1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

vpn setting help

Discussion in 'Tomato Firmware' started by fei2010, Mar 30, 2010.

  1. fei2010

    fei2010 Networkin' Nut Member

    I have following the this post to set up vpn tunneling in my router ASUS 520GU + tomato 1.27 VPN fireware: http://blog.johnso.org/2009/08/how-to-setup-openvpn-in-tomato.html. the only difference is that in my interface, there is server/port instead of just port, I put my router address in the server box: 192.168.1.1
    when I done input(also the static key) and click "start now?. it did start and the button showed "stop now".
    when I check the log file, seems there are errors, see below log, the last error "Connection refused" just repeat and repeat. when I tried to start openvpn in one of my pc insider my LAN, the status is always "acquiring network address".

    what is wrong with my setting? how to fix it? Thanks!

    log file attached below:
    Mar 29 22:06:15 tomato user.info kernel: Universal TUN/TAP device driver 1.5 (C)1999-2002 Maxim Krasnyansky
    Mar 29 22:06:15 tomato user.info kernel: device tap11 entered promiscuous mode
    Mar 29 22:06:15 tomato user.info kernel: br0: port 3(tap11) entering learning state
    Mar 29 22:06:15 tomato user.info kernel: br0: port 3(tap11) entering forwarding state
    Mar 29 22:06:15 tomato user.info kernel: br0: topology change detected, propagating
    Mar 29 22:06:15 tomato daemon.notice openvpn[17962]: OpenVPN 2.1.1 mipsel-unknown-linux-gnu [SSL] [LZO2] built on Feb 17 2010
    Mar 29 22:06:15 tomato daemon.warn openvpn[17962]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts o
    r executables
    Mar 29 22:06:15 tomato daemon.notice openvpn[17962]: Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Mar 29 22:06:15 tomato daemon.notice openvpn[17962]: Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Mar 29 22:06:15 tomato daemon.notice openvpn[17962]: Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Mar 29 22:06:15 tomato daemon.notice openvpn[17962]: Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Mar 29 22:06:15 tomato daemon.notice openvpn[17962]: LZO compression initialized
    Mar 29 22:06:15 tomato daemon.notice openvpn[17962]: TUN/TAP device tap11 opened
    Mar 29 22:06:15 tomato daemon.notice openvpn[17962]: TUN/TAP TX queue length set to 100
    Mar 29 22:06:15 tomato daemon.notice openvpn[17962]: /sbin/ifconfig tap11 10.8.0.2 netmask 255.255.255.0 mtu 1500 broadcast 10.8.0.255
    Mar 29 22:06:15 tomato daemon.notice openvpn[17962]: Data Channel MTU parms [ L:1577 D:1450 EF:45 EB:135 ET:32 EL:0 AF:3/1 ]
    Mar 29 22:06:15 tomato daemon.notice openvpn[17967]: Socket Buffers: R=[32767->65534] S=[32767->65534]
    Mar 29 22:06:15 tomato daemon.notice openvpn[17967]: UDPv4 link local: [undef]
    Mar 29 22:06:15 tomato daemon.notice openvpn[17967]: UDPv4 link remote: 192.168.1.1:1195
    Mar 29 22:06:15 tomato daemon.err openvpn[17967]: read UDPv4 [ECONNREFUSED]: Connection refused (code=146)
    Mar 29 22:06:15 tomato daemon.err openvpn[17967]: read UDPv4 [ECONNREFUSED]: Connection refused (code=146)
     
  2. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    Sounds like you're trying to set up a VPN server, but filled in the VPN client pages (based on the fact that you had to fill in an address, but are trying to connect clients to it). Try setting up the server settings instead.
     
  3. fei2010

    fei2010 Networkin' Nut Member

    Thanks! in the server config, what IP should I put in in the local/remote endpoint box?
     
  4. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    The defaults should be fine, but you'll need to provide the same addresses in the clients' configuration (but in reverse order). If you were to use TLS instead of static key authentication, this would not be necessary.
     
  5. fei2010

    fei2010 Networkin' Nut Member

    Thank you SgtPepperKSU.

    Is there any relative up to date document I can reference to on how to set up VPN server and how to connect it? I just need use it occasionally while I am travel out.
     

Share This Page