OpenVPN / PureVPN

Remove the config interface pure_vpn section from /etc/config/network. In the zone vpn_zone section of /etc/config/firewall, use list device tun0 instead of any option network.

Edit: This looks like the tls_key is missing or incorrect.

Though do make sure that (from the router CLI) you can ping general places on the Internet like google.com.

Also ping 5.254.77.10 works for me, though not all VPN servers may answer pings.

Doesn't Mike's guide say to create the vpn interface though:

2.2 Configuring the OpenVPN Client for OpenWrt 19
Creating tun0 interface

In the guide it is named as VPNtun0, which I named as pure_vpn

At this point anything related to the tunnel network or firewall is overshadowed by the problem that OpenVPN is not linking up with the server at all.

Can you ping the server IP from OpenWrt CLI?

Does this service use a tls_key, and if so have you downloaded and installed it properly?

1 Like

Who is your ISP, and what is your main router?

Perhaps if I PM you a download link for the backup of my spare HH5a using VPNbook, perhaps you can restore it to your HH5a to test ?

Update: I just switched on test HH5A and previous openvpn setup with VPNbook US1 server moments ago and server appears to be non-functioning. Switch to VPNbook DE4 server to get working VPN connection. US2 server is working when tested.

@spacebiscuit Check your PM

Just to update - I found the reason why I was unable to connect.

My WAN router is a stock my ISP's stock Plusnet Home Hub. I had to add the OpenWrt router to the DMZ. Further, in order to do this I had to configure the WAN as a DHCP client rather than a static IP config since the name field which is enabled when DHCP is selected is required when adding the device to the DMZ.

Hopefully this might help other who are using stock Plusnet routers on the WAN side. Also I couldn't get reliable connection when using the ovpn files provided by PureVPN. For me the best results were to configure manually using the point-to-point template (per the purevpn setup guide).

Thanks for the help and pointers - we got there eventually!

Running a VPN client would not require placing the router in a DMZ, since it makes an ordinary outgoing connection to the VPN server. A DMZ configuration is so your router can receive incoming connections, for example if you were running a VPN server at home.

2 Likes

DMZ enabled - VPN works
DMZ disable - VPN does not work

In both scenarios the config on the OpenWRT remained the same, this has been tested with 3 different VPN's and on backup provided by bill888.

Just saying.

fwiw, you've may have uncovered a bug with the stock firmware for the Hub One.

At end of the day, BT retired the HH5a almost 5 years ago! It's only the long suffering Plusnet fibre customers who still have to put up with the rebadged HH5a. Customers with hub problems usually end up replacing the HH5a with a BT smart hub 1 or third party modem-router.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.