- attached Basic.PNG
- attached Advanced.PNG
- attached Keys.PNG
- attached Status.PNG
OpenVPN connects but traffic doesn't route through it
Issue #266
invalid
Hi,
My router is NETGEAR R7000, and the FW is freshtomato-R7000-ARM_NG-2022.7-VPN-64K.
I’m currently trying to configure the OpenVPN Client on my router, although the VPN client connects, but no traffic route through it. The same OpenVPN profile works perfectly on my phone and laptop.
I've been struggling for days on this issue, I’ve tried connecting with every Compressions, TLS control channel security, all without success.
Here is the log
Jan 10 23:38:49 daemon notice openvpn-client1[26628] [UNDEF] Inactivity timeout (--ping-restart), restarting
Jan 10 23:38:49 daemon notice openvpn-client1[26628] SIGUSR1[soft,ping-restart] received, process restarting
Jan 10 23:38:49 daemon notice openvpn-client1[26628] Restart pause, 80 second(s)
Jan 10 23:40:09 daemon warn openvpn-client1[26628] NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jan 10 23:40:09 daemon notice openvpn-client1[26628] Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Jan 10 23:40:09 daemon notice openvpn-client1[26628] Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Jan 10 23:40:09 daemon notice openvpn-client1[26628] TCP/UDP: Preserving recently used remote address: [AF_INET]20.212.2.39:1168
Jan 10 23:40:09 daemon notice openvpn-client1[26628] Socket Buffers: R=[122880->122880] S=[122880->122880]
Jan 10 23:40:09 daemon notice openvpn-client1[26628] UDP link local: (not bound)
Jan 10 23:40:09 daemon notice openvpn-client1[26628] UDP link remote: [AF_INET]**Server-IP**:1168
Here is my profile
client
dev tun
proto udp
remote Server-IP 1168
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
verb 3
<ca>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
</key>
<tls-crypt>
-----BEGIN OpenVPN Static key V1-----
-----END OpenVPN Static key V1-----
</tls-crypt>
I’m new to FreshTomato and OpenVPN, and hope this is only a configuration issue.
Comments (5)
-
Account Deleted reporter
-
repo owner
- changed status to invalid
It's not a bug - you just can't set it up. Use our forum to explain what is going on, with full syslog (not just 8 or something lines): https://www.linksysinfo.org/index.php?forums/tomato-firmware.33/
-
Account Deleted reporter
Apologies.
-
Account Deleted reporter
- changed status to closed
-
Account Deleted reporter
- changed status to invalid
- Log in to comment
</div> </form>