Hello Guys/Gals,
I have been trying to configure the WRT32X that I have to run my VPN full time. I have managed to configure the router to use my tethered phone as a connection, but the VPN doesn't seem to go through. I need the VPN full time because I will be using a WISP you shouldn't trust anyone
I have tried to follow the guide that VPN Unlimited has, but it is for an older version of OpenWrt (15.05.1) and from what I can tell there have been enough changes that this doesn't work. I am usually pretty good at following instructions, but this one is eluding me.
Any help would be greatly appreciated.
Thanks.
Contents of OpenVPN file provided by VPN Unlimited
client
dev tun
reneg-sec 0
persist-tun
persist-key
ping 5
ping-exit 30
nobind
comp-lzo no
remote-random
remote-cert-tls server
auth-nocache
route-metric 1
cipher AES-256-CBC
auth SHA512
<ca>
-----BEGIN CERTIFICATE-----
a key was here
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
a key was here
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
a key was here
-----END PRIVATE KEY-----
</key>
remote us-sf.vpnunlimitedapp.com
proto udp
Contents of /etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fda3:f0d7:b9e8::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
config interface 'wan'
option ifname 'eth1.2'
option proto 'dhcp'
option peerdns '0'
option dns '1.1.1.1 8.8.8.8 8.8.4.4'
config interface 'wan6'
option ifname 'eth1.2'
option proto 'dhcpv6'
option reqaddress 'try'
option reqprefix 'auto'
option peerdns '0'
option dns '2606:4700:4700::1111'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0 1 2 3 5t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '4 6t'
config interface 'Tether'
option proto 'dhcp'
option ifname 'usb0'
config interface 'VPN'
option proto 'none'
option ifname 'tun0'
option auto '1'
option delegate '0'
Contents of /etc/config/firewall
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option network 'lan'
option forward 'ACCEPT'
config zone
option name 'wan'
option output 'ACCEPT'
option forward 'REJECT'
option network 'wan wan6 Tether'
option device 'tun0'
option input 'REJECT'
option masq '1'
option mtu_fix '1'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config zone
option name 'VPN'
option forward 'REJECT'
option output 'ACCEPT'
option network 'VPN'
option input 'REJECT'
option masq '1'
option mtu_fix '1'
config forwarding
option dest 'VPN'
option src 'lan'
config forwarding
option dest 'wan'
option src 'lan'
Contents of /etc/config/openvpn
config openvpn 'VPN_Unlimited'
option nobind '1'
option port '1194'
option dev_type 'tun'
option keepalive '5 30'
option persist_tun '1'
option persist_key '1'
option client '1'
list remote 'us-sf.vpnunlimitedapp.com'
option proto 'udp'
option ca '/etc/luci-uploads/cbid.openvpn.VPN_Unlimited.ca'
option cert '/etc/luci-uploads/cbid.openvpn.VPN_Unlimited.cert'
option key '/etc/luci-uploads/cbid.openvpn.VPN_Unlimited.key'
option auth 'SHA512'
option cipher 'AES-256-CBC'
option verb '9'
option enabled '1'
option remote_cert_tls 'server'
option tls_cipher 'TLS-RSA-WITH-AES-256-CBC-SHA'
option dev 'tun'
Contents of syslog
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: OpenVPN 2.4.5 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: library versions: OpenSSL 1.0.2r 26 Feb 2019, LZO 2.10
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 100 bytes
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: calc_options_string_link_mtu: link-mtu 1621 -> 1601
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 100 bytes
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: calc_options_string_link_mtu: link-mtu 1621 -> 1601
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA512,keysize 256,key-method 2,tls-client'
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA512,keysize 256,key-method 2,tls-server'
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: TCP/UDP: Preserving recently used remote address: [AF_INET]209.58.135.120:1194
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: Socket Buffers: R=[163840->163840] S=[163840->163840]
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: UDP link local: (not bound)
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: UDP link remote: [AF_INET]209.58.135.120:1194
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: event_wait returned 1
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: UDP WRITE [14] to [AF_INET]209.58.135.120:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=b984d486 b9e07629 [ ] pid=0 DATA
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: UDP write returned 14
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: event_wait returned 1
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: UDP read returned 26
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: UDP READ [26] from [AF_INET]209.58.135.120:1194: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=9a93a2f6 b4e65fcf [ 0 sid=b984d486 b9e07629 ] pid=0 DATA
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: TLS: Initial packet from [AF_INET]209.58.135.120:1194, sid=9a93a2f6 b4e65fcf
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: event_wait returned 1
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: UDP WRITE [22] to [AF_INET]209.58.135.120:1194: P_ACK_V1 kid=0 sid=b984d486 b9e07629 [ 0 sid=9a93a2f6 b4e65fcf ]
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: UDP write returned 22
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: event_wait returned 1
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: UDP WRITE [104] to [AF_INET]209.58.135.120:1194: P_CONTROL_V1 kid=0 sid=b984d486 b9e07629 [ ] pid=1 DATA 16030100 55010000 5103034c 62dc1259 bbcf274d 04e4ace9 0dc5ad8a 77c95b8[more...]
Mon May 13 07:29:20 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: UDP write returned 104
Mon May 13 07:29:22 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: event_wait returned 0
Mon May 13 07:29:22 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: event_wait returned 1
Mon May 13 07:29:22 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: UDP WRITE [104] to [AF_INET]209.58.135.120:1194: P_CONTROL_V1 kid=0 sid=b984d486 b9e07629 [ ] pid=1 DATA 16030100 55010000 5103034c 62dc1259 bbcf274d 04e4ace9 0dc5ad8a 77c95b8[more...]
Mon May 13 07:29:22 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: UDP write returned 104
Mon May 13 07:29:23 2019 daemon.notice openvpn(VPN_Unlimited)[21222]: event_wait returned 0