OpenVPN on RouterTech

All about firmwares for routers. Support for RouterTech firmwares is here too.
Post Reply
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

OpenVPN on RouterTech

Post by thechief » Wed Jul 28, 2010 2:48 pm

OpenVPN will be supported in the next release of the RouterTech firmwares. In respect of this, there is a very important poll here: viewtopic.php?f=6&t=3513

This poll is for those with 1350A wireless firmwares.

Thanks.
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
Andriy
Newbie
Newbie
Posts: 8
Joined: Sun Jan 02, 2011 10:08 am

Re: OpenVPN on RouterTech

Post by Andriy » Sat Nov 12, 2011 3:01 pm

What is the way to put generated certificates to my created minix partition? (4mb flash)
Router listening at port 21 but refuses connection.
Sorry for noob questions =)
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: OpenVPN on RouterTech

Post by thechief » Sat Nov 12, 2011 5:03 pm

You can copy them to the minix partition with WinSCP. Then you will need to connect via telnet/ssh, and run "flush" to ensure that the disk buffers are flushed, otherwise you might lose the data when you reboot the router.
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
Andriy
Newbie
Newbie
Posts: 8
Joined: Sun Jan 02, 2011 10:08 am

Re: OpenVPN on RouterTech

Post by Andriy » Sat Nov 12, 2011 7:28 pm

writing..
aligator638
Novice
Novice
Posts: 34
Joined: Sat Apr 19, 2008 9:27 am

Re: OpenVPN on RouterTech

Post by aligator638 » Wed Apr 09, 2014 3:12 pm

Hi there,

It looks like you will have to provide a new firmware with the correct code for the openssl library.

The story is all over the web and explained here http://www.theregister.co.uk/2014/04/08 ... tical_bug/ and there
http://www.theregister.co.uk/2014/04/09 ... site_vuln/

OpenVPN has released new code to patch the vulnerability http://openvpn.net/index.php/open-source/downloads.html detailed explaination at http://heartbleed.com/

Kind regards,

Eric
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: OpenVPN on RouterTech

Post by thechief » Wed Apr 09, 2014 5:39 pm

aligator638 wrote:It looks like you will have to provide a new firmware with the correct code for the openssl library.
Eric
Our implementation of openvpn is not affected. We use an older version of openssl (as do virtually all AR7 routers based on TI reference code).
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
aligator638
Novice
Novice
Posts: 34
Joined: Sat Apr 19, 2008 9:27 am

Re: OpenVPN on RouterTech

Post by aligator638 » Wed Apr 09, 2014 5:54 pm

Great information,

Just one worry, we did a test this afternoon with a friend (I cannot do the test myself, I am away from home), he tried the versions of the OpenVPN client that have the library fixed and told me he could not connect to our RouterTech VPN (he downloaded the older version without the fix and said it worked). I do not really trust him since he is not very technical and could have messed up his client file.

Could anyone check ?


Thanks again,


Eric
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: OpenVPN on RouterTech

Post by thechief » Wed Apr 09, 2014 5:56 pm

What exactly is the problem?
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
aligator638
Novice
Novice
Posts: 34
Joined: Sat Apr 19, 2008 9:27 am

Re: OpenVPN on RouterTech

Post by aligator638 » Wed Apr 09, 2014 6:46 pm

He is not a technical person, he said he downloaded the latest version (windows x64 client OpenVPN 2.3.3 -- released on 2014.04.09) and could not connect to the Routertech server. Unfortunately I am away, and I cannot get a look at the logs for the next few weeks.

Eric
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: OpenVPN on RouterTech

Post by thechief » Wed Apr 09, 2014 7:04 pm

OpenVPN RouterTech HowTo.pdf wrote:Simply download the OpenVPN client software from http://openvpn.net/ and install it. It is important that the client is the same version as the server on the router (currently v2.1.1).
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
aligator638
Novice
Novice
Posts: 34
Joined: Sat Apr 19, 2008 9:27 am

Re: OpenVPN on RouterTech

Post by aligator638 » Wed Apr 09, 2014 8:47 pm

Agree, this will work, but how about android (ios and other I do not have) ? You cannot get a previous version, only the latest, as soon as the patched client is out, we are toast. As mentioned in the posts this vuln. is a big one with a lot of implications for all of us.

Sorry to be a pain Chief !

Eric
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: OpenVPN on RouterTech

Post by thechief » Thu Apr 10, 2014 9:24 am

So we are supposed to produce a version-specific binary of openvpn for every openvpn client version out there?
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
aligator638
Novice
Novice
Posts: 34
Joined: Sat Apr 19, 2008 9:27 am

Re: OpenVPN on RouterTech

Post by aligator638 » Thu Apr 10, 2014 9:33 am

No, but bear in mind most light OSes like iOS, Android do not let you select which version of software you install on your device.

For Windows and Linuxes, previous binaries can be installed.


Eric
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: OpenVPN on RouterTech

Post by thechief » Thu Apr 10, 2014 10:24 am

aligator638 wrote:No, but bear in mind most light OSes like iOS, Android do not let you select which version of software you install on your device.
But that has always been the case, and I am not sure how that is an openvpn issue. As far as I am aware, openvpn client software is not built into iOS or Android or any other OS. That being the case, anyone who wants to install an openvpn client on Adroid or iOS or any other OS should install v2.1.1, and make sure that their openssl libraries are up-to-date (which I presume will not be statically linked into the openvpn binaries). And anyone who finds openvpn too bothersome can always use pptp.
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
Post Reply