Some time ago I had Dlink DSL-500T router. I flashed it with ar7rd-1port-adam2 2.94 Routertech firmware and configured openvpn as client with static key. I created mtd5 partition, put openvpn config, keys and certs to "/nvram/ovpn" dir, wrote startup.sh and onconnect.sh scripts for openvpn, where I added route to my openvn server and created iptables rule for masquerading tun0 interface.
It all works perfect.
Now I have Actiontec GT701-WG. I flashed it with ar7wrd-1port-adam2 2.94 and trying to set up openvpn with the same way as previously. Unfortunately, the router freezes (no webpanel, no telnet, no led activity) when at least one transit IP packet passing through the openvpn.
Here my openvpn files in /nvram/ovpn/
Code: Select all
start.sh
onconnect.sh
openvpn.ovpn
openvpn.key
Code: Select all
#!/bin/sh
OVPN_TGTPATH=/var/tmp/openvpn
mkdir -p ${OVPN_TGTPATH}
# mknod
MKNOD=/bin/mknod
[ ! -f "$MKNOD" ] && MKNOD=$OVPN_TGTPATH/mknod
# The device name
TUNDEV=tun
# The device directory
TUNDEVPATH=/var/tmp
# The complete file name of the device
TUNDEVFILE=${TUNDEVPATH}/${TUNDEV}
# Start
echo "initializing module ethertap and tun"
modprobe -v -k ethertap
modprobe -v -k tun
echo "creating device node $TUNDEVFILE"
mkdir -p ${TUNDEVPATH}
$MKNOD -m 0644 ${TUNDEVFILE} c 10 200
cp -af /nvram/ovpn/*.crt "$OVPN_TGTPATH"
cp -af /nvram/ovpn/*.key "$OVPN_TGTPATH"
cp -af /nvram/ovpn/*.pem "$OVPN_TGTPATH"
cp -af /nvram/ovpn/*.ovpn "$OVPN_TGTPATH"
echo "calling openvpn"
sleep 2
# Log file.
OVPN_LOG=/var/log/ovpn.log
OVPN_STAT=/var/log/ovpn.stat
# start OpenVPN
/usr/local/bin/openvpn --cd ${OVPN_TGTPATH} --dev-node ${TUNDEVFILE} --config ${OVPN_TGTPATH}/openvpn.ovpn --log ${OVPN_LOG} --status $OVPN_STAT 5 &
sleep 2
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
echo /nvram/ovpn/onconnect.sh >> /var/tmp/onconnectWAN
Code: Select all
#!/bin/sh
# my openvpn server
route add -host 80.81.82.83 dev ppp0
# default gateway
route del default
route add default dev tun0
Code: Select all
/var # ifconfig
br0 Link encap:Ethernet HWaddr 00:15:15:15:15:74
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16926 errors:0 dropped:0 overruns:0 frame:0
TX packets:23040 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:2327141 (2.2 MiB) TX bytes:19576463 (18.6 MiB)
br1 Link encap:Ethernet HWaddr 00:00:00:00:00:00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
br2 Link encap:Ethernet HWaddr 00:00:00:00:00:00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
eth0 Link encap:Ethernet HWaddr 00:15:15:15:15:74
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16926 errors:0 dropped:0 overruns:0 frame:0
TX packets:23043 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:2564105 (2.4 MiB) TX bytes:19576589 (18.6 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
nas0 Link encap:Ethernet HWaddr 00:15:15:15:15:76
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:20280 errors:0 dropped:0 overruns:0 frame:0
TX packets:15318 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:18040327 (17.2 MiB) TX bytes:3523751 (3.3 MiB)
ppp0 Link encap:Point-to-Point Protocol
inet addr:178.95.19.26 P-t-P:95.58.76.80 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1400 Metric:1
RX packets:20184 errors:0 dropped:0 overruns:0 frame:0
TX packets:15223 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:17874409 (17.0 MiB) TX bytes:3032764 (2.8 MiB)
tun0 Link encap:Point-to-Point Protocol
inet addr:10.12.0.2 P-t-P:10.12.0.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:16889 errors:0 dropped:0 overruns:0 frame:0
TX packets:12954 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:13885255 (13.2 MiB) TX bytes:1813620 (1.7 MiB)
Code: Select all
/var # ping 10.12.0.1
PING 10.12.0.1 (10.12.0.1): 56 data bytes
64 bytes from 10.12.0.1: seq=0 ttl=64 time=160.000 ms
64 bytes from 10.12.0.1: seq=1 ttl=64 time=150.000 ms
64 bytes from 10.12.0.1: seq=2 ttl=64 time=150.000 ms
64 bytes from 10.12.0.1: seq=3 ttl=64 time=150.000 ms
Code: Select all
/var # iptables -t nat -v -L
Chain PREROUTING (policy ACCEPT 245 packets, 24271 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 30 packets, 2244 bytes)
pkts bytes target prot opt in out source destination
4 280 MASQUERADE all -- any ppp0 anywhere anywhere
0 0 MASQUERADE all -- any tun0 anywhere anywhere
Chain OUTPUT (policy ACCEPT 35 packets, 2742 bytes)
pkts bytes target prot opt in out source destination
Code: Select all
/var # free
total used free shared buffers
Mem: 14228 12620 1608 0 1152
Swap: 0 0 0
Total: 14228 12620 1608
It can be the kernel problem or something else? I have no idea. Would be grateful for any help. Thanks.