OpenVPN and TUN - forgot how!

Discussion in 'Tomato Firmware' started by rhester72, Jun 25, 2012.

  1. rhester72

    rhester72 Network Guru Member

    I've been using OpenVPN for _years_, and more than half a decade ago permanently made the switch from TUN to TAP for a whole bunch of reasons (simplicity and Win* fileshare support being among them).

    I now find myself with an Android OpenVPN client solution that requires TUN (because of some rootless voodoo it's doing with the low-level OS). One of the side-effects is that it forces ALL traffic on the Android device through the tunnel, but for my use case, this is a good thing.

    However, I'm stymied by why the tunnel comes up clean, yet I can't hit *anything* on my LAN or the Internet...the only thing I appear to be able to communicate with is the endpoint IP itself.

    I've verified that the routing table looks good on the Android device and that the appropriate firewall FORWARD rules into and out of tun21 appear to be in place, but doing a tcpdump against br0 indicates that not a single packet is ever reaching the bridge.

    I realize I haven't messed with this stuff in years, but I'm a bit lost as to why this is happening. I'm sure it's a "n00b" mistake, but any pointers on where to look next would be sincerely appreciated.

  2. ulyan

    ulyan Networkin' Nut Member

    I use cyanogenmod and tested it with openvpn installer and openvpn settings program, it never worked for me, and never understood why. So this is something that I might be interested in also. :oops:
  3. ryzhov_al

    ryzhov_al Addicted to LI Member

    Is there any FastNAT/FastPath support in Tomato firmware? If so, try to disable it.
  4. waeking

    waeking Addicted to LI Member

    cyanogenmod 7 has a built in openvpn in the vpn section. I have been able to setup with that for openvpn. However the cyanognemod9 has no built in support that I know of as this posting. I have never been able to get the openvpn installer to work either.

    Here is a great tutorial that I have used to setup all of the config files. works like a charm

    EDIT: forgot to include the link
