dh.pem issue in VPN setup on Tomato

Discussion in 'Tomato Firmware' started by vinhdizzo, Nov 9, 2010.

  1. vinhdizzo

    vinhdizzo Networkin' Nut Member


    I'd like to set up OpenVPN on my Asus N-16 with the following Tomato firmware:
    Tomato Firmware v1.27.9047 MIPSR2-beta15 K26 USB vpn3.6

    I'm followed the instructions on this wiki post but cannot get it working by clicking "Start" after pasting the keys generated from openvpn. I looked at the log and found this:

    Nov  9 11:09:21 router daemon.notice openvpn[695]: OpenVPN 2.1.1 mipsel-unknown-linux-gnu [SSL] [LZO2] [EPOLL] built on Jun  3 2010
    Nov  9 11:09:21 router daemon.warn openvpn[695]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Nov  9 11:09:21 router daemon.err openvpn[695]: Cannot load DH parameters from dh.pem: error:0906D06C:PEM routines:PEM_read_bio:no start line
    Nov  9 11:09:21 router daemon.notice openvpn[695]: Exiting
    Does anyone know what's wrong? I searched and did not find anything useful.

    I do have time set up on the router, and I checked ca.crt:

    $openssl x509 -in ca.crt -noout -dates
    notBefore=Nov  9 18:25:39 2010 GMT
    notAfter=Nov  6 18:25:39 2020 GMT
    Time on router is on UTC -8. Current router time:
    Tue, 09 Nov 2010 11:24:36 -0800

    Any help is greatly appreciated.
  2. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    Notice the error message it gave: "Cannot load DH parameters from dh.pem...no start line". I'm guessing you don't have the "Diffie Hellman parameters" field filled in on the "Keys" tab, or it doesn't have a "-----BEGIN DH PARAMETERS-----" start line. Have you double-checked this?
  3. vinhdizzo

    vinhdizzo Networkin' Nut Member

    Thank you so much. I overlooked and thought I was suppose to ignore the BEGIN and END lines in those files. No errors now! Consider this SOLVED.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice