I've tried to add:
push " route 192.168.1.0 255.255.255.0"
But I've done, and I won't try it anymore, and find some other way.
Now the problem is connecting from wan.
/etc/config/network:
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd13:6b9e:1f3f::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option ip6assign '60'
list ipaddr '192.168.1.1/24'
config interface 'wan'
option ifname 'eth0.2'
option proto 'dhcp'
config device 'wan_eth0_2_dev'
option name 'eth0.2'
option macaddr 'c0:4a:00:34:2c:0d'
config interface 'wan6'
option ifname 'eth0.2'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '2 3 4 5 0t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '1 0t'
config interface 'vpn0'
option proto 'none'
option ifname 'tun0'
vpn0 is the interface I've added for server.
Log of OpenVPN launch:
Thu Jul 2 09:30:34 2020 daemon.notice openvpn(Server)[6896]: OpenVPN 2.4.7 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Thu Jul 2 09:30:34 2020 daemon.notice openvpn(Server)[6896]: library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10
Thu Jul 2 09:30:34 2020 daemon.warn openvpn(Server)[6896]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Jul 2 09:30:34 2020 daemon.notice openvpn(Server)[6896]: Diffie-Hellman initialized with 2048 bit key
Thu Jul 2 09:30:35 2020 daemon.notice openvpn(Server)[6896]: Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Thu Jul 2 09:30:35 2020 daemon.notice openvpn(Server)[6896]: Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Jul 2 09:30:35 2020 daemon.notice openvpn(Server)[6896]: Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Thu Jul 2 09:30:35 2020 daemon.notice openvpn(Server)[6896]: Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Jul 2 09:30:35 2020 daemon.notice openvpn(Server)[6896]: TUN/TAP device tun0 opened
Thu Jul 2 09:30:35 2020 daemon.notice openvpn(Server)[6896]: TUN/TAP TX queue length set to 100
Thu Jul 2 09:30:35 2020 daemon.notice openvpn(Server)[6896]: /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Thu Jul 2 09:30:35 2020 daemon.notice netifd: Network device 'tun0' link is up
Thu Jul 2 09:30:35 2020 daemon.notice netifd: Interface 'vpn0' has link connectivity
Thu Jul 2 09:30:35 2020 daemon.notice openvpn(Server)[6896]: /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Thu Jul 2 09:30:35 2020 daemon.warn openvpn(Server)[6896]: Could not determine IPv4/IPv6 protocol. Using AF_INET
Thu Jul 2 09:30:35 2020 daemon.notice openvpn(Server)[6896]: Socket Buffers: R=[163840->163840] S=[163840->163840]
Thu Jul 2 09:30:35 2020 daemon.notice openvpn(Server)[6896]: UDPv4 link local (bound): [AF_INET][undef]:1194
Thu Jul 2 09:30:35 2020 daemon.notice openvpn(Server)[6896]: UDPv4 link remote: [AF_UNSPEC]
Thu Jul 2 09:30:35 2020 daemon.notice openvpn(Server)[6896]: MULTI: multi_init called, r=256 v=256
Thu Jul 2 09:30:35 2020 daemon.notice openvpn(Server)[6896]: IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Thu Jul 2 09:30:35 2020 daemon.notice openvpn(Server)[6896]: Initialization Sequence Completed
And log of connecting from lan to OpenVPN:
Thu Jul 2 09:31:45 2020 daemon.info dnsmasq-dhcp[1829]: DHCPREQUEST(br-lan) 192.168.1.54 f8:4e:73:24:29:23
Thu Jul 2 09:31:45 2020 daemon.info dnsmasq-dhcp[1829]: DHCPACK(br-lan) 192.168.1.54 f8:4e:73:24:29:23 iPhone
Thu Jul 2 09:31:53 2020 daemon.notice openvpn(Server)[6896]: 192.168.1.78:43335 TLS: Initial packet from [AF_INET]192.168.1.78:43335, sid=fface1a6 f4375522
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: 192.168.1.78:43335 peer info: IV_GUI_VER=OC30Android
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: 192.168.1.78:43335 peer info: IV_VER=3.git::f225fcd0:Release
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: 192.168.1.78:43335 peer info: IV_PLAT=android
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: 192.168.1.78:43335 peer info: IV_NCP=2
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: 192.168.1.78:43335 peer info: IV_TCPNL=1
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: 192.168.1.78:43335 peer info: IV_PROTO=2
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: 192.168.1.78:43335 peer info: IV_LZO_STUB=1
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: 192.168.1.78:43335 peer info: IV_COMP_STUB=1
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: 192.168.1.78:43335 peer info: IV_COMP_STUBv2=1
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: 192.168.1.78:43335 TLS: Username/Password authentication succeeded for username 'user' [CN SET]
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: 192.168.1.78:43335 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: 192.168.1.78:43335 [user] Peer Connection Initiated with [AF_INET]192.168.1.78:43335
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: user/192.168.1.78:43335 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: user/192.168.1.78:43335 MULTI: Learn: 10.8.0.6 -> user/192.168.1.78:43335
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: user/192.168.1.78:43335 MULTI: primary virtual IP for user/192.168.1.78:43335: 10.8.0.6
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: user/192.168.1.78:43335 PUSH: Received control message: 'PUSH_REQUEST'
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: user/192.168.1.78:43335 SENT CONTROL [user]: 'PUSH_REPLY,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: user/192.168.1.78:43335 Data Channel: using negotiated cipher 'AES-256-GCM'
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: user/192.168.1.78:43335 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Jul 2 09:31:54 2020 daemon.notice openvpn(Server)[6896]: user/192.168.1.78:43335 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
From wan I'm trying to connect via ddns btw.
Also sometime there can be seemed error messages:
Thu Jul 2 09:23:37 2020 daemon.notice openvpn(Server)[6476]: user/192.168.1.78:43872 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Jul 2 09:23:37 2020 daemon.notice openvpn(Server)[6476]: user/192.168.1.78:43872 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Jul 2 09:23:42 2020 daemon.err openvpn(Server)[6476]: 192.168.1.78:47495 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Jul 2 09:23:42 2020 daemon.err openvpn(Server)[6476]: 192.168.1.78:47495 TLS Error: TLS handshake failed
Thu Jul 2 09:23:42 2020 daemon.notice openvpn(Server)[6476]: 192.168.1.78:47495 SIGTERM[soft,tls-error] received, client-instance exiting
Thu Jul 2 09:23:52 2020 daemon.err openvpn(Server)[6476]: 192.168.1.78:48322 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Jul 2 09:23:52 2020 daemon.err openvpn(Server)[6476]: 192.168.1.78:48322 TLS Error: TLS handshake failed
Thu Jul 2 09:23:52 2020 daemon.notice openvpn(Server)[6476]: 192.168.1.78:48322 SIGTERM[soft,tls-error] received, client-instance exiting
Thu Jul 2 09:24:04 2020 daemon.notice openvpn(Server)[6476]: user/192.168.1.78:43872 SIGTERM[soft,remote-exit] received, client-instance exiting
Thu Jul 2 09:24:05 2020 daemon.notice hostapd: wlan1: AP-STA-DISCONNECTED 60:ab:67:f4:af:f1
Thu Jul 2 09:24:30 2020 daemon.err openvpn(Server)[6476]: 192.168.1.78:42949 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Jul 2 09:24:30 2020 daemon.err openvpn(Server)[6476]: 192.168.1.78:42949 TLS Error: TLS handshake failed
Thu Jul 2 09:24:30 2020 daemon.notice openvpn(Server)[6476]: 192.168.1.78:42949 SIGTERM[soft,tls-error] received, client-instance exiting