16:18 unknown daemon.err openvpn[1774]: event_wait : Interrupted system call (code=4)
    Oct 1 00:16:18 unknown daemon.notice openvpn[1774]: OpenVPN STATISTICS
    Oct 1 00:16:18 unknown daemon.notice openvpn[1774]: Updated,Mon Oct 1 00:16:18 2012
    Oct 1 00:16:18 unknown daemon.notice openvpn[1774]: TUN/TAP read bytes,0
    Oct 1 00:16:18 unknown daemon.notice openvpn[1774]: TUN/TAP write bytes,0
    Oct 1 00:16:18 unknown daemon.notice openvpn[1774]: TCP/UDP read bytes,3615
    Oct 1 00:16:18 unknown daemon.notice openvpn[1774]: TCP/UDP write bytes,1435
    Oct 1 00:16:18 unknown daemon.notice openvpn[1774]: Auth read bytes,0
    Oct 1 00:16:18 unknown daemon.notice openvpn[1774]: pre-compress bytes,0
    Oct 1 00:16:18 unknown daemon.notice openvpn[1774]: post-compress bytes,0
    Oct 1 00:16:18 unknown daemon.notice openvpn[1774]: pre-decompress bytes,0
    Oct 1 00:16:18 unknown daemon.notice openvpn[1774]: post-decompress bytes,0
    Oct 1 00:16:18 unknown daemon.notice openvpn[1774]: END
    Oct 1 00:16:18 unknown daemon.err openvpn[1774]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:4: show-net-up (2.2.2)
    Oct 1 00:16:18 unknown daemon.notice openvpn[1774]: TUN/TAP device tap0 opened
    Oct 1 00:16:18 unknown daemon.notice openvpn[1774]: /sbin/ifconfig tap0 96.44.188.159 netmask 255.255.255.128 mtu 1500 broadcast 96.44.188.255
    Oct 1 00:16:18 unknown daemon.notice openvpn[1774]: Initialization Sequence Completed
    Oct 1 00:17:18 unknown daemon.notice openvpn[1774]: [server] Inactivity timeout (
    ping-restart), restarting
    Oct 1 00:17:18 unknown daemon.notice openvpn[1774]: SIGUSR1[soft,ping-restart] received, process restarting
    Oct 1 00:17:20 unknown daemon.warn openvpn[1774]: NOTE: the current —script-security setting may allow this configuration to call user-defined scripts
    Oct 1 00:17:20 unknown daemon.notice openvpn[1774]: Re-using SSL/TLS context
    Oct 1 00:17:20 unknown daemon.notice openvpn[1774]: LZO compression initialized
    Oct 1 00:17:20 unknown daemon.notice openvpn[1774]: UDPv4 link local: [undef]
    Oct 1 00:17:20 unknown daemon.notice openvpn[1774]: UDPv4 link remote: 173.254.253.50:1194
    Oct 1 00:17:21 unknown daemon.err openvpn[1774]: TLS Error: local/remote TLS keys are out of sync: 173.254.253.50:1194 [0]
    Oct 1 00:17:21 unknown daemon.notice openvpn[1774]: [server] Peer Connection Initiated with 173.254.253.50:1194
    Oct 1 00:17:23 unknown daemon.err openvpn[1774]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:4: show-net-up (2.2.2)
    Oct 1 00:17:23 unknown daemon.notice openvpn[1774]: Preserving previous TUN/TAP instance: tap0
    Oct 1 00:17:23 unknown daemon.notice openvpn[1774]: Initialization Sequence Completed
     
  2. MIkey0124

    MIkey0124 Networkin' Nut Member

    Here is an example of an .ovpn file from my vpn provider:
    remote us3.ibvpn.com 1194 udp
    remote 173.254.253.50 1194 udp
    client
    dev tap
    resolv-retry infinite
    auth-retry nointeract
    nobind
    persist-key
    persist-tun
    mute-replay-warnings
    ca ibvpn.com.crt
    comp-lzo
    verb 3
    mute 20
    ns-cert-type server
    fragment 1300
    route-method exe
    route-delay 2
    script-security 3 system
    route-up "net stop dnscache"
    route-up "net start dnscache"
    route-up "ipconfig /flushdns"
    route-up "ipconfig /registerdns"
    max-routes 5000
    auth-user-pass
    reneg-sec 0
    explicit-exit-notify 3
    link-mtu 1578

    Can someone help!
    Thanks
     
  3. MIkey0124

    MIkey0124 Networkin' Nut Member

    There is an OPEN client I can install on my computer that connects to open vpn.. Here is the successful connection log:
    Sun Sep 30 23:28:21 2012 Multiple —route-up scripts defined. The previously configured script is overridden."
    "Sun Sep 30 23:28:21 2012 Multiple —route-up scripts defined. The previously configured script is overridden."
    "Sun Sep 30 23:28:21 2012 Multiple —route-up scripts defined. The previously configured script is overridden."
    "Sun Sep 30 23:28:21 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] built on May 24 2012"
    "Sun Sep 30 23:28:21 2012 NOTE: the current —script-security setting may allow this configuration to call user-defined scripts"
    "Sun Sep 30 23:28:21 2012 NOTE: —script-security method='system' is deprecated due to the fact that passed parameters will be subject to shell expansion"
    "Sun Sep 30 23:28:22 2012 LZO compression initialized"
    "Sun Sep 30 23:28:22 2012 Control Channel MTU parms [ L:1578 D:138 EF:38 EB:0 ET:0 EL:0 ]"
    "Sun Sep 30 23:28:22 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]"
    "Sun Sep 30 23:28:22 2012 Data Channel MTU parms [ L:1578 D:1450 EF:46 EB:135 ET:32 EL:0 AF:3/1 ]"
    "Sun Sep 30 23:28:22 2012 Fragmentation MTU parms [ L:1578 D:1300 EF:45 EB:135 ET:33 EL:0 AF:3/1 ]"
    "Sun Sep 30 23:28:22 2012 Local Options hash (VER=V4): '9a22532e'"
    "Sun Sep 30 23:28:22 2012 Expected Remote Options hash (VER=V4): 'e2a912d8'"
    "Sun Sep 30 23:28:22 2012 UDPv4 link local: [undef]"
    "Sun Sep 30 23:28:22 2012 UDPv4 link remote: 173.254.253.50:53"
    "Sun Sep 30 23:28:22 2012 TLS: Initial packet from 173.254.253.50:53, sid=c4567761 34de5910"
    "Sun Sep 30 23:28:22 2012 WARNING: this configuration may cache passwords in memory — use the auth-nocache option to prevent this"
    "Sun Sep 30 23:28:25 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=me@myhost.mydomain"
    "Sun Sep 30 23:28:25 2012 VERIFY OK: nsCertType=SERVER"
    "Sun Sep 30 23:28:25 2012 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=server/emailAddress=me@myhost.mydomain"
    "Sun Sep 30 23:28:25 2012 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key"
    "Sun Sep 30 23:28:25 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication"
    "Sun Sep 30 23:28:25 2012 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key"
    "Sun Sep 30 23:28:25 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication"
    "Sun Sep 30 23:28:25 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA"
    "Sun Sep 30 23:28:25 2012 [server] Peer Connection Initiated with 173.254.253.50:53"
    "Sun Sep 30 23:28:27 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)"
    "Sun Sep 30 23:28:27 2012 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,show-net-up,route-gateway 96.44.188.129,ping 10,ping-restart 60,ifconfig 96.44.188.149 255.255.255.128'"
    "Sun Sep 30 23:28:27 2012 OPTIONS IMPORT: timers and/or timeouts modified"
    "Sun Sep 30 23:28:27 2012 OPTIONS IMPORT: —ifconfig/up options modified"
    "Sun Sep 30 23:28:27 2012 OPTIONS IMPORT: route options modified"
    "Sun Sep 30 23:28:27 2012 OPTIONS IMPORT: route-related options modified"
    "Sun Sep 30 23:28:27 2012 OPTIONS IMPORT: —ip-win32 and/or —dhcp-option options modified"
    "Sun Sep 30 23:28:27 2012 ROUTE default_gateway=192.168.1.1"
    "Sun Sep 30 23:28:27 2012 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{BF0FFD35-EF36-46DF-8185-0DBE204A03DF}.tap"
    "Sun Sep 30 23:28:27 2012 TAP-Win32 Driver Version 9.9"
    "Sun Sep 30 23:28:27 2012 TAP-Win32 MTU=1500"
    "Sun Sep 30 23:28:27 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 96.44.188.149/255.255.255.128 on interface {BF0FFD35-EF36-46DF-8185-0DBE204A03DF} [DHCP-serv: 96.44.188.128, lease-time: 31536000]"
    "Sun Sep 30 23:28:27 2012 Successful ARP Flush on interface [41] {BF0FFD35-EF36-46DF-8185-0DBE204A03DF}"
    "Sun Sep 30 23:28:29 2012 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up"
    "Sun Sep 30 23:28:29 2012 C:\Windows\system32\route.exe ADD 173.254.253.50 MASK 255.255.255.255 192.168.1.1"
    "OK!"
    "Sun Sep 30 23:28:29 2012 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 96.44.188.129"
    "OK!"
    "Sun Sep 30 23:28:29 2012 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 96.44.188.129"
    "OK!"
    Options
    New Post

    Start watching: site tomatousb.org | category forum | this page [?]

    Help | Terms of Service | Privacy | Report a bug | Flag as objectionable

    Powered by Wikidot.com

    Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License
     

Share This Page