Page 1 of 3 123 LastLast
Results 1 to 15 of 42

Thread: HowTo install OpenVPN server

  1. #1
    Join Date
    Nov 2004
    Location
    Sweden
    Posts
    259

    HowTo install OpenVPN server

    ================================================== =======
    NOTES:
    I do not take any credit for most of the information herein written. I just collected (copy&paste) most the information and adapted it to be executed under an Asus WL-500g device.

    This is a simple setup that has a limited scalability -- one client, one server.

    This HowTo is oriented to create a VPN connection between an Asus WL-500g device and a Windows XP client.

    ASSUMPTIONS:
    i.- firmware: Oleg 1.9.2.7-7b
    ii.- root file system on the external USB drive
    iii.- telnet/ssh deamon installed and active
    iv.- nano editor installed

    SOURCES:
    i.- http://openvpn.net
    ii.- http://www.sprayfly.com/wiki/User_talk:Jonolumb
    iii.- This forum
    ================================================== =======

    CONFIGURING THE CLIENT (Windows XP)
    Download from http://openvpn.se/download.html openvpn-2.0.7-gui-1.0.3-install.exe which will install both OpenVPN and a Windows GUI. Install everything.
    During the installation you will be prompted about authentication of drivers to be installed. You should accept it.

    Open "network connections" and rename the connection recently created from "Local Area Connection x" to "tun0" (it should have "TAP-Win32 Adapter V8 (coLinux)" as NIC)

    Open a dos-prompt window
    C:
    cd \Program Files\OpenVPN\config
    openvpn --genkey --secret static.key


    create a txt file called "client.ovpn" and add the following information:
    remote myremote.mydomain
    dev tun0
    ifconfig 10.8.0.2 10.8.0.1
    secret static.key
    keepalive 10 60


    where myremote.mydomain is the WAN ip address or host name of your Asus WL-500g router.


    Install OpenVPN package on WL-500g

    ipkg -force-depends install openvpn

    Check for message:
    Warning: Cannot satisfy the following dependencies for openvpn: kernel-module-tun

    But warning can be disregarded, tun is already included in Oleg's firmware.


    Create the TUN device node
    (users report these two lines below are not necessary any longer. They give error messages. See comment #9)

    mkdir /dev/net
    mknod /dev/net/tun c 10 200



    Load the TUN/TAP kernel module

    insmod tun


    Enable routing

    echo 1 > /proc/sys/net/ipv4/ip_forward


    Configuring VPN Server

    cd /opt/etc/openvpn
    nano server.conf

    (add following lines)
    dev tun0
    ifconfig 10.8.0.1 10.8.0.2
    secret static.key

    (exit editor)
    ^O ^X


    Copy via FTP the file static.key from WinXP client folder C:\Program Files\OpenVPN\config to Asus wl500g directory /opt/etc/openvpn


    Add firewall rules

    cd /usr/local/sbin
    nano post-firewall

    #!/bin/sh
    #OpenVPN access from WAN
    iptables -D INPUT -j DROP
    iptables -I INPUT -p udp --dport 1194 -j ACCEPT
    iptables -t nat -I PREROUTING -i eth1 -p udp --dport 1194 -j DNAT --to-destination $4:1194
    iptables -A INPUT -j DROP

    iptables -I INPUT -i tun0 -j ACCEPT
    iptables -I FORWARD -i tun0 -j ACCEPT
    iptables -I FORWARD -o tun0 -j ACCEPT
    iptables -I OUTPUT -o tun0 -j ACCEPT


    (exit editor)
    ^O ^X

    NOTES:
    With WL-500gP eth1 shall be changed to vlan1 and $4 to router's LAN gateway (192.168.1.1)


    Start OpenVPN server manually
    /sbin/insmod tun
    /opt/sbin/openvpn --cd /opt/etc/openvpn --daemon \
    --log-append /var/log/openvpn.log \
    --config server.conf


    If you want to try the OpenVPN server at this point, without making an autostart, you should execute all iptables commands above written by copy&paste them on the Asus wl500g prompt and jump to the next point called "Trying the VPN tunnel".


    Autostart
    To automatically start the OpenVPN server processes at boot time:

    nano /opt/etc/init.d/S24openvpn

    #!/bin/sh

    if [ -n "`pidof openvpn`" ]; then
    /bin/killall openvpn 2>/dev/null
    fi

    # load TUN/TAP kernel module
    /sbin/insmod tun

    # enable IP forwarding
    echo 1 > /proc/sys/net/ipv4/ip_forward

    # Startup VPN tunnel in daemon mode
    /opt/sbin/openvpn --cd /opt/etc/openvpn --daemon \
    --log-append /var/log/openvpn.log \
    --config server.conf


    (exit editor)
    ^O ^X


    Save and Reboot
    chmod +x /opt/etc/init.d/S24openvpn
    flashfs save
    flashfs commit
    flashfs enable
    reboot



    Trying the VPN tunnel
    Execute file client.ovpn in Windows XP (C:\Program Files\OpenVPN\config). A DOS window will appear. Pay attention to message "Initialization Sequence Completed". This message indicates that the VPN connection has been established. (Do not close the DOS window! If you close the DOS window you will close the VPN connection)

    To test that everything works as it should try to ping 10.8.0.1 from the client (Windows XP) and to ping 10.8.0.2 from Asus WL-500g. You should get ping responses on both cases. If it is so, everything works!


    FINAL NOTES
    i)If you are running Windows XP/SP2 don't forget to add a rule in your Windows XP firewall to accept traffic on port 1194.
    ii) HowTo: Routing all client traffic through VPN tutorial available
    Last edited by Tamadite; 11-10-2009 at 01:05. Reason: Updating tutorial

  2. #2

    Sprayfly Guide now complete

    Hi there, you quoted http://www.sprayfly.com/wiki/User_talk:Jonolumb
    as a source in your OpenVPN guide.
    In fact, I was using the talk page to gather together the key elements together for a mainstream guide. This has now been created thanks to 'Propa', another user on my Wiki and can be found at http://www.sprayfly.com/wiki/OpenVPN. The new guide contains step by step instructions and goes into a great depth of detail. However, the talk page now longer contains the content that was referred to (unless you look at previous versions in the history).
    Cheers
    Jono
    Feel free to visit my WL-HDD/WL-500g wiki at http://www.sprayfly.com/wiki
    There are step by step guides on the installation and configuration of many optware packages as well as basic setup guides.

  3. #3

    Question Is there a way to use openvpn without mounting flash or disk?

    Openvpn along with openssl takes about 5M space.But the wl500g has only about 2M free.That means i have to use USB to mount a free space to use openvpn.Is there anyway to build a VLAN without demanding any other space except for the 2M free space inside.Can freeswan be added into wl500g?

  4. #4
    Join Date
    May 2004
    Location
    France...
    Posts
    159
    I guess there is no way to do it without external storage. Small flash drives are now very cheap
    The Struggle Continues...
    Asus WL500g #1 with fw 1.9.2.7-7f running as main home gateway, with Philipps PWC730k
    Asus WL500g #2 with fw 1.9.2.7-7f running as Wireless Client, running palantir 2.6 with SPCA5xx camera on 128MB generic USB key

  5. #5

    Openvpn Asus wl500g ping problems

    Hey,

    I set up openvpn according to http://www.sprayfly.com/wiki/OpenVPN. And I am able to connect from a windows client to the router and assigned the ip 10.8.0.6.
    But the problem is I can only ping local windows machine 10.8.0.6 not the router 10.8.0.1.
    On the router I can ping both 10.8.0.6 and 10.8.0.1.
    When the openvpn client is disconnected(10.8.0.6) then I can ping 10.8.0.1 from the client.
    All I wanted was to try getting this vpn to work from my lan clients to the local router, and also see other shares on lan clients.
    Some help would be much appriciated.

    LAN 192.168.1.0/24

    [VPN client 10.8.0.6]-------------------------------------------------------------------------------[WL500g openvpn router 10.8.0.1]


    /Limpo

  6. #6

    Small update

    Hey,

    I tried somemore and found out that I can ping and reach shares on clients connected trough the vpn. But I can still not ping(10.8.0.1) or access shares(samba) on the LAN vpn server(asus wl500g).
    The settings on both the client and server config, is set to client-to-client. Maybe it neds to be client-to-server? But then I probably cant access lan clients.

    Later,
    /Limpo

  7. #7

    How to create a vpn server?

    Hi:

    Is there anyway to create a vpn server on the asus wl-500gp?

    Besides openvpn, is there any other package?

  8. #8

    Is wl500gp OpenVPN Possible Without USB Drive?

    I'm with you. Has anyone come up with a way to work this out?

    I have been struggling with this for 14 hours now... I started with this Wiki and tried to modify the directions to only use flash memory. I couldn't do anything with the /opt directory in flash memory due to "Read-only file system" error. So I did:
    makedir /usr/local/opt
    mount /usr/local/opt /opt
    While I could get ipkg update and installs to work, I eventually came close to running out of space and everytime I rebooted the mount would disappear even if I put it (I think) in post-boot.

    It seems this thread yields some results but only for wl700g users.

    Has anyone figured out how to do this on a wl500gp without an external drive? Can anyone suggest anything else to try? I'm not a linux user normally so I'm struggling with some of the concepts.

    Any suggestions would be very helpful. Thanks in advance.

  9. #9

    Is OpenVPN Possible without HDD?

    I'm going on 2 days with this issue, trying to get OpenVPN installed on Oleg's 1.9.2.7-7g firmware on my wl500gP. I don't have any USB device connected to and would like to know where I can install packages. I started with this Wiki (http://sprayfly.com/wiki/OpenVPN) and tried to modify the directions to only use flash memory. I couldn't do anything with the /opt directory in flash memory due to "Read-only file system" error. So I tried using a different path:
    Quote:
    makedir /usr/local/opt
    mount /usr/local/opt /opt
    I got ipkg update and installs to work, but I came close to maxing out memory and everytime I rebooted the mount would disappear even if I put it (I think) in post-boot.

    This thread (http://wl500g.info/showthread.php?t=...hlight=openvpn) has some answers but only for wl700g users.

    Has anyone figured out how to do this on a wl500gp without an external drive? Can anyone suggest anything else to try? I'm not a linux user normally so I'm struggling with some of the concepts.

    Any suggestions would be very helpful. Thanks in advance.

  10. #10
    Quote Originally Posted by jrosado View Post
    Hi:

    Is there anyway to create a vpn server on the asus wl-500gp?

    Besides openvpn, is there any other package?
    I've got openvpn working on my wl-500gp with an external drive.
    basically followed http://sprayfly.com/wiki/OpenVPN

  11. #11
    Join Date
    Nov 2004
    Location
    Sweden
    Posts
    259
    Quote Originally Posted by piezomotor View Post
    When I am trying to connect...
    Can you confirm the following:
    <<Open "network connections" and rename the connection recently created from "Local Area Connection x" to "tun0" (it should have "TAP-Win32 Adapter V8 (coLinux)" as NIC)>>

  12. #12
    made bridge-start.sh shown below

    PROBLEM - when I start it my router hangs...

    ./bridge-start.sh
    Thu Feb 7 15:54:58 2008 TUN/TAP device tap0 opened
    Thu Feb 7 15:54:58 2008 Persist state set to: ON...

    Any idea?

  13. #13
    Join Date
    Aug 2004
    Location
    Hamburg / Germany
    Posts
    24
    Sorry, can't help you since I'm not using the WL500g anymore

  14. #14
    Hi, i'm tryng to install openvpn on asus. I stopped when you say: Copy via FTP the file static.key from WinXP client folder C:\Program Files\OpenVPN\config to Asus wl500g directory /opt/etc/openvpn


    well, i enabled ftp server in oleg firmware but when i type ftp://192.168.1.1 i find only the folders of the transmission and torrent. I can't find /opt/etc/openvpn.. can you help me please.. thank you

  15. #15
    Join Date
    Nov 2004
    Location
    Sweden
    Posts
    259
    Quote Originally Posted by tex View Post
    Hi, i'm tryng to install openvpn on asus. I stopped when you say: Copy via FTP the file static.key from WinXP client folder C:\Program Files\OpenVPN\config to Asus wl500g directory /opt/etc/openvpn


    well, i enabled ftp server in oleg firmware but when i type ftp://192.168.1.1 i find only the folders of the transmission and torrent. I can't find /opt/etc/openvpn.. can you help me please.. thank you
    Copy the file to one of those folders you get when you ftp and then from the asus console move the file with command "mv" to the correct folder.

Page 1 of 3 123 LastLast

Similar Threads

  1. HOWTO install debian on 128 mb usb stick
    By iiivx in forum WL-500gP Tutorials
    Replies: 49
    Last Post: 11-09-2010, 08:26
  2. Howto openvpn
    By diablo in forum German Discussion - Deutsch (DE)
    Replies: 9
    Last Post: 14-02-2008, 13:47
  3. lighttp and php tutorial
    By theboy50 in forum WL-500g/WL-500gx Tutorials
    Replies: 29
    Last Post: 30-01-2008, 19:03
  4. FTP server op wl500g-dlx niet bereikbaar vanaf internet
    By Sawilla in forum Dutch Discussion - Nederlands
    Replies: 16
    Last Post: 19-12-2005, 10:37

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •