Running openVPN Client Destroys LEDE

When I enable an openVPN client on my WRT3200ACM using LEDE (Linux 4.4.92) or any other build such as davidc502 (Linux 4.14.41), I have noticed that after some time (usually a few days), the router cannot be pinged, cannot be SSHed, cannot be visited LuCi via a browser, wired clients have no Internet connection, and wireless clients also have no Internet connection. The only thing normal is that the SSIDs are all being broadcasted and the LEDs on the router look perfectly normal. Even restarting the router after powering it off for minutes at a time does nothing. Once any of the partitions goes into the state described above, only a firmware reinstall can rescue it.

I recently ran the router without any openVPN and it has been running fine now for about 3 weeks. So, I have isolated the issue to running an openVPN client on the router. I would like to keep running openVPN on the router as this is how I have run my routers for years. Please advise.

The way you describe it sounds like a memory problem. Since it happens after a few days suggests you are written a log into a flash partition and not e.g. in /tmp as should be standard. This is where I would start throubleshoot your problem. Posting the config file (censored) could help.

1 Like

Interesting, I can look into where the log file is being kept. I didn't change anything, but your explanation is very possible. Please specify which config file you would like me to post. Thanks.

Okay, so logging has not been enabled for openVPN service. If logging is enabled, it would all go to /var/log/openvpn.log. Here's how the file system looks like (/var is a link to /tmp). Please see below for the file system setup and an output of openvpn settings.

root@wrt3200acm:/# ls -la
drwxr-xr-x    1 root     root           352 May 18 09:14 .
drwxr-xr-x    1 root     root           352 May 18 09:14 ..
-rw-------    1 root     root          1024 May 18 09:14 .rnd
drwxr-xr-x    2 root     root           846 May 18 09:14 bin
drwxr-xr-x    5 root     root          1900 Sep 19  2037 dev
drwxr-xr-x    1 root     root          1872 Jun 20 17:27 etc
drwxr-xr-x   11 root     root           499 May 18 09:14 lib
drwxr-xr-x    2 root     root             3 May 18 09:14 mnt
drwxr-xr-x    4 root     root           344 May 18 09:14 overlay
dr-xr-xr-x   88 root     root             0 Dec 31  1969 proc
drwxr-xr-x   16 root     root           223 May 18 09:14 rom
drwxr-xr-x    2 root     root             3 May 18 09:14 root
drwxr-xr-x    2 root     root           825 May 18 09:14 sbin
dr-xr-xr-x   11 root     root             0 Dec 31  1969 sys
drwxrwxrwt   20 root     root           520 Jun 20 17:28 tmp
drwxr-xr-x    1 root     root           224 May 18 09:14 usr
lrwxrwxrwx    1 root     root             3 May 18 09:14 var -> tmp
drwxr-xr-x    4 root     root            67 May 18 09:14 www

root@wrt3200acm:/etc/config# cat openvpn
config openvpn 'pia_client'
	option dev 'tun'
	option nobind '1'
	option verb '3'
	option comp_lzo 'yes'
	option keepalive '10 120'
	option persist_tun '1'
	option persist_key '1'
	option client '1'
	option proto 'udp'
	option resolv_retry 'infinite'
	option reneg_sec '0'
	option auth_nocache '1'
	option remote_cert_tls 'server'
	option tls_client '1'
	option port '1198'
	option auth 'sha1'
	option ca '/etc/openvpn/ca.rsa.2048.crt'
	option auth_retry 'none'
	option auth_user_pass '/etc/openvpn/userpass.txt'
	option crl_verify '/etc/openvpn/crl.rsa.2048.pem'
	option cipher 'aes-128-cbc'
	option enabled '1'
	option remote_random '1'
	list remote ' 1198'
	list remote ' 1198'
	list remote ' 1198'