Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[vkfk]

Hi!

I've upgraded to the latest official firmware 1.08b39 and configured everything again manually.
I'm using OpenVPN on the router in server mode AND with exactly the same auth.files and configuration on both server and client side.

Connection is going fine, no errors in the log, but:
 - I cannot either access or ping the VPN machines from my network any longer. I do can ping them from the router itself though.

My local machine is win7-32.
My local AND the remote network is 10.10.10.0\24 with the firewall/gateway 10.10.10.100
The VPN network is 10.10.90.0\24, with 10.10.90.6 assigned for my TAP device and 10.10.90.5 as the VPN gateway.

Here's the OpenVPN client config-file:

Code: [Select]


client
dev tun
proto udp

remote xxx.com 1194

resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings

ca ca.crt
cert client.crt
key client.key

#openvpn 2.0
ns-cert-type server

tls-auth tls.key 1

cipher AES-256-CBC
verb 3

#push "route 10.10.90.1 255.255.255.0"
As I said before, it all worked just a few days, with the old (b73) firmware.
The last entrance  (push route) has just been added as suggested elsewhere, but with no success.


Here's the route print:

Code: [Select]

Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     10.10.10.100      10.10.10.13     10
       10.10.10.0    255.255.255.0         On-link       10.10.10.13    266
      10.10.10.13  255.255.255.255         On-link       10.10.10.13    266
     10.10.10.255  255.255.255.255         On-link       10.10.10.13    266
       10.10.90.0    255.255.255.0       10.10.90.5       10.10.90.6     30
       10.10.90.4  255.255.255.252         On-link        10.10.90.6    286
       10.10.90.6  255.255.255.255         On-link        10.10.90.6    286
       10.10.90.7  255.255.255.255         On-link        10.10.90.6    286

Here's the openVPN log just in case:

Code: [Select]

Wed Sep 11 03:21:44 2013 OpenVPN 2.3.2 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Aug 22 2013
Enter Management Password:
Wed Sep 11 03:21:44 2013 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25341
Wed Sep 11 03:21:44 2013 Need hold release from management interface, waiting...
Wed Sep 11 03:21:45 2013 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25341
Wed Sep 11 03:21:45 2013 MANAGEMENT: CMD 'state on'
Wed Sep 11 03:21:45 2013 MANAGEMENT: CMD 'log all on'
Wed Sep 11 03:21:45 2013 MANAGEMENT: CMD 'hold off'
Wed Sep 11 03:21:45 2013 MANAGEMENT: CMD 'hold release'
Wed Sep 11 03:21:45 2013 Control Channel Authentication: using 'tls.key' as a OpenVPN static key file
Wed Sep 11 03:21:45 2013 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 11 03:21:45 2013 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 11 03:21:45 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Sep 11 03:21:45 2013 MANAGEMENT: >STATE:1378862505,RESOLVE,,,
Wed Sep 11 03:21:45 2013 UDPv4 link local: [undef]
Wed Sep 11 03:21:45 2013 UDPv4 link remote: [AF_INET]xxxxxxxx:1194
Wed Sep 11 03:21:45 2013 MANAGEMENT: >STATE:1378862505,WAIT,,,
Wed Sep 11 03:21:45 2013 MANAGEMENT: >STATE:1378862505,AUTH,,,
Wed Sep 11 03:21:45 2013 TLS: Initial packet from [AF_INET]xxxxxx:1194, sid=2dfb818c 608e6ba9
Wed Sep 11 03:21:46 2013 VERIFY OK: depth=1, C=xx, ST=xx, L=xxx, O=OpenVPN, OU=xx, CN=xxxCA, name=xx-key, emailAddress=xxx
Wed Sep 11 03:21:46 2013 VERIFY OK: nsCertType=SERVER
Wed Sep 11 03:21:46 2013 VERIFY OK: depth=0, C=xx, ST=xxx, L=xxx, O=OpenVPN, OU=xx, CN=server, name=xxx-key, emailAddress=xxx
Wed Sep 11 03:21:46 2013 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Sep 11 03:21:46 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 11 03:21:46 2013 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Sep 11 03:21:46 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 11 03:21:46 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Sep 11 03:21:46 2013 [server] Peer Connection Initiated with [AF_INET]xxxx:1194
Wed Sep 11 03:21:47 2013 MANAGEMENT: >STATE:1378862507,GET_CONFIG,,,
Wed Sep 11 03:21:48 2013 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed Sep 11 03:21:48 2013 PUSH: Received control message: 'PUSH_REPLY,route 10.10.90.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.10.90.6 10.10.90.5'
Wed Sep 11 03:21:48 2013 OPTIONS IMPORT: timers and/or timeouts modified
Wed Sep 11 03:21:48 2013 OPTIONS IMPORT: --ifconfig/up options modified
Wed Sep 11 03:21:48 2013 OPTIONS IMPORT: route options modified
Wed Sep 11 03:21:48 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Sep 11 03:21:48 2013 MANAGEMENT: >STATE:1378862508,ASSIGN_IP,,10.10.90.6,
Wed Sep 11 03:21:48 2013 open_tun, tt->ipv6=0
Wed Sep 11 03:21:48 2013 TAP-WIN32 device [Local Area Connection 4] opened: \\.\Global\{81FFA300-425A-465C-B1BE-E3E970BCC6BB}.tap
Wed Sep 11 03:21:48 2013 TAP-Windows Driver Version 9.9
Wed Sep 11 03:21:48 2013 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.10.90.6/255.255.255.252 on interface {81FFA300-425A-465C-B1BE-E3E970BCC6BB} [DHCP-serv: 10.10.90.5, lease-time: 31536000]
Wed Sep 11 03:21:48 2013 Successful ARP Flush on interface [31] {81FFA300-425A-465C-B1BE-E3E970BCC6BB}
Wed Sep 11 03:21:53 2013 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Wed Sep 11 03:21:53 2013 MANAGEMENT: >STATE:1378862513,ADD_ROUTES,,,
Wed Sep 11 03:21:53 2013 C:\Windows\system32\route.exe ADD 10.10.90.0 MASK 255.255.255.0 10.10.90.5
Wed Sep 11 03:21:53 2013 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Wed Sep 11 03:21:53 2013 Route addition via IPAPI succeeded [adaptive]
Wed Sep 11 03:21:53 2013 Initialization Sequence Completed
Wed Sep 11 03:21:53 2013 MANAGEMENT: >STATE:1378862513,CONNECTED,SUCCESS,10.10.90.6,xxxxxx
Ideas ?

[FurryNutz]

Was this working before you updated or is this the first time setting up VPN?

[vkfk]

OpenVPN was working before

[FurryNutz]

You might want to go back to the last known working version.
What was the reason to upgrade?
What region are you located?

[vkfk]

The reason for upgrade was described in this thread, which was impudently hijacked by another:
http://forums.dlink.com/index.php?topic=53963.0

Region: Europe

[FurryNutz]

His problem was resolved with firmware 1.05b73 and not v1.08.

I recommend that you phone contact your regional D-Link support office and inquired about Open DNS.

Let us know if you find out anything.

[vkfk]

What exactly has OpenDNS to do with my OpenVPN and what should I inquire regional D-Link support about ?

My problem with Wi-Fi in previous firmware versions (prior b92) was never resolved. I now upgraded to v.1.08 and got myself into another trouble: OpenVPN.

[FurryNutz]

You need to phone contact them as they will be able to help you resolve this. I believe your issues are beyond forum help and needs to be reviewed at the support level. I recommend asking for level 2 or higher support.

Let us know how it goes.