Results 1 to 5 of 5

Thread: Netgear DG834PN + OpenVPN + Android...

  1. #1
    cat /dev/null streetster's Avatar
    Join Date
    Jul 2003
    Location
    London
    Posts
    4,138
    Thanks
    119
    Thanked
    100 times in 82 posts
    • streetster's system
      • Motherboard:
      • Asus P7P55D-E
      • CPU:
      • Intel i5 750 2.67 @ 4.0Ghz
      • Memory:
      • 4GB Corsair XMS DDR3
      • Storage:
      • 2x1TB Drives [RAID0]
      • Graphics card(s):
      • 2xSapphire HD 4870 512MB CrossFireX
      • PSU:
      • Corsair HX520W
      • Case:
      • Coolermaster Black Widow
      • Operating System:
      • Windows 7 x64
      • Monitor(s):
      • DELL U2311
      • Internet:
      • Virgin 50Mb

    Netgear DG834PN + OpenVPN + Android...

    ... I think my head is going to implode.

    Is this possible?

    I've got the DGTeam firmware installed which has an option to enable OpenVPN. Under android I need to install certificates and all sorts of jazz, which leads me to believe I need to also have these certificates/etc setup on my router.

    So... I've downloading/installed/ran the commands to generate the key/crt/etc files on my PC (dont have openssl, dont have ipkg to install it on the router). Copied them across to the router... used the default server.conf file that OpenVPN give you, tweaked the paths for the crt/key/etc files... Managed to install the client1 certificate on my phone, so now all that's left is the configuration of OpenVPN on my router.

    When I try to start I get nothing. I've enabled the logs, and the error I get is:
    Code:
    Mon Apr 11 20:45:33 2011 us=288327 OpenVPN 2.1.1 router
    Mon Apr 11 20:45:33 2011 us=568327 Diffie-Hellman initialized with 1024 bit key
    Mon Apr 11 20:45:33 2011 us=598327 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Mon Apr 11 20:45:33 2011 us=603327 TUN/TAP device tun0 opened
    Mon Apr 11 20:45:33 2011 us=603327 TUN/TAP TX queue length set to 100
    Mon Apr 11 20:45:33 2011 us=603327 /sbin tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
    Mon Apr 11 20:45:33 2011 us=613327 Linux ifconfig failed: could not execute external program
    Mon Apr 11 20:45:33 2011 us=613327 Exiting
    well the line '/sbin tun0' seems to be a bit of a hint... as it seems to want to run /sbin/ifconfig but fails miserably to do so.

    I am wondering if OpenVPN is trying to use 'which' in order to find ifconfig (which isnt installed, I dont have ipkg to install it, and I cant spot a MIPs version online {please point me at a repository if anyone knows!}).

    I was tempted to setup a symbolic link from /sbin to /sbin/ifconfig however I am thinking that is a terrible idea, and if OpenVPN wants to run anything else it will screw up.

    If I'm overcomplicating matters then please point me in the direction of something simpler... If it's possible to 'skip' the router and use a linux box to act as the OpenVPN server then this would work for me too, I just thought that as the router has OpenVPN:

    Code:
    # openvpn --version
    OpenVPN 2.1.1 router
    Originally developed by James Yonan
    Copyright (C) 2002-2009 OpenVPN Technologies, Inc. <sales@openvpn.net>
    .. it would make sense to use it.



    [e!]

    Ok, not much progress, but doesnt look like tun0 is going to work, but the router already has a tap0 which I've tried instead, openvpn still bombs out complaining that ifconfig failed, but if I run the command myself it comes back ok:

    Code:
    # openvpn --config /etc/openvpn.conf.new ; tail -f /tmp/openvpn.log
    Mon Apr 11 21:33:07 2011 us=345464 OpenVPN 2.1.1 router
    Mon Apr 11 21:33:07 2011 us=620464 Diffie-Hellman initialized with 1024 bit key
    Mon Apr 11 21:33:07 2011 us=645464 TLS-Auth MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Mon Apr 11 21:33:07 2011 us=650464 TUN/TAP device tap0 opened
    Mon Apr 11 21:33:07 2011 us=650464 TUN/TAP TX queue length set to 100
    Mon Apr 11 21:33:07 2011 us=650464 /sbin tap0 10.8.0.1 netmask 255.255.255.0 mtu 1500 broadcast 10.8.0.255
    Mon Apr 11 21:33:07 2011 us=660464 Linux ifconfig failed: could not execute external program
    Mon Apr 11 21:33:07 2011 us=660464 Exiting
    
    # /sbin/ifconfig tap0 10.8.0.1 netmask 255.255.255.0 mtu 1500 broadcast 10.8.0.255
    I'll keep struggling onwards...

    [e!!]

    Using the --ipconfig-noexec parameter it's not bombing out, not really working either, will do some more investigating, think I need to run a few ifconfig/route commands before I start.. but I have no idea what they are:

    Code:
    # openvpn --config /etc/openvpn.conf.new --ifconfig-noexec --daemon; tail -f /tmp/openvpn.log
    Mon Apr 11 21:45:07 2011 us=725268 TLS-Auth MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Mon Apr 11 21:45:07 2011 us=725268 TUN/TAP device tap0 opened
    Mon Apr 11 21:45:07 2011 us=725268 TUN/TAP TX queue length set to 100
    Mon Apr 11 21:45:07 2011 us=730268 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
    Mon Apr 11 21:45:07 2011 us=735268 GID set to nobody
    Mon Apr 11 21:45:07 2011 us=735268 UID set to nobody
    Mon Apr 11 21:45:07 2011 us=735268 Socket Buffers: R=[32767->65534] S=[32767->65534]
    Mon Apr 11 21:45:07 2011 us=735268 MULTI: multi_init called, r=256 v=256
    Mon Apr 11 21:45:07 2011 us=740268 IFCONFIG POOL: base=10.8.0.2 size=253
    Mon Apr 11 21:45:07 2011 us=740268 Initialization Sequence Completed
    Last edited by streetster; 11-04-2011 at 10:46 PM.

  2. #2
    cat /dev/null streetster's Avatar
    Join Date
    Jul 2003
    Location
    London
    Posts
    4,138
    Thanks
    119
    Thanked
    100 times in 82 posts
    • streetster's system
      • Motherboard:
      • Asus P7P55D-E
      • CPU:
      • Intel i5 750 2.67 @ 4.0Ghz
      • Memory:
      • 4GB Corsair XMS DDR3
      • Storage:
      • 2x1TB Drives [RAID0]
      • Graphics card(s):
      • 2xSapphire HD 4870 512MB CrossFireX
      • PSU:
      • Corsair HX520W
      • Case:
      • Coolermaster Black Widow
      • Operating System:
      • Windows 7 x64
      • Monitor(s):
      • DELL U2311
      • Internet:
      • Virgin 50Mb

    Re: Netgear DG834PN + OpenVPN + Android...

    Well... looks like the built-in OpenVPN that requires certificates and everything is just too much for my router to handle...

    So, using the pre-shared key (secret.key) method + OpenVPN off the market + a bit of help I've got there!

    Server Config [/etc/openvpn.conf]:
    Code:
    port 1194
    proto udp
    comp-lzo
    secret /tmp/etc/ssh/openvpn.key
    cipher DES-EDE3-CBC
    tun-mtu 1458
    keepalive 14400 86400
    dev tap0
    daemon
    persist-tun
    persist-key
    script-security 2
    verb 1
    mute 10
    mute-replay-warnings
    Client Config [/sdcard/openvpn/openvpn.conf]:
    Code:
    remote my-server-name-here.dyndns.org
    port 1194
    dev tap0
    secret /sdcard/openvpn/secret.key
    proto udp
    comp-lzo 
    cipher DES-EDE3-CBC
    verb 5
    log /sdcard/openvpn.log
    script-security 2
    Once it's connected tap0 doesnt come up properly so firing up the terminal and doing:
    Code:
     $ su
     # ifconfig tap0 192.168.1.95 broadcast 192.168.1.1 netmask 255.255.255.0
    means I can now access my LAN on my phone.

    Simple eh?

    Hopefully I can work out a way to skip having to run ifconfig, or will just stick it in a script to run when the connection is up.
    Last edited by streetster; 13-04-2011 at 11:22 AM.

  3. #3
    Senior Member
    Join Date
    Sep 2009
    Location
    Scotland
    Posts
    415
    Thanks
    10
    Thanked
    56 times in 41 posts
    • dirky's system
      • Motherboard:
      • ASUS Sabertooth
      • CPU:
      • AMD FX8350
      • Memory:
      • 2x8GB Corsair Vengeance
      • Storage:
      • 256GB 840 PRO, 1TB WD BLACK
      • Graphics card(s):
      • 7970 MATRIX PLAT.
      • PSU:
      • Corsair HX650
      • Case:
      • Antec P183
      • Operating System:
      • Windows 7 x64 Professional
      • Monitor(s):
      • Dell U2412M

    Re: Netgear DG834PN + OpenVPN + Android...

    Mon Apr 11 21:33:07 2011 us=650464 /sbin tap0 10.8.0.1 netmask 255.255.255.0 mtu 1500 broadcast 10.8.0.255

    that looks wrong, it should be /sbin/ifconfig tap0 xxxx

    Edit: doh 2nd post

    edit2: add 'daemon' into the client.conf

    also disable the logging (verb5), otherwise it will nack your sdcard

  4. #4
    Senior Member
    Join Date
    Sep 2009
    Location
    Scotland
    Posts
    415
    Thanks
    10
    Thanked
    56 times in 41 posts
    • dirky's system
      • Motherboard:
      • ASUS Sabertooth
      • CPU:
      • AMD FX8350
      • Memory:
      • 2x8GB Corsair Vengeance
      • Storage:
      • 256GB 840 PRO, 1TB WD BLACK
      • Graphics card(s):
      • 7970 MATRIX PLAT.
      • PSU:
      • Corsair HX650
      • Case:
      • Antec P183
      • Operating System:
      • Windows 7 x64 Professional
      • Monitor(s):
      • Dell U2412M

    Re: Netgear DG834PN + OpenVPN + Android...

    I've only really used it on the command line for and supply the ifconfig lines like:

    openvpn --port 1195 --remote 1.1.1.1 --dev tun --ifconfig 10.1.1.1 10.1.1.1.2 --daemon --secret psk.key

    dunno if that helps

  5. #5
    cat /dev/null streetster's Avatar
    Join Date
    Jul 2003
    Location
    London
    Posts
    4,138
    Thanks
    119
    Thanked
    100 times in 82 posts
    • streetster's system
      • Motherboard:
      • Asus P7P55D-E
      • CPU:
      • Intel i5 750 2.67 @ 4.0Ghz
      • Memory:
      • 4GB Corsair XMS DDR3
      • Storage:
      • 2x1TB Drives [RAID0]
      • Graphics card(s):
      • 2xSapphire HD 4870 512MB CrossFireX
      • PSU:
      • Corsair HX520W
      • Case:
      • Coolermaster Black Widow
      • Operating System:
      • Windows 7 x64
      • Monitor(s):
      • DELL U2311
      • Internet:
      • Virgin 50Mb

    Re: Netgear DG834PN + OpenVPN + Android...

    The logging was there to help me work out what is going on, but yeh once I'm entirely happy I'll remove that line...

    found an app called 'gscript' which lets me create a shortcut to a script... if I just create a simple shell script and execute it via the terminal I get 'permission denied' despite the file being executable and me being root. very odd.

    the trouble with tun is that my router has the tap0 device setup already, and my efforts to use tun failed miserably (1st post in the thread).. switching to tap has made things much easier.

    [e!] I was still having issues - looks like I was using toolbox rather than busybox ifconfig, so have made a change similar to here... and after a reboot it's working...

    1. Open OpenVPN, enable, and start tunel [sic]
    2. run gScript to set ifconfig
    3. done!
    Last edited by streetster; 15-04-2011 at 10:41 AM.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Netgear DG834PN and PS3 controller interference
    By adam1701 in forum Networking and Broadband
    Replies: 9
    Last Post: 09-07-2010, 03:44 AM
  2. sKy Broadband - Their Router + My Router
    By EvilMunky in forum Networking and Broadband
    Replies: 4
    Last Post: 20-09-2007, 12:26 PM
  3. Netgear DG834PN & Free USB Dongle - £79.99 (inc Delivery)
    By rajindergill in forum Retail Therapy and Bargains
    Replies: 3
    Last Post: 03-07-2006, 12:48 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •