Hi,
I'm trying to install openvpn, cant update to install it, tried to edit the /etc/opkg.conf as suggested, what am i doing wrong here?
pastebin.com/cDqHynaS
thanks
The content of this topic has been archived on 23 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
Hi,
I'm trying to install openvpn, cant update to install it, tried to edit the /etc/opkg.conf as suggested, what am i doing wrong here?
pastebin.com/cDqHynaS
thanks
You're using an outdated development (trunk) version and its no more supported
Update to latest stable release.
development repository will always eventually become unavailable, kernel modules will become obsolete in 1-2 weeks
how to update? I've installed openwrt-15.05-brcm63xx-generic-DSL274XB-F1-EU-squashfs-cfe.bin
edit: here is the original before i modified the packages: pastebin.com/hFgnJUie
/chaos_calmer/15.05/
(Last edited by hopelessone on 15 Oct 2016, 22:49)
OK, i've updated from there: downloads.openwrt.org/chaos_calmer/15.0 … x/generic/
openwrt-15.05.1-brcm63xx-generic-DSL274XB-F1-AU-squashfs-cfe.bin
But now i got no wifi section(its completely missing), only lan, how to enable the wifi menu, so i can then enable wifi?
(Last edited by hopelessone on 16 Oct 2016, 00:29)
edit: here is the original before i modified the packages: pastebin.com/hFgnJUie
/chaos_calmer/15.05/
It was very bad idea. Trunk packages from DD are totally incompatible with any previous versions. They use another libc.
But now i got no wifi section(its completely missing), only lan, how to enable the wifi menu, so i can then enable wifi?
First try "iw list" to see if it sees any wifi adapters.
If no then you have problem with drivers.
If yes try "wifi detect". It should output basic /etc/config/wireless file to stdout. If OK then add ">/etc/config/wireless" to the end
ok, i reverted back in the meantime (before you replied to the original (with wifi) is there anything i can do to get this going? here is the error output:
or do you only recommend Update to latest stable release and try to fix wifi?
Edit: @bolvan big THANKS for helping also!
(Last edited by hopelessone on 16 Oct 2016, 11:10)
Pls read what you have posted to pastebin.
Log clearly indicates system cannot download file. It looks also like it cant resolve "downloads.openwrt.org".
What should it mean ? Router has problems with inet connectivity.
How to test inet connectivity ?
1) ping something
2) nslookup something
3) wget something
ok, looks like ssh has got no internet but i thought it had, as i can connect and use the modem in a web browser ok..
root@OpenWrt:~# ping google.com
ping: bad address 'google.com'
Thats why i thought i had a packages problem in the first place Do you know how to fix? so i can be on my way
(Last edited by hopelessone on 16 Oct 2016, 14:18)
here's a screen of the ssh settings, pasteboard.co/fOiU7GfVl.png what do i need to do in order to get Internet in ssh working?
root@OpenWrt:~# ifconfig
br-lan Link encap:Ethernet HWaddr CC:B2:55:E5:39:63
inet addr:192.168.1.253 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fd48:ebfd:cf3f::1/60 Scope:Global
inet6 addr: fe80::ceb2:55ff:fee5:3963/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:58807 errors:0 dropped:0 overruns:0 frame:0
TX packets:40130 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6728488 (6.4 MiB) TX bytes:5615229 (5.3 MiB)
eth0 Link encap:Ethernet HWaddr CC:B2:55:E5:39:63
inet6 addr: fe80::ceb2:55ff:fee5:3963/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:91697 errors:0 dropped:11 overruns:0 frame:0
TX packets:47451 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:18974871 (18.0 MiB) TX bytes:7227047 (6.8 MiB)
eth0.1 Link encap:Ethernet HWaddr CC:B2:55:E5:39:63
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:89755 errors:0 dropped:0 overruns:0 frame:0
TX packets:45783 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:17138343 (16.3 MiB) TX bytes:6334148 (6.0 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:127974 errors:0 dropped:0 overruns:0 frame:0
TX packets:127974 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:8702563 (8.2 MiB) TX bytes:8702563 (8.2 MiB)
wlan0 Link encap:Ethernet HWaddr CC:B2:55:E5:39:64
inet6 addr: fe80::ceb2:55ff:fee5:3964/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:11080 errors:0 dropped:0 overruns:0 frame:0
TX packets:35182 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1734819 (1.6 MiB) TX bytes:11689156 (11.1 MiB)
root@OpenWrt:~# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan
(Last edited by hopelessone on 17 Oct 2016, 02:55)
Might be a great idea to post /etc/config/network and /etc/config/firewall.
/etc/config/network:
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd48:ebfd:cf3f::/48'
config interface 'lan'
option ifname 'eth0.1'
option force_link '1'
option type 'bridge'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.1.253'
config switch
option name 'eth0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'eth0'
option vlan '1'
option ports '0 1 2 3 8t'
/etc/config/firewall:
config defaults
option syn_flood 1
option input ACCEPT
option output ACCEPT
option forward REJECT
# Uncomment this line to disable ipv6 rules
# option disable_ipv6 1
config zone
option name lan
list network 'lan'
option input ACCEPT
option output ACCEPT
option forward ACCEPT
config zone
option name wan
list network 'wan'
list network 'wan6'
option input REJECT
option output ACCEPT
option forward REJECT
option masq 1
config forwarding
option src lan
option dest wan
# We need to accept udp packets on port 68,
# see https://dev.openwrt.org/ticket/4108
config rule
option name Allow-DHCP-Renew
option src wan
option proto udp
option dest_port 68
option target ACCEPT
option family ipv4
# Allow IPv4 ping
config rule
option name Allow-Ping
option src wan
option proto icmp
option icmp_type echo-request
option family ipv4
option target ACCEPT
config rule
option name Allow-IGMP
option src wan
option proto igmp
option family ipv4
option target ACCEPT
# Allow DHCPv6 replies
# see https://dev.openwrt.org/ticket/10381
config rule
option name Allow-DHCPv6
option src wan
option proto udp
option src_ip fe80::/10
option src_port 547
option dest_ip fe80::/10
option dest_port 546
option family ipv6
option target ACCEPT
config rule
option name Allow-MLD
option src wan
option proto icmp
option src_ip fe80::/10
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family ipv6
option target ACCEPT
# Allow essential incoming IPv6 ICMP traffic
config rule
option name Allow-ICMPv6-Input
option src wan
option proto icmp
list icmp_type echo-request
list icmp_type echo-reply
list icmp_type destination-unreachable
list icmp_type packet-too-big
list icmp_type time-exceeded
list icmp_type bad-header
list icmp_type unknown-header-type
list icmp_type router-solicitation
list icmp_type neighbour-solicitation
list icmp_type router-advertisement
list icmp_type neighbour-advertisement
option limit 1000/sec
option family ipv6
option target ACCEPT
# Allow essential forwarded IPv6 ICMP traffic
config rule
option name Allow-ICMPv6-Forward
option src wan
option dest *
option proto icmp
list icmp_type echo-request
list icmp_type echo-reply
list icmp_type destination-unreachable
list icmp_type packet-too-big
list icmp_type time-exceeded
list icmp_type bad-header
list icmp_type unknown-header-type
option limit 1000/sec
option family ipv6
option target ACCEPT
# include a file with users custom iptables rules
config include
option path /etc/firewall.user
### EXAMPLE CONFIG SECTIONS
# do not allow a specific ip to access wan
#config rule
# option src lan
# option src_ip 192.168.45.2
# option dest wan
# option proto tcp
# option target REJECT
# block a specific mac on wan
#config rule
# option dest wan
# option src_mac 00:11:22:33:44:66
# option target REJECT
# block incoming ICMP traffic on a zone
#config rule
# option src lan
# option proto ICMP
# option target DROP
# port redirect port coming in on wan to lan
#config redirect
# option src wan
# option src_dport 80
# option dest lan
# option dest_ip 192.168.16.235
# option dest_port 80
# option proto tcp
# port redirect of remapped ssh port (22001) on wan
#config redirect
# option src wan
# option src_dport 22001
# option dest lan
# option dest_port 22
# option proto tcp
# allow IPsec/ESP and ISAKMP passthrough
config rule
option src wan
option dest lan
option proto esp
option target ACCEPT
config rule
option src wan
option dest lan
option dest_port 500
option proto udp
option target ACCEPT
### FULL CONFIG SECTIONS
#config rule
# option src lan
# option src_ip 192.168.45.2
# option src_mac 00:11:22:33:44:55
# option src_port 80
# option dest wan
# option dest_ip 194.25.2.129
# option dest_port 120
# option proto tcp
# option target REJECT
#config redirect
# option src lan
# option src_ip 192.168.45.2
# option src_mac 00:11:22:33:44:55
# option src_port 1024
# option src_dport 80
# option dest_ip 194.25.2.129
# option dest_port 120
# option proto tcp
First of all "internet in ssh" does not exist.
Internet can be present on the whole device or not present at all.
It cant be present in web interface and absent in ssh. Its nonsense and misunderstanding how things work.
The reason why it is not working - you haven't defined WAN interface section in /etc/config/network. Also it seams you're missing second VLAN (the one used for WAN) in switch configuration.
(Last edited by bolvan on 17 Oct 2016, 07:57)
ok thanks, can you list the steps on what to do in order to get this going?
ok thanks, can you list the steps on what to do in order to get this going?
What is exact device model ?
Also it seams you're missing second VLAN (the one used for WAN) in switch configuration.
That might not be needed. To my knowledge that "second VLAN" is only needed in those routers that use the same eth interface for wan and lan, or have otherwise a special need for that kind of config. In most routers only one VLAN (for lan) is defined.
(Last edited by hnyman on 17 Oct 2016, 08:43)
The model is: DSL-2750B
P/N: ISL2750BNAU01B1E
I found this: https://patchwork.ozlabs.org/patch/578838/ that told me that the hardware is exactly like 274xB F1 but with a usb port.
All i wanna do here is set this old DSL modem up as a vpn, it plugs into the back of the main modem that connects to the NBN internet.
(Last edited by hopelessone on 17 Oct 2016, 09:10)
That might not be needed. To my knowledge that "second VLAN" is only needed in those routers that use the same eth interface for wan and lan, or have otherwise a special need for that kind of config. In most routers only one VLAN (for lan) is defined.
Yes, you're right. We didnt know it was a DSL modem.
In this case WAN should be linked to modem.
wiki tells ADSL2+ is unsupported.
So you're unlucky, this model is only partially supported, and you won't get inet in openwrt.
The best you can do is to use it as ethernet router if you configure switch with 2 VLANs
Or revert to stock fw
(Last edited by bolvan on 17 Oct 2016, 09:29)
ok, the terminology is getting me here..
First modem = NBN
Second = DSL openwrt
right now i can connect to wifi "openwrt" and i can browse the internet with this on my computer no problems.
So the setup connecting second modem to first via ethernet cable, like i have done, I can't use second as a vpn router you say?
I was really wanting to install openvpn and use that router as a vpn instead of installing vpn on 4 separate computers, i was thinking that i could just install the vpn on the 1 router "openwrt" and connect all 4 to that router
(Last edited by hopelessone on 17 Oct 2016, 10:11)
So, you have connected openwrt device's LAN port to another device that acts as real router. Right ?
In this case you're missing default gateway and dns options in lan section.
Its possible to configure LAN as dhcp client and get ip automatically from the real router's dhcp service but I wouldnt recommend doing so because without working dhcp you won't be able to access openwrt device by network. Static configuration is better.
Its possible to use openwrt as openvpn server in this setup. But you need to understand how it would work and imagine all possible issues.
To route traffic thru openvpn you'll have to change default gateway from the real router to openwrt's IP address. The most logical way to do so would be altering DHCP configuration to provide alternative gw. I doubt stock firmware supports that. So, you may want to stop using real router's dhcp and configure dhcp on openwrt's side.
Also do not expect great speed from openwrt router. If you get 10 mbit it would be great.
yes, i have connected openwrt device's LAN port to another device that acts as real router.
my internet speed is 25/5 Mbps, in your opinion is this worth pursuing still? my other modem is a billion BiPAC 7800VDPX is has quite alot of options, it could have the DHCP configuration to provide alternative gw, might have to drop this
(Last edited by hopelessone on 17 Oct 2016, 10:45)
my internet speed is 25/5 Mbps, in your opinion is this worth pursuing still?
No. Your device has 333 mhz cpu. All I can squeeze from 650 mhz cpu is 8-10 mbit. And 14 mbit from 1.0ghz cpu.
Openvpn is slow by design because its tun based. It runs in usermode and switches between kernel and user on every packet.
ok, well then thats it for me thanks very much for all your help, its been an interesting journey
so whats the best modem out there in your opinion for openvpn? I just wanted to simplify things as my vpn provider allows a max of 3 connections for the same user, i have 4 computers and i thought this little old modem might have been the answer.
Edit: so currently its still best to have the openvpn client side?
(Last edited by hopelessone on 17 Oct 2016, 11:45)
If possible consider moving from openvpn to pptp. Pptp is not very secure but its fast. Its kernel based , no usermode.
If still openvpn is mandatory then look for at least 1.5 ghz arm device or even better - x86 minipc.
The discussion might have continued from here.