I've successfully installed OpenWRT server onto both HH5a and EA6350v3 both running 21.02.1, using the wiki page which I believe was created and is maintained by @vgaetera
However, I've attempted using the same instructions on HH5a running 19.07.7, and I've encountered the same error in both cases.
This may not be related to the issue, but I also observed the DH took 55 minutes to create on HH5a running 21.02.1 (15 mins on EA6350v3), and only 20 minutes on HH5a on 19.07.7....?
root@openwrt:/etc/config# # Generate DH parameters
root@openwrt:/etc/config# easyrsa gen-dh
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
....................
...............++*++*++*++*
root@openwrt:/etc/config#
I'm no expert but I think the process begins to fail starting with this command?
root@openwrt:/etc/config# openvpn --genkey tls-crypt-v2-server ${EASYRSA
_PKI}/private/server.pem
Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: genkey (2.4.11)
Use --help for more information.
root@openwrt:/etc/config#
An error here
root@openwrt:/etc/config# openvpn --tls-crypt-v2 ${EASYRSA_PKI}/private/
server.pem \
> --genkey tls-crypt-v2-client ${EASYRSA_PKI}/private/client.pem
Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: tls-crypt-v2 (2.4.11)
Use --help for more information.
root@openwrt:/etc/config#
The contents of the client.ovpn file retrieved from the HH5a appears to be missing tls-crypt-v2 section.
user nobody
group nogroup
dev tun
nobind
client
remote bxl2.duckdns.org 1194 udp
auth-nocache
remote-cert-tls server
<tls-crypt-v2>
</tls-crypt-v2>
<key>
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFA
The /etc/openvpn/server.conf is also missing the tls-crypt-v2 section.
I'm just seeking clarification whether the OpenVPN server wiki page applies to older 19.07 release, or is only for current 21.01 release?
(I'm not able to message @vgaetera via the forum messaging system, hence posting here)