HI all. Help plz
What i need :
Configure OpenVPN client on OpenWRT mips architecture openwrt-mr-mips-rootfs-31206.tar.gz
comment : Openwrt installed on metarouter(Mikrotik RouterOS virtualisation platform) on board RB953GS-5HnT (128mb RAM/RAM)
What i do :
opkg list-installed
Summary
root@OpenWrt:/etc/openvpn# opkg list-installed
base-files - 104-r31206
base-files-network - 4
bash - 4.2-2
blkid - 1.42-1
bridge - 1.5-1
busybox - 1.19.4-1
cfdisk - 2.13.0.1-4
crda - 1.1.2-1
firewall - 2-49
glib2 - 2.26.1-2
haserl - 0.9.27-1
hotplug2 - 1.0-beta-4
htop - 1.0-2
iptables - 1.4.10-4
iputils-ping - 20101006-1
iputils-ping6 - 20101006-1
iw - 3.3-1
kernel - 2.6.31.10-1-9c7dce98a4cc2a9c378e7361533903f9
kmod-ipt-conntrack - 2.6.31.10-1
kmod-ipt-core - 2.6.31.10-1
kmod-ipt-nat - 2.6.31.10-1
kmod-lib-crc-ccitt - 2.6.31.10-1
kmod-ppp - 2.6.31.10-1
kmod-pppoe - 2.6.31.10-1
kmod-tun - 2.6.31.10-1
libblkid - 1.42-1
libc - 0.9.33-104
libcap - 2.22-1
libcom_err - 1.42-1
libext2fs - 1.42-1
libgcc - 4.6-linaro-104
libiconv - 7
libip4tc - 1.4.10-4
liblzo - 2.05-1
libncurses - 5.7-5
libnl-tiny - 0.1-3
libopenssl - 1.0.1-1
libpthread - 0.9.33-104
librpc - 0.9.32-rc2-0a2179bbc0844928f2a0ec01dba93d9b5d6d41a7
librt - 0.9.33-104
libuci - 2012-03-28.1-1
libuuid - 1.42-1
libxtables - 1.4.10-4
mc - 4.7.5.3-2
nano - 2.2.6-1
ntpclient - 2007_365-4
openssh-client - 5.9p1-4
openssh-keygen - 5.9p1-4
openssh-server - 5.9p1-4
openssl-util - 1.0.1-1
openvpn - 2.2.1-5
openvpn-easy-rsa - 2.2.1-5
opkg - 618-2
ppp - 2.4.5-4
ppp-mod-pppoe - 2.4.5-4
swap-utils - 2.13.0.1-4
terminfo - 5.7-5
uci - 2012-03-28.1-1
udev - 173-1
uhttpd - 31
webif - 0.3-4986
zlib - 1.2.5-1
cat /etc/config/network
Summary
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config interface 'lan'
option ifname 'eth0'
option proto 'dhcp'
config interface 'vpn0'
option ifname 'tun0'
option proto 'none'
option auto '1'
cat /etc/config/firewall
Summary
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'wan'
option network 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config zone 'vpn'
option name 'vpn'
option network 'vpn0'
option input 'ACCEPT'
option forward 'REJECT'
option output 'ACCEPT'
option masq '1'
config forwarding 'vpn_forwarding_lan_in'
option src 'vpn'
option dest 'lan'
config forwarding 'vpn_forwarding_lan_out'
option src 'lan'
option dest 'vpn'
root@OpenWrt:/etc/openvpn# cat /etc/config/openvpn
root@OpenWrt:/etc/openvpn#
cat /etc/openvpn/vpnclient.ovpn (expect ip)
Summary
client
dev tap
Windows needs the TAP-Win32 adapter name
from the Network Connections panel
if you have more than one. On XP SP2,
you may need to disable the firewall
for the TAP adapter.
;dev-node MyTap
proto tcp-client
remote "x.x.x.x port"
float
mssfix 0
block-outside-dns
cipher AES-128-CBC
comp-lzo adaptive
keepalive 15 60
auth-user-pass
ns-cert-type server
-----BEGIN CERTIFICATE-----
MIIDNDCCAp2gAwIBAgIJALMaw67YqWgKMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
BAYTAlRXMQswCQYDVQQIEwJUVzEPMA0GA1UEBxMGVGFpcGVpMQ0wCwYDVQQKEwRB
U1VTMREwDwYDVQQDEwhSVC1BQzY4VTEhMB8GCSqGSIb3DQEJARYSbWVAbXlob3N0
Lm15ZG9tYWluMB4XDTE4MTAxMzIzNDc0NVoXDTI4MTAxMDIzNDc0NVowcDELMAkG
A1UEBhMCVFcxCzAJBgNVBAgTAlRXMQ8wDQYDVQQHEwZUYWlwZWkxDTALBgNVBAoT
BEFTVVMxETAPBgNVBAMTCFJULUFDNjhVMSEwHwYJKoZIhvcNAQkBFhJtZUBteWhv
c3QubXlkb21haW4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKokbThwiGsa
x61kMHkWxTSg9s9CMOSHsqNyeexLGOV2/ekwGxM9AIQ8kL4Zriy8rzNDcOFC9GrU
DbwkaMyoAOtnFTsia+YD+4WvcmxkR03ofKNXTZFcG3maWLtRGVu1Q9DyDDQAviYt
MeR15y3VwwhutPkEmo0vo9ALBF4SkgF9AgMBAAGjgdUwgdIwHQYDVR0OBBYEFAvR
YLtOkfrZvj/Iw/VfPoH6wJ1JMIGiBgNVHSMEgZowgZeAFAvRYLtOkfrZvj/Iw/Vf
PoH6wJ1JoXSkcjBwMQswCQYDVQQGEwJUVzELMAkGA1UECBMCVFcxDzANBgNVBAcT
BlRhaXBlaTENMAsGA1UEChMEQVNVUzERMA8GA1UEAxMIUlQtQUM2OFUxITAfBgkq
hkiG9w0BCQEWEm1lQG15aG9zdC5teWRvbWFpboIJALMaw67YqWgKMAwGA1UdEwQF
MAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAQysx1eGgRYCxASK4ORStXzaJcInYDm8E
u5U5CtYThEhG49IZYiLjmzUNIIjjzgmSBzUCtet42kLcEdt3DfmGPtR1DM6yU4BP
CyXT6psSrLECMVrzbDk/qmrn0XQHcP4LfDDvhRdqPKHxmptLagwjwv52ZYMGBVjp
BUipo7FXvfE=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDejCCAuOgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBwMQswCQYDVQQGEwJUVzEL
MAkGA1UECBMCVFcxDzANBgNVBAcTBlRhaXBlaTENMAsGA1UEChMEQVNVUzERMA8G
A1UEAxMIUlQtQUM2OFUxITAfBgkqhkiG9w0BCQEWEm1lQG15aG9zdC5teWRvbWFp
bjAeFw0xODEwMTMyMzQ3NDdaFw0yODEwMTAyMzQ3NDdaMG4xCzAJBgNVBAYTAlRX
MQswCQYDVQQIEwJUVzEPMA0GA1UEBxMGVGFpcGVpMQ0wCwYDVQQKEwRBU1VTMQ8w
DQYDVQQDEwZjbGllbnQxITAfBgkqhkiG9w0BCQEWEm1lQG15aG9zdC5teWRvbWFp
bjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAruU8b4S+Q8V6hM573EjuuwRM
31R4tIraHLX2OwIl18zzElINDmDxlCnQ5mYwlQk25kxgt8Fuoq6ofl+OZN6kXxnQ
q8wN1bDkD8dvTfCzEG+t3Sxsxa0JMI1SG1dO86vRRFVCoF1e0rc0x6EVtafkYz22
jyWtrHXtmuOEAJxbV08CAwEAAaOCASQwggEgMAkGA1UdEwQCMAAwLQYJYIZIAYb4
QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU
lmum+P1eqCPb9JyiiRI3kL8SBZwwgaIGA1UdIwSBmjCBl4AUC9Fgu06R+tm+P8jD
9V8+gfrAnUmhdKRyMHAxCzAJBgNVBAYTAlRXMQswCQYDVQQIEwJUVzEPMA0GA1UE
BxMGVGFpcGVpMQ0wCwYDVQQKEwRBU1VTMREwDwYDVQQDEwhSVC1BQzY4VTEhMB8G
CSqGSIb3DQEJARYSbWVAbXlob3N0Lm15ZG9tYWluggkAsxrDrtipaAowEwYDVR0l
BAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMA0GCSqGSIb3DQEBBQUAA4GBAEca
iUQMOuvS4ROGnoT4zw3j7SFPrch57AuagKHXUPme2BDix86ZZxtq+5JoOQnO5t/j
eEBJzjI9pa1v9qAJl+46m2nj+iJKy8u2i6Qr3WoqP+2fZBix1H7xHtigKz/yqIcs
isDUPa7r08SHGN4NYALcz5FtlI3dCcsudMCwPnjK
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAK7lPG+EvkPFeoTO
e9xI7rsETN9UeLSK2hy19jsCJdfM8xJSDQ5g8ZQp0OZmMJUJNuZMYLfBbqKuqH5f
jmTepF8Z0KvMDdWw5A/Hb03wsxBvrd0sbMWtCTCNUhtXTvOr0URVQqBdXtK3NMeh
FbWn5GM9to8lrax17ZrjhACcW1dPAgMBAAECgYATMLYD6oXR+94oqltu3VXMkXk5
3BPug3nRQqoE6YRrfGKDdRtXo41+W2Q/k6DrCXrLpD/Mid3w3cdBLoz6Rm+0jTac
VnX41VvxktMYIEKc5QQ7RHQ82I+rPgaInWdip4eem25qdOccYHtOOl5QoWJhhSFJ
l+KyJ7AisDiTKnYKYQJBANjR6BaoD+cd1pQqNfQH4NxPx6VFMsXcogSdFVeTEJxb
IRgwoeOlQd7D2lPnvf1+xmJjyF4BCub36OPLwFZaBbECQQDOf+bg/yCOePlFVLlQ
Vo8aknERH1bskSJI/bIpvfMeeZYC5iOGF+589dURx4KxzSQeZpR4j4tdrc4udAcQ
GWz/AkEAtZsTx65bK50tdwroCA91Q3M7aO3N+ja0KiMcli6jUiNuU+GgJ5nq01i+
jVrlIufF6PFlCX/cDtuFYQ/veSSL8QJALVdcJI8gYOgjI5wEzKUU6uq4tN/CwFLl
yk0aL5wro8diruRFbI4YqYt461x5T/0RLzOq6gXqvfkJyp1jZ5+NlQJAYC1mgeyD
4t+WM2uN9g0NYUjzg1dG/e+BtFVbUM6OkwGOBtoSNtnx7rqY7IjGIcjCu2UXqx/N
J23KWG+iOvrvvg==
-----END PRIVATE KEY-----
resolv-retry infinite
nobind
When i do: openvpn --config /etc/openvpn/vpnclient.ovpn
i have exit :
Summary
Sat Jan 5 16:51:23 2019 OpenVPN 2.2.1 mips-openwrt-linux [SSL] [LZO2] [EPOLL] built on Apr 6 2012
Enter Auth Username:"username"
Enter Auth Password:"password"
Sat Jan 5 16:51:29 2019 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Jan 5 16:51:29 2019 LZO compression initialized
Sat Jan 5 16:51:29 2019 Attempting to establish TCP connection with x.x.x.x:port [nonblock]
Sat Jan 5 16:51:30 2019 TCP connection established with x.x.x.x:port
Sat Jan 5 16:51:30 2019 TCPv4_CLIENT link local: [undef]
Sat Jan 5 16:51:30 2019 TCPv4_CLIENT link remote: x.x.x.x:port
Sat Jan 5 16:51:33 2019 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Jan 5 16:51:38 2019 [RT-AC68U] Peer Connection Initiated with x.x.x.x:port
Sat Jan 5 16:51:40 2019 TUN/TAP device tap0 opened
route: SIOCADDRT: No such process
Sat Jan 5 16:51:41 2019 ERROR: Linux route add command failed: external program exited with error status: 1
route: SIOCADDRT: No such process
Sat Jan 5 16:51:41 2019 ERROR: Linux route add command failed: external program exited with error status: 1
Sat Jan 5 16:51:41 2019 Initialization Sequence Completed
^C
Sat Jan 5 16:52:16 2019 event_wait : Interrupted system call (code=4)
route: SIOCDELRT: No such process
Sat Jan 5 16:52:16 2019 ERROR: Linux route delete command failed: external program exited with error status: 1
route: SIOCDELRT: No such process
Sat Jan 5 16:52:16 2019 ERROR: Linux route delete command failed: external program exited with error status: 1
Sat Jan 5 16:52:17 2019 SIGINT[hard,] received, process exiting
where is my wrong????
Sorry for the low level of my english