When I enable an openVPN client on my WRT3200ACM using LEDE (Linux 4.4.92) or any other build such as davidc502 (Linux 4.14.41), I have noticed that after some time (usually a few days), the router cannot be pinged, cannot be SSHed, cannot be visited LuCi via a browser, wired clients have no Internet connection, and wireless clients also have no Internet connection. The only thing normal is that the SSIDs are all being broadcasted and the LEDs on the router look perfectly normal. Even restarting the router after powering it off for minutes at a time does nothing. Once any of the partitions goes into the state described above, only a firmware reinstall can rescue it.
I recently ran the router without any openVPN and it has been running fine now for about 3 weeks. So, I have isolated the issue to running an openVPN client on the router. I would like to keep running openVPN on the router as this is how I have run my routers for years. Please advise.
The way you describe it sounds like a memory problem. Since it happens after a few days suggests you are written a log into a flash partition and not e.g. in /tmp as should be standard. This is where I would start throubleshoot your problem. Posting the config file (censored) could help.
1 Like
Interesting, I can look into where the log file is being kept. I didn't change anything, but your explanation is very possible. Please specify which config file you would like me to post. Thanks.
Okay, so logging has not been enabled for openVPN service. If logging is enabled, it would all go to /var/log/openvpn.log. Here's how the file system looks like (/var is a link to /tmp). Please see below for the file system setup and an output of openvpn settings.
root@wrt3200acm:/# ls -la
drwxr-xr-x 1 root root 352 May 18 09:14 .
drwxr-xr-x 1 root root 352 May 18 09:14 ..
-rw------- 1 root root 1024 May 18 09:14 .rnd
drwxr-xr-x 2 root root 846 May 18 09:14 bin
drwxr-xr-x 5 root root 1900 Sep 19 2037 dev
drwxr-xr-x 1 root root 1872 Jun 20 17:27 etc
drwxr-xr-x 11 root root 499 May 18 09:14 lib
drwxr-xr-x 2 root root 3 May 18 09:14 mnt
drwxr-xr-x 4 root root 344 May 18 09:14 overlay
dr-xr-xr-x 88 root root 0 Dec 31 1969 proc
drwxr-xr-x 16 root root 223 May 18 09:14 rom
drwxr-xr-x 2 root root 3 May 18 09:14 root
drwxr-xr-x 2 root root 825 May 18 09:14 sbin
dr-xr-xr-x 11 root root 0 Dec 31 1969 sys
drwxrwxrwt 20 root root 520 Jun 20 17:28 tmp
drwxr-xr-x 1 root root 224 May 18 09:14 usr
lrwxrwxrwx 1 root root 3 May 18 09:14 var -> tmp
drwxr-xr-x 4 root root 67 May 18 09:14 www
root@wrt3200acm:/etc/config# cat openvpn
...
config openvpn 'pia_client'
option dev 'tun'
option nobind '1'
option verb '3'
option comp_lzo 'yes'
option keepalive '10 120'
option persist_tun '1'
option persist_key '1'
option client '1'
option proto 'udp'
option resolv_retry 'infinite'
option reneg_sec '0'
option auth_nocache '1'
option remote_cert_tls 'server'
option tls_client '1'
option port '1198'
option auth 'sha1'
option ca '/etc/openvpn/ca.rsa.2048.crt'
option auth_retry 'none'
option auth_user_pass '/etc/openvpn/userpass.txt'
option crl_verify '/etc/openvpn/crl.rsa.2048.pem'
option cipher 'aes-128-cbc'
option enabled '1'
option remote_random '1'
list remote 'us-california.privateinternetaccess.com 1198'
list remote 'us-west.privateinternetaccess.com 1198'
list remote 'us-siliconvalley.privateinternetaccess.com 1198'