OpenVPN no ip on tun0 device

Hi,
I'm trying to setup a openvn server on my D-Link DIR-878 A1, OpenWrt 21.02.2.

I was able to build my keys, and got to the point where VPN is running and I can connect to it from a remote windows machine. But, tun0 doesn't get any ip from VPN, so it's useless.

image957×97 8.98 KB

Here is my vpn config file:

config openvpn 'OpenVPN'
        option port '1194'
        option proto 'udp'
        option dev 'tun'
        option topology 'subnet'
        option ca '/etc/easy-rsa/pki/ca.crt'
        option cert '/etc/easy-rsa/pki/issued/server.crt'
        option key '/etc/easy-rsa/pki/private/server.key'
        option dh '/etc/easy-rsa/pki/dh.pem'
        option server '192.168.8.0 255.255.255.0'
        option ifconfig_pool_persist '/tmp/ipp.txt'
        option client_config_dir '/etc/openvpn/clients'
        option keepalive '10 120'
        option persist_key '1'
        option persist_tun '1'
        option user 'nobody'
        option status '/tmp/openvpn-status.log'
        option verb '3'
        option enabled '1'

my network file:

config interface 'vpn'
        option device 'tun0'
        option proto 'none'

Can anybody help me pls?

Thanks!

fwiw, my 19.07 openvpn server only shows LAN and WAN interfaces in Network > Interfaces menu. There is no tun0 interface.

I recall all I did was just copy and paste all the commands from this wiki page to create the server.
https://openwrt.org/docs/guide-user/services/vpn/openvpn/server

Looking around LuCI, only clue there is any openvpn server is in Firewall zone for 'LAN'. There is a 'tun+' listed under 'Covered Networks'.

Are you perhaps getting confused with setting up an openvpn client on same router, hence presence of 'tun0' in Network > Interfaces menu ?

Hi,

thanks for the reply.

On my last router: v 15.05.1, there was a vpn interface. I tried to set this up manually, like I did the last time, using my scripts from my previous router (openvpn, network, firewall).

As it is now, I'm able to connect to my VPN from outside, I get the correct IP, but I can't ping anything, not even the router itself.

Before, the router's VPN ip was 192.168.8.1. Is it not like that anymore with the newer openWRT version?

Thanks!

when I'm connected to my vpn server, I can ping the 192.168.8.1 created by the openvpn server setup scripts from the link to the wiki page I provided earlier. The router's real LAN IP is 192.168.1.1.

I can ping and bring up LuCI using either LAN IP address.

Sorry, I can't comment on your scripts you created for such an old version of OpenWrt.

The wiki pages for setting up openvpn client and server have evolved over the last few years. Your issue is probably firewall related imho.

All I can suggest is you back up your current settings if you wish to return to try and use them later.

Clear all openwrt settings and set up openvpn server from scratch using the instructions from the wiki page. No reason why you can't use keys you have already generated.

It should work, check log of OpenVPN-client.

tun0 device shows on 'ifconfig'.

The problem is some place else, I just can't figure it out.
I can't ping in any direction. Either from the router to the connected windows client, or vice versa.

Windows machine on 'ipconfig' shows it got the vpn ip and subnetmask (255.255.255.0), from /etc/openvpn/clients.

option comp_lzo 'no'

it was set to 'no' explicitly on client side and just commented out on server.

Putting this to 'no' on both sides, solved part of the problem.

No I can ping the server from VPN side.

Need to now figure out how to make the rest of the LAN accessible.

Thanks!

Everything works now. Thanks!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.