[Solved] Openwrt 18.06 - OpenVPN error

Having problem with OpenVPN on Openwrt 18.06.

This error has only appeared since upgrading to 18.06.

Getting "Write to TUN/TAP : Invalid argument (code=22)

Here is my current openvpn setup.

config openvpn 'protonvpn'
	option client '1'
	option dev 'tun'
	option proto 'udp'
	option auth_user_pass '/etc/openvpn/protonvpn/auth'
	option resolv_retry 'infinite'
	option nobind '1'
	option persist_key '1'
	option persist_tun '1'
	option remote_cert_tls 'server'
	option ca '/etc/openvpn/protonvpn/ca.crt'
	option cipher 'AES-256-CBC'
	option comp_lzo 'adaptive'
	option ifconfig_nowarn '1'
	option port '1194'
	option log '/tmp/openvpn.log'
	option status '/tmp/openvpn-status.log'
	option verb '3'
	option tls_auth '/etc/openvpn/protonvpn/wdc.key 1'
	option auth 'SHA512'
	option fast_io '1'
	option keepalive '10 120'
	option redirect_gateway 'def1'
	list remote 'us-free-01.protonvpn.com'

Any help greatly appreciated.

What do the openvpn entries in the system log say? (Status > System Log)

Hi the entries are:

Thu Aug  2 17:10:51 2018 kern.info kernel: [  262.112362] tun: Universal TUN/TAP device driver, 1.6
Thu Aug  2 17:10:51 2018 user.info kernel: [  262.126407] kmodloader: done loading kernel modules from /etc/modules.d/*
Thu Aug  2 17:10:55 2018 daemon.notice netifd: Interface 'openvpn' is enabled
Thu Aug  2 17:10:55 2018 daemon.notice netifd: Network device 'tun0' link is up
Thu Aug  2 17:10:55 2018 daemon.notice netifd: Interface 'openvpn' has link connectivity
Thu Aug  2 17:10:55 2018 daemon.notice netifd: Interface 'openvpn' is setting up now
Thu Aug  2 17:10:55 2018 daemon.notice netifd: Interface 'openvpn' is now up
Thu Aug  2 17:10:56 2018 user.notice firewall: Reloading firewall due to ifup of openvpn (tun0)

Thu Aug  2 17:11:22 2018 daemon.notice netifd: Network device 'tun0' link is down
Thu Aug  2 17:11:22 2018 daemon.notice netifd: Interface 'openvpn' has link connectivity loss
Thu Aug  2 17:11:22 2018 daemon.notice netifd: Interface 'openvpn' is now down
Thu Aug  2 17:11:22 2018 daemon.notice netifd: Interface 'openvpn' is disabled

Thu Aug  2 17:11:25 2018 daemon.notice netifd: Interface 'openvpn' is enabled
Thu Aug  2 17:11:25 2018 daemon.notice netifd: Network device 'tun0' link is up
Thu Aug  2 17:11:25 2018 daemon.notice netifd: Interface 'openvpn' has link connectivity
Thu Aug  2 17:11:25 2018 daemon.notice netifd: Interface 'openvpn' is setting up now
Thu Aug  2 17:11:25 2018 daemon.notice netifd: Interface 'openvpn' is now up
Thu Aug  2 17:11:25 2018 user.notice firewall: Reloading firewall due to ifup of openvpn (tun0)

The configuration worked fine under Lede branch 17.

Found a way to get protonvpn working on openwrt18.06.

I believe there is a bug in the firmware. It involves option "comp_lzo".
I get this error in my log - WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'.

Under /tmp/etc/openvpn-protonvpn.conf the option "comp-lzo" is missing thus the bug.

I got around the error by creating a protonvpn.ovpn file.

Create protonvpn.ovpn and put it in /etc/openvpn/

client
fast-io
ifconfig-nowarn
nobind
persist-key
persist-tun
auth SHA512
auth-user-pass /etc/openvpn/protonvpn/auth
ca /etc/openvpn/protonvpn/ca.crt
cipher AES-256-CBC
comp-lzo adaptive
dev tun
keepalive 10 120
log /tmp/openvpn.log
port 1194
proto udp
redirect-gateway def1
remote us-free-01.protonvpn.com
remote-cert-tls server
resolv-retry infinite
status /tmp/openvpn-status.log
tls-auth /etc/openvpn/protonvpn/wdc.key 1
verb 3

Add this to /etc/config/openvpn

config openvpn 'protonvpn_ovpn'
	option config '/etc/openvpn/protonvpn.ovpn'
	option enabled '1'

In LuCI goto "Services ->Openvpn and enable protonvpn_ovpn.

You now have protonvpn working on 18.06.

Replacing option comp-lzo 'adaptive' with option compress 'lzo' has solved the problem.

Thankyou.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.