I think you can try
#ipkg install -force-depends openvpn
and try to follow steps at this thread
http://wl500g.info/showthread.php?t=...hlight=openvpn
that work for me
P.S And pls make sure to use the correct path for the tun.o driver.
I tried to install openvpn, but got this error:
[admin@wl500g root]$ ipkg install openvpn
Installing openvpn (2.0.2-1) to root...
Downloading http://ipkg.nslu2-linux.org/feeds/un...2-1_mipsel.ipk
Nothing to be done
An error ocurred, return value: 1.
Collected errors:
ERROR: Cannot satisfy the following dependencies for openvpn:
kernel-module-tun
...
I had previously done:
mkdir -p /dev/net
mknod /dev/net/tun c 10 200
insmod tun.o
so, the kernel module was active...
Can I force the install with :
ipkg install -nodeps openvpn
will it work?
thanks,
[ WL-500G | fw: 1.9.2.7-7f ]
I think you can try
#ipkg install -force-depends openvpn
and try to follow steps at this thread
http://wl500g.info/showthread.php?t=...hlight=openvpn
that work for me
P.S And pls make sure to use the correct path for the tun.o driver.
Last edited by suitrevor; 30-10-2005 at 15:52.
I installed it with --nodeps, and it seems to work.
I can use open vpn in my laptop (client), and ping the router(Server), in a secure channel, but I can't use the router as client to link to a server in the internet.... I think it's the firewall beween my wl500g and the internet....
Last edited by gwl; 30-10-2005 at 18:59.
[ WL-500G | fw: 1.9.2.7-7f ]
Do you mean to using the wl500g as a openvpn client and connect to another openvpn server? I just don't understand. Can you ping the vpn server(the internet one) in tun0. Can you pls describe the situation more precisely. Thank you.
test 1:
wl500g=openvpn server ; laptop=client
result ok:I can ping the router from the laptop.
test 2:
wl500g=openvpn client ; RemotePC(online) =openvpn server
result: from a shell inside the router, I can't ping the remote pc.
(on the remote pc, some requests are seen, but I don't get any replyes)
[ WL-500G | fw: 1.9.2.7-7f ]
Has anyone had succes configuring an OPENVPN server in bridge mode on the WL500G? I am using Oleg's firmware latest release.
My problem is that the tap device is not found when I try to add it to the BR0 bridge.
I have done a INSMOD TUN before that. Is there anything else I need to do?
/Peter
Found it myself on: http://openvpn.net/bridge.html#linuxscript :
Code:openvpn --mktun --dev tap0
I would like to implement one of those 2 on my router within the flash is that possible and if so can someone make a step-by-step guide for it?
The reason is that I want to get into my network from school with my own laptop.
I've oleg's latest (1.9.2.7-6c) firmware. I've already searched the forum for help but al the information is so much spreaded that I couldn't find out how to start.
I don't want to have it on my usb harddrive because I want to take it with me sometimes so the router will have a problem then.
Is this possible?
Hi,
you can buy a cheap USB stick and store /opt/ in it so you don't need a hard drive.
I store the whole filesystem on the USB stick - this has many opportunities: If you misconfigure anything and the router doesn't respond any more you can simply remove the USB drive and the router uses the internal flash. Or you can edit files on the USB stick with your PC running Linux.
http://oleg.wl500g.info/ "Root file system on the external USB drive"
Matthias
Firmware Used: 1.9.2.7-7c
Unit: WL500g
OpenVpn Version being used: openvpn_2.0.2-1_mipsel.ipk from unslung
Bridge Configuration: Wireless link and LAN connections (eth0 and eth2)
Firewall Configuration: Accept All
Description of Problem:
Have installed Openvpn successfully and it works fine for Tap0 based upon the out-of-the-box TLS configuration. My problem is related to using the Tap0 connection in the br0 bridge. If the tap0 network connection is added into br0 using brctl addif br0 tap0, no traffic passes through the tap0, although I do see the ARP request/responses. There is no firewall up, iptables is configured to accept all traffic as the default policy. If I remove tap0 out of the br, bridge, all traffic flows from the Wl500g and my wireless connected laptop (vice versa) over the OpenVPN negotiated connection. The problem is the same for LAN connected boxes, if tap0 is added to br0 so ti is not specific to the wireless conection.
I have cecked br0 on its own using tap0, when openvpn is not running and traffic flows between tap0 and br0 successfully so it is not a firewall problem. the output from route looks fine also i.e. all my VPN traffic is roited on the Wl500g via tap0. The problem occurrs when openvpn is brought online and tap0 is put in the bridge, br0. Any help on this one, much appreciated as I have banging my head on a virtual wall for a few days. It appears to be an issue with bridging and OpenVPN.
I have also tested my OpenVPN connection on Mandrake with same settings, etc and it works fine. Much appreciated on ideas?
Sean
Did you already try to restart OpenVPN *after* you added tap0 to the bridge?
At least for me this works.
Yep I tried restarting openvpn after the tap0 device is added to br0 but that does not make any differeence. When I delete tap0 from br0, it works fine. The settings for br0 are standard out of the box firmware settings. It is something specifically related to openvpn and br0. Could you share your server and client VPN settings, (obviously without keys and specific IP settings0 so I can do a comparsion on what I am doing. Cheers
Here comes my configuration:
The interfaces:
Bridge #0 (WLAN):Code:[admin@(none) /tmp]$ ifconfig br0 Link encap:Ethernet HWaddr 00:0E:A6:B7:DB:6B inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::20e:a6ff:feb7:db6b/10 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:91929 errors:0 dropped:0 overruns:0 frame:0 TX packets:6775 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2954039 (2.8 MiB) TX bytes:5991009 (5.7 MiB) br1 Link encap:Ethernet HWaddr 00:0E:A6:B7:DB:6B inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20e:a6ff:feb7:db6b/10 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1473565 errors:0 dropped:0 overruns:0 frame:0 TX packets:1633100 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:566525409 (540.2 MiB) TX bytes:1170141654 (1.0 GiB) eth0 Link encap:Ethernet HWaddr 00:0E:A6:B7:DB:6B inet6 addr: fe80::20e:a6ff:feb7:db6b/10 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:1473628 errors:0 dropped:0 overruns:0 frame:0 TX packets:1653938 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:593055204 (565.5 MiB) TX bytes:1171392947 (1.0 GiB) Interrupt:3 Base address:0x2000 eth1 Link encap:Ethernet HWaddr 00:0E:A6:B7:DB:6B inet6 addr: fe80::20e:a6ff:feb7:db6b/10 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1638815 errors:2 dropped:0 overruns:0 frame:1 TX packets:1479407 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:1196221196 (1.1 GiB) TX bytes:592413341 (564.9 MiB) Interrupt:4 Base address:0x8000 eth2 Link encap:Ethernet HWaddr 00:0E:A6:B7:DB:6B inet6 addr: fe80::20e:a6ff:feb7:db6b/10 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:91902 errors:0 dropped:0 overruns:0 frame:18589 TX packets:133040 errors:17 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:4238047 (4.0 MiB) TX bytes:12787514 (12.1 MiB) Interrupt:6 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1 RX packets:54674 errors:0 dropped:0 overruns:0 frame:0 TX packets:54674 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:5272540 (5.0 MiB) TX bytes:5272540 (5.0 MiB) ppp0 Link encap:Point-Point Protocol inet addr:217.191.169.42 P-t-P:213.20.95.16 Mask:255.255.255.255 UP POINTOPOINT RUNNING MULTICAST MTU:1492 Metric:1 RX packets:1634259 errors:0 dropped:0 overruns:0 frame:0 TX packets:1474867 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:1153438866 (1.0 GiB) TX bytes:559828399 (533.8 MiB) tap0 Link encap:Ethernet HWaddr 00:FF:28:23:EB:A7 inet6 addr: fe80::2ff:28ff:fe23:eba7/10 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:518 errors:0 dropped:30453 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:28139 (27.4 KiB) wds0.4915 Link encap:Ethernet HWaddr 00:0E:A6:B7:DB:6B inet6 addr: fe80::20e:a6ff:feb7:db6b/10 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Bridge #1 (LAN):Code:[admin@(none) /tmp]$ brctl showbr br0 br0 bridge id 8000.000ea6b7db6b designated root 8000.000ea6b7db6b root port 0 path cost 0 max age 20.00 bridge max age 20.00 hello time 2.00 bridge hello time 2.00 forward delay 0.00 bridge forward delay 0.00 ageing time 42.30 gc interval 4.00 hello timer 0.52 tcn timer 0.00 topology change timer 0.00 gc timer 2.53 flags eth2 (2) port id 8002 state forwarding designated root 8000.000ea6b7db6b path cost 100 designated bridge 8000.000ea6b7db6b message age timer 0.00 designated port 8002 forward delay timer 0.00 designated cost 0 hold timer 0.52 flags wds0.49153 (3) port id 8003 state forwarding designated root 8000.000ea6b7db6b path cost 100 designated bridge 8000.000ea6b7db6b message age timer 0.00 designated port 8003 forward delay timer 0.00 designated cost 0 hold timer 0.52 flags
OpenVPN config:Code:[admin@(none) /tmp]$ brctl showbr br1 br1 bridge id 8000.000ea6b7db6b designated root 8000.000ea6b7db6b root port 0 path cost 0 max age 20.00 bridge max age 20.00 hello time 2.00 bridge hello time 2.00 forward delay 15.00 bridge forward delay 15.00 ageing time 42.30 gc interval 4.00 hello timer 1.84 tcn timer 0.00 topology change timer 0.00 gc timer 3.86 flags eth0 (1) port id 8001 state forwarding designated root 8000.000ea6b7db6b path cost 100 designated bridge 8000.000ea6b7db6b message age timer 0.00 designated port 8001 forward delay timer 0.00 designated cost 0 hold timer 0.00 flags tap0 (2) port id 8002 state forwarding designated root 8000.000ea6b7db6b path cost 100 designated bridge 8000.000ea6b7db6b message age timer 0.00 designated port 8002 forward delay timer 0.00 designated cost 0 hold timer 0.00 flags
Bridge start script:Code:[admin@(none) openvpn]$ cat openvpn.conf|grep -v ^#|grep -v '^;'|grep -v '^ *$' port 1194 proto udp dev tap0 ca flexoft-cacert.crt cert wl-500g-cert.crt key wl-500g-key.pem dh dh1024.pem ifconfig-pool-persist ipp.txt server-bridge 192.168.1.1 255.255.255.0 192.168.1.64 192.168.1.127 push "route 192.168.1.0 255.255.255.0" keepalive 10 120 comp-lzo
This is what I have in my firewall script:Code:[admin@(none) openvpn]$ cat bridge-start #!/bin/sh ################################# # Set up Ethernet bridge on Linux # Requires: bridge-utils ################################# PATH=/opt/sbin:/opt/bin:$PATH export PATH # Define Bridge Interface br="br1" # Define list of TAP interfaces to be bridged, # for example tap="tap0 tap1 tap2". tap="tap0" # Define physical ethernet interface to be bridged # with TAP interface(s) above. eth="eth0" eth_ip="192.168.1.1" eth_netmask="255.255.255.0" eth_broadcast="192.168.1.255" for t in $tap; do openvpn --mktun --dev $t done brctl addbr $br brctl addif $br $eth for t in $tap; do brctl addif $br $t done for t in $tap; do ifconfig $t 0.0.0.0 promisc up done ifconfig $eth 0.0.0.0 promisc up ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast
Hope this helps!Code:ifconfig br0 0.0.0.0 brctl delif br0 eth0 ifconfig br0 192.168.2.1 ifconfig eth0 192.168.1.1
Br0 is a bridge between eth2 and eth1 into whcih I also add tap0. When Tap0 is added into the bridge I cannot send any traffic on the VPN connection. I have no problem establishing the VPN connection but bridging is not working. I have also tried adding in a new bridge on its own between eth0 and tap0 (as in your example) but the same behaviour is found. What version of the Oleg WL500g firmware and openvpn package are you using? I am using the latets from unslung and similar firmware. Cheers
I'm using firmware 1.9.2.7-6c-pre5 and my openvpn is
kernel-module-tun is not installedCode:[admin@(none) /proc]$ ipkg status openvpn Package: openvpn Version: 2.0_rc17-3 Depends: openssl, lzo, kernel-module-tun Status: install user installed Architecture: mipsel [admin@(none) /proc]$ ipkg status openssl Package: openssl Version: 0.9.7d-4 Status: install user installed Section: libs Architecture: mipsel maintainer: NSLU2 Linux <nslu2-linux@yahoogroups.com> MD5Sum: 688c2dbadad18c1bc6bae109bd6aac93 Size: 946871 Filename: openssl_0.9.7d-4_mipsel.ipk Source: http://www.openssl.org/source/openssl-0.9.7d.tar.gz Description: Openssl provides the ssl implementation in libraries libcrypto and libssl, and is needed by many other applications and libraries. [admin@(none) /proc]$ ipkg status lzo Package: lzo Version: 1.08-2 Status: install user installed Section: lib Architecture: mipsel maintainer: Inge Arnesen <inge.arnesen@gmail.com> MD5Sum: ab7fe86f9fc106884106b1a21b9de053 Size: 103649 Filename: lzo_1.08-2_mipsel.ipk Source: http://www.oberhumer.com/opensource/lzo/download//lzo-1.08.tar.gz Description: Compression library