I've come from DDWRT and have now been running OpenWRT for several months without issues. I believe I was on 18.02 when I first setup my R7800 but this week I decided to try and add VPN functionality. So I thought I'd update to the firmware and start fresh. I followed the links from the specific R7800 supported device page and am now running this;
Hardware: Netgear Nighthawk X4S R7800
Firmware Version: OpenWrt 19.07.1 r10911-c155900f66 / LuCI openwrt-19.07 branch git-20.029.45734-adbbd5c
Kernel Version: 4.14.167
Other than adblock/luci-adblock it is completely vanilla.
I then followed this guide; https://openwrt.org/docs/guide-user/services/vpn/openvpn/client-luci
I got my .opvn file from my provider (tested it manually on my PC so I know it works) and uploaded it using the luci interface as per the guide. I added my credentials too and I can see the contents of the files in /etc/openvpn (.ovpn and .auth) and all looks ok. I added tun0 in the firewall as per the guide and if I run it manually from cli using;
openvpn --config /etc/openvpn/myvpn.ovpn --auth-user-pass it prompts me to type in the credentials and then it connects/works and I can confirm via an attached client that the VPN is up as my external IP changes etc. When I hangup the manual connect, my IP reverts back to my normal ISP.
If I restart the router, the VPN doesn't come up automatically (enabled is ticked in luci)
If I click start in luci OpenVPN page, nothing happens
Checking logread I see this:
daemon.notice openvpn(myvpn): OpenVPN 2.4.7 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
daemon.notice openvpn(myvpn): library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
daemon.err openvpn(myvpn): neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Auth Username:'. If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.
daemon.notice openvpn(myvpn): Exiting due to fatal error
So I understand the issue is relating to it being started by daemon and therefore no user input can be received i.e. the credentials, so I expected it to read the .auth file and proceed, but clearly it isn't. I tried adding the askpass token in to the config but got the same result.
Please could someone help with this? Sorry I just don't know what to do or where to start. Any advice greatly appreciated.
(first post here, hopefully I wasn't too noob).