maemo.org - Talk

maemo.org - Talk (https://talk.maemo.org/index.php)
-   Applications (https://talk.maemo.org/forumdisplay.php?f=41)
-   -   [Solution] OpenVPN on N900 using TUN with Tomato router (working config) (https://talk.maemo.org/showthread.php?t=82373)

totalizator 2012-02-16 13:17

[Solution] OpenVPN on N900 using TUN with Tomato router (working config)
 
This is just for reference as there is many threads on this topic but I had barely any success in configuring OpenVPN on N900 after studying them.

My original approach was to be able to surf the web via VPN server and to have access to my LAN computers at the same time. I've tried using TAP method first (to get a dynamic IP from the server) but it ended with a total failure. Still I can't understand why it was not working on N900. I've tried everything (working configs from other devices, new configs...). No go. Then as a last resort I've decided to try with TUN metod and surprisingly, it works flawlessly now - everything is routed via the VPN server and I can access the LAN devices (despite having different IP class number (B 10.x.x.x when the network is C 192.x.x.x). It works with both - WLAN and GPRS connection.

Here is my config (using previously generated static key):

Code:

remote yourserver.com 1194
ifconfig 10.8.0.2 10.8.0.1
dev tun
secret /opt/secret.key
proto udp
comp-lzo
redirect-gateway def1
persist-tun
persist-key
# Allow scripts to be run
script-security 2
ipchange /etc/openvpn/add_default_route.sh
verb 3
keepalive 10 120

To have it working with GPRS the /etc/openvpn/add_default_route.sh has to contain (first part as a single line, second part - already posted by user alphazo):

Code:

#!/bin/sh

#if gprs0 up and no flagged default route ; then create one
#use with ipchange /etc/openvpn/add_default_route.sh in openvpn conf
#after setting script-security 2
gprsroute=`route | grep gprs` ; defroute=`route | grep default | grep G` ; if [ -n "$gprsroute" -a -z "$defroute" ]; then nexthop=`ifconfig gprs0 | grep "inet addr" | cut -d : -f 3 | cut -d " " -f 1` ; route add -host $nexthop dev gprs0 ; route add default gw $nexthop ; fi
if [ -f /var/run/resolv.conf.gprs ];
then
  echo "nameserver 192.168.1.1" >> /var/run/resolv.conf.gprs
fi
if [ -f /var/run/resolv.conf.wlan0 ];
then
  echo "nameserver 192.168.1.1" >> /var/run/resolv.conf.wlan0
fi

The server is Linksys WRT-54GL with Tomato firmware with OpenVPN GUI configuration (it's straightforward). The additional options are (plus "Respond to DNS" ticked):

Code:

push "redirect-gateway def1"
script-security 2
verb 2
ping-timer-rem

I hope it will help someone.


All times are GMT. The time now is 23:09.

vBulletin® Version 3.8.8