Yes, I've gone through the completely inscrutable https://openwrt.org/docs/guide-user/services/vpn/openvpn/client
All I want to do is configure a trivial, point-to-point, shared-key, OpenVPN client.
LuCI and uci do a marvelous job of changing whitespace and stripping comments, making them unusable for me.
Working from openvpn_recipes
, I crafted /etc/config/openvpn
jeff@test:/etc/config$ cat openvpn
package openvpn
#
# Routed point-to-point client
#
config openvpn client_tun_ptp
option _description 'Simple client configuration for a routed point-to-point VPN'
option _role 'client'
option dev 'tun0'
list remote '10.0.0.2'
option ifconfig '172.16.1.1 172.16.1.2'
option secret '/etc/openvpn/static.key'
option nobind '1'
# option comp_lzo 'yes'
option verb '3'
consistent with a known-good, four-liner on Debian.
Note: As pointed out in the next post, the above config is missing
option enabled '1'
The static key is in place.
tun0
has been added to the firewall. I did not see anything on the linked page about defining an interface.
--- a/config/firewall
+++ b/config/firewall
@@ -18,6 +18,7 @@ config zone
list network 'wan'
list network 'wan6'
list network 'wg0'
+ list network 'tun0'
option input ACCEPT
option output ACCEPT
option forward ACCEPT
(yes, ACCEPT
is intentional)
/etc/init.d/openvpn start
does not result in any log messages, or a running instance.
jeff@test:/etc/config$ sudo sh -x /etc/init.d/openvpn start
+ START=90
+ STOP=10
+ USE_PROCD=1
+ PROG=/usr/sbin/openvpn
+ LIST_SEP='
'
+ UCI_STARTED=
+ UCI_DISABLED=
(end of output)
What am I missing with this?