[EDIT] For the solution, see post #6, below.
Has anyone got this to work - I have been beating my head around it for a week! Any advice would be appreciated!
I am using
OpenWRT client and server, both on BB (builds less than a week old), and the OpenSSL version of OpenVPN
OpenSSH (rather than Dropbear) with autossh (which has been exhibiting its own problems) to create a dynamic SSH tunnel
The SOCKS tunnel is confirmed working as it can punch a Chrome client through a SPI firewall (using network A). The SOCKS tunnel also functions correctly on networks without any significant firewall (network B).
Scenario 1: The OpenVPN tunnel is working fine (using network B) if I do not have socks_proxy configured:
uci del openvpn.MYVPN.socks_proxy
uci commit openvpn
/etc/init.d/openvpn restart
ping 8.8.8.8
Scenario 2: However, the OpenVPN tunnel doesn't work if I use the SOCKS proxy (again, on network B):
uci set openvpn.MYVPN.socks_proxy='localhost 1080'
uci commit openvpn
/etc/init.d/openvpn restart
ping 8.8.8.8
The only difference is the socks_proxy option. In both cases, the OpenVPN tunnel is established OK (I will add the logs tomorrow), but only Scenario 1 'works' (i.e. I get an ICMP echo reply). Yes, I am using TCP rather than UDP.
In Scenario 2, the tunnel fails according to the keepalive option, and does a ping restart after 2 minutes.
uci set openvpn.MYVPN.keepalive='10 120'
If someone can help me on this, I will add it to a HOWTO wiki!
References:
http://wiki.openwrt.org/doc/howto/vpn.openvpn
https://community.openvpn.net/openvpn/w … n23ManPage
PS: When the OpenVPN tunnel triggers a SIGUSR1 after the expiration of the ping_restart timer, I think it is the reason why autossh is stopping gracefully when it shouldn't?
(Last edited by zxdavb on 2 Jun 2014, 15:35)