Help solving network configuration issues

A couple of months ago I set up a router as a wireless AP that's routed through NordVPN (TP-Link TL-WA901ND v5). I managed to build an OpenWRT custom image to squeeze in 4MB flash with openvpn-openssl and ip-full but excluding ppp, IPv6 and LuCi. I got help from the community to get everything to work fine (you can see this topic for reference).

The idea is that any client device connected to the OpenWRT wireless radio have its internet traffic routed through the VPN. The setup worked flawlessly for a couple of months, howerver about a month ago it just stopped working (with no change to the router config at all). Now if I connect to the WiFi with a client device I don't have Internet access at all. Checking the router configuration I see a mismatch when running ifconfig and uci export, which I suspect is the reason behind the client connectivity issues.

From my understanding, the router should honor the configuration provided via uci command, but it seems like for some reason it is not honoring it but instead getting another configuration from somewhere else. Could anyone point me in the right direction as to where/how to look into solving this issue?

Here is the output from the relevant commands.

uci export network

package network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config interface 'lan'
        option ifname 'eth0'
        option proto 'dhcp'
        option peerdns '0'
        list dns '103.86.96.100'
        list dns '103.86.99.100'

config interface 'nordvpntun'
        option proto 'none'
        option ifname 'tun0'

config interface 'guest'
        option type 'bridge'
        option proto 'static'
        option ipaddr '192.168.17.1'
        option netmask '255.255.255.0'

uci export wireless

package wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option channel '11'
        option hwmode '11g'
        option path 'platform/qca956x_wmac'
        option htmode 'HT20'
        option country 'US'
        option legacy_rates '1'

config wifi-iface 'guest'
        option device 'radio0'
        option mode 'ap'
        option network 'guest'
        option ssid 'VT-VPN'
        option encryption 'psk2'
        option key 'password'

ifconfig

br-guest  Link encap:Ethernet  HWaddr 0C:80:63:EB:7D:A0  
          inet addr:192.168.17.1  Bcast:192.168.17.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:9556889 errors:0 dropped:68 overruns:0 frame:0
          TX packets:9130462 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:588909207 (561.6 MiB)  TX bytes:569192569 (542.8 MiB)

eth0      Link encap:Ethernet  HWaddr 0C:80:63:EB:7D:A1  
          inet addr:192.168.0.5  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:425691 errors:0 dropped:261360 overruns:0 frame:0
          TX packets:152017 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:52121290 (49.7 MiB)  TX bytes:15708290 (14.9 MiB)
          Interrupt:4 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:115 errors:0 dropped:0 overruns:0 frame:0
          TX packets:115 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1 
          RX bytes:10051 (9.8 KiB)  TX bytes:10051 (9.8 KiB)

wlan0     Link encap:Ethernet  HWaddr 0C:80:63:EB:7D:A0  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:9556988 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9282785 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:722718688 (689.2 MiB)  TX bytes:849025951 (809.6 MiB)

Instead of this configuration, when running ifconfig I would have expepcted to see 4 interfaces: eth0, guest, lo, and tun0. I don't know why it is showing completely different interfaces instead.

Looks like the VPN is down, check syslog for details.

3 Likes

tun0 is created by the VPN client, but only after successful connection to the VPN server.

So yes what @vgaetera said, there is almost certainly a problem connecting to the VPN server. First check that the router (OpenWrt CLI) has overall Internet access and can ping places by name, considering that you are using a custom DNS.

2 Likes

Thanks to both @vgaetera and @mk24
I just downloaded and configured a new config file from NordVPN and the issue was resolved.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.