Hi there all. I am trying to create a VPN Server on my DIR-825 with Openwrt 3.2.9 kernel.
Well... after a couple of hours I manage to start it ... and to connect to it from my Windows 7 Client. To test the VPN Connection I connected my laptop to a 3G network and I did all things remotely. Anyway... I start the server, but... after I connect to the VPN, I can't access my router anymore (while I am connected to the VPN Server)... I can ping 192.168.92.240 (my client ip), but I can't ping 192.168.92.1 (my local router ip), nor my remote router ip.
Server Config
port 1194
proto udp
dev tap0
server-bridge 192.168.92.1 255.255.255.0 192.168.92.240 192.168.92.250
push "route 192.168.92.0 255.255.255.0"
push "dhcp-option WINS 192.168.92.0"
push "dhcp-option DNS 192.168.92.1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
keepalive 10 120
#comp-lzo
persist-key
persist-tun
status /etc/openvpn/openvpn-status.log
log /etc/openvpn/openvpn-log.log
verb 3Network Config
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config interface 'lan'
option type 'bridge'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '192.168.92.1'
option dns '8.8.8.8 8.8.4.4'
option _orig_ifname 'eth0.1 wlan0 wlan1'
option _orig_bridge 'true'
option ifname 'eth0.1 tap0'
config interface 'wan'
option ifname 'eth1'
option proto 'dhcp'
option macaddr '00:1D:72:C3:21:E2'
config switch
option name 'rtl8366s'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'rtl8366s'
option vlan '1'
option ports '0 1 2 3 5t'
config interface 'vpn'
option ifname 'tun0'
option _orig_ifname 'tun0'
option _orig_bridge 'false'
option proto 'dhcp'Firewall config
config rule
option target 'ACCEPT'
option name 'VPN'
option src 'wan'
option dest_port '1194'
option proto 'tcp udp'
config zone
option name vpn
option input ACCEPT
option output ACCEPT
option forward ACCEPT
config forwarding
option src vpn
option dest wan
config forwarding
option src vpn
option dest lanClient Config
client
remote REMOTE-ROOTERIP 1194 # my website and port 1194 (standard port for OpenVpn)
proto udp
dev tap
nobind
ca ca.crt
cert client1.crt
key client1.key
comp-lzo
verb 3
keepalive 10 120
resolv-retry infinite
mute-replay-warnings
mute 20
persist-key
persist-tunServer Log
Sun Apr 15 02:29:20 2012 OpenVPN 2.2.1 mips-openwrt-linux [SSL] [LZO2] [EPOLL] built on Apr 9 2012
Sun Apr 15 02:29:20 2012 NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to
Sun Apr 15 02:29:20 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun Apr 15 02:29:20 2012 Diffie-Hellman initialized with 1024 bit key
Sun Apr 15 02:29:20 2012 TLS-Auth MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun Apr 15 02:29:20 2012 Socket Buffers: R=[163840->131072] S=[163840->131072]
Sun Apr 15 02:29:20 2012 TUN/TAP device tap0 opened
Sun Apr 15 02:29:20 2012 TUN/TAP TX queue length set to 100
Sun Apr 15 02:29:20 2012 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
Sun Apr 15 02:29:20 2012 UDPv4 link local (bound): [undef]:1194
Sun Apr 15 02:29:21 2012 UDPv4 link remote: [undef]
Sun Apr 15 02:29:21 2012 MULTI: multi_init called, r=256 v=256
Sun Apr 15 02:29:21 2012 IFCONFIG POOL: base=192.168.92.240 size=11
Sun Apr 15 02:29:21 2012 Initialization Sequence CompletedClient Log
Sun Apr 15 05:45:05 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011
Sun Apr 15 05:45:05 2012 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun Apr 15 05:45:05 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun Apr 15 05:45:06 2012 LZO compression initialized
Sun Apr 15 05:45:06 2012 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun Apr 15 05:45:06 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Apr 15 05:45:06 2012 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Sun Apr 15 05:45:06 2012 Local Options hash (VER=V4): 'd79ca330'
Sun Apr 15 05:45:06 2012 Expected Remote Options hash (VER=V4): 'f7df56b8'
Sun Apr 15 05:45:06 2012 UDPv4 link local: [undef]
Sun Apr 15 05:45:06 2012 UDPv4 link remote: 89.165.218.121:1194
Sun Apr 15 05:45:06 2012 TLS: Initial packet from 89.165.218.121:1194, sid=3bd3c472 95ee609f
Sun Apr 15 05:45:06 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=me@myhost.mydomain
Sun Apr 15 05:45:06 2012 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=server/emailAddress=me@myhost.mydomain
Sun Apr 15 05:45:07 2012 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Apr 15 05:45:07 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Apr 15 05:45:07 2012 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Apr 15 05:45:07 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Apr 15 05:45:07 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sun Apr 15 05:45:07 2012 [server] Peer Connection Initiated with 89.165.218.121:1194
Sun Apr 15 05:45:09 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Sun Apr 15 05:45:09 2012 PUSH: Received control message: 'PUSH_REPLY,route 192.168.92.0 255.255.255.0,dhcp-option WINS 192.168.92.0,dhcp-option DNS 192.168.92.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route-gateway 192.168.92.1,ping 10,ping-restart 120,ifconfig 192.168.92.240 255.255.255.0'
Sun Apr 15 05:45:09 2012 OPTIONS IMPORT: timers and/or timeouts modified
Sun Apr 15 05:45:09 2012 OPTIONS IMPORT: --ifconfig/up options modified
Sun Apr 15 05:45:09 2012 OPTIONS IMPORT: route options modified
Sun Apr 15 05:45:09 2012 OPTIONS IMPORT: route-related options modified
Sun Apr 15 05:45:09 2012 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sun Apr 15 05:45:09 2012 ROUTE default_gateway=192.168.1.1
Sun Apr 15 05:45:09 2012 TAP-WIN32 device [TAP-Win32 VPN] opened: \\.\Global\{C6F18CD0-4996-4D1A-8BEE-445A58A33A80}.tap
Sun Apr 15 05:45:09 2012 TAP-Win32 Driver Version 9.9
Sun Apr 15 05:45:09 2012 TAP-Win32 MTU=1500
Sun Apr 15 05:45:09 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.92.240/255.255.255.0 on interface {C6F18CD0-4996-4D1A-8BEE-445A58A33A80} [DHCP-serv: 192.168.92.0, lease-time: 31536000]
Sun Apr 15 05:45:09 2012 Successful ARP Flush on interface [38] {C6F18CD0-4996-4D1A-8BEE-445A58A33A80}
Sun Apr 15 05:45:14 2012 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Sun Apr 15 05:45:14 2012 C:\WINDOWS\system32\route.exe ADD 192.168.92.0 MASK 255.255.255.0 192.168.92.1
Sun Apr 15 05:45:14 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Sun Apr 15 05:45:14 2012 Route addition via IPAPI succeeded [adaptive]
Sun Apr 15 05:45:14 2012 Initialization Sequence CompletedIs either a bridge problem, or ROUTE default_gateway=192.168.1.1 ... but I do not know how to change that to 192.168.92.1 
Looking forward 4 any tips.
Happy Easter guys 