Source is available at the Git repository.
Be sure to read the COPYING file if you plan to use/distribute the sources.
Direct links:Notable changes from 1.23vpn3.2
- Moved to Tomato 1.25 baseline
- AES cipher available! (Thanks fyellin!)
- GUI option for redirecting internet traffic over tunnel
- Options available for client and for server
- GUI option to push DNS directives to clients
- GUI option for client to accept DNS options from server
- OpenVPN upgraded to 2.1rc16
- Various code cleanups/improvements
just upgraded my two routers at server and client sides. Redirect Internet traffic works wonderfully.
ReplyDeleteThx!
ReplyDeleteCant wait to get home and give this a shot,one question is there anything out there for WAP's? other than the flakey DDWRT firwares thanks.
ReplyDeletewhich one should I DL the "ND" or non "ND" thanks
ReplyDelete@madneon:
ReplyDeleteI'm not sure what's out there for simple access points. You'll have to do some searching for your particular model.
To determine if you can run the ND (updated broadcom wireless driver) version, see this thread at the forums
I can't start the VPN service, my first time on this firmware.
ReplyDeleteCan someone give me a suggestion?
Here is what I found on log file.
Jun 8 11:32:06 router user.info kernel: device tun21 entered promiscuous mode
Jun 8 11:32:07 router daemon.notice openvpn[21484]: OpenVPN 2.1_rc15 mipsel-unknown-linux-gnu [SSL] [LZO2] built on May 31 2009
Jun 8 11:32:07 router daemon.warn openvpn[21484]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Jun 8 11:32:07 router daemon.err openvpn[21484]: Cannot load DH parameters from dh.pem: error:0906D06C:PEM routines:PEM_read_bio:no start line
Jun 8 11:32:07 router daemon.notice openvpn[21484]: Exiting
Jun 8 11:32:07 router user.info init[1]: VPN_LOG_ERROR: 719: Starting VPN instance failed...
@ZeroCoolZ:
ReplyDeleteLooks like you haven't filled in all the fields in the Keys tab.
If you continue to have trouble please post to the forums (link in the header block).
Could please anyone confirm if this firmware has USB support? I need it for my wl-500gP v2.
ReplyDelete@thezerox:
ReplyDeleteIt does not have USB support. However, there are builds that include my changes plus USB support. For instance, see here.
I'm having DHCP problems with this build. I was having no such problems with 1.23. The error is this from the logs:
ReplyDeleteudhcpc[295]: Sending renew...
udhcpc[295]: Lease lost, entering init state
udhcpc[295]: Sending discover...
udhcpc[295]: Sending select for xx.xxx.xxx.xxx...
udhcpc[295]: Sending select for ...
udhcpc[295]: Sending select for ...
udhcpc[295]: Sending discover...
udhcpc[295]: Sending discover...
The router never gets an IP. My ISP is Charter.
I have a bug report. If you disable compression, it writes "comp-lzo no" into the config file. This seems to be incorrect, as compression comes on anyway. I think the comp-lzo line needs to be left off entirely if no compression is to be used.
ReplyDelete@Ryan:
ReplyDeleteNot according to the OpenVPN manual. The values can be "yes", "no", or "adaptive".
@Keith
ReplyDeleteIt looks like you're right. However, when I use the GUI to select the no option, in the config file it is "comp-lzo no", yet compression is still on. I've been playing with it, and there doesn't seem to be a way to get it to connect to a non-compression openvpn server. (If you try it connects but the packets never make it, probably because the client is compressing them and the server isn't decompressing, so the checksums fail horribly.) Even with comp-lzo no in the config, the /var/log/messages has a log line that indicates that the compression code is initializing and in use. The sample OpenVPN config file that comes with the package just uses "comp-lzo" with no option to turn it on, and comments out the line to turn it off. I'm wondering if the config parser doesn't do what it ought to and just turns on compression as soon as it sees comp-lzo?
@Ryan:
ReplyDeletecomp-lzo with no second parameter is the same as "comp-lzo adaptive". You might try that.
Here's something else to try:
1. Start the client
2. SSH/telnet to the router
3. Run "killall vpnclient1"
4. Edit /etc/openvpn/client1/config.ovpn to get rid of the comp-lzo line
5. Run "/etc/openvpn/vpnclient1 --cd /etc/openvpn/client1 --config config.ovpn"
6. See if everything works
This will just confirm whether this is really the problem.
Is it possible to turn on the SES led(s) when the tunnel is connectet or traffic is running ?
ReplyDelete@harry:
ReplyDeleteShould be. How you would accomplish it depends on if you're talking about the server or client, TLS or Static-Key, etc. Post to the forum and we should be able to figure something out.
Openvpn is still at rc15 version, though release notes say rc16?
ReplyDeleteSat Aug 1 17:00:25 2009 OpenVPN 2.1_rc15 mipsel-unknown-linux-gnu [SSL] [LZO2] built on May 31 2009
@Joost:
ReplyDeleteIt really is rc16. A string just didn't get updated. I'll make sure it reports itself correctly in the next release.
Can someone help me to map the following configuration file from an OpenVPN client Service provider to the menu options of TomatoVPN, and how to pass a userid and password. Thank you.
ReplyDeleteclient
dev tap
proto udp
remote nowvpn.net 443
redirect-gateway def1
resolv-retry infinite
nobind
persist-key
persist-tun
ca nowvpn_ca.crt
tls-auth nowvpn-ta.key 1
auth-user-pass
ns-cert-type server
tls-remote nowvpn_s
tls-cipher DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA
cupher BF-CBC
comp-lzo
verb 3
When used on slots, the playthrough requirement for this crypto deposit bonus is 30x, together with winnings from free spins, and 60x when used on desk games and video poker. You must make a deposit of at least of|no much less than} $30 to qualify for this on line casino bonus. Bonus cash does not routinely convert into real cash, meaning have the ability to|you possibly can}'t withdraw your winnings without assembly the wagering necessities first. Wagering necessities discuss with the amount of money required to thecasinosource.com bet before in a position to|with the flexibility to|having the flexibility to} convert your bonus cash into real money. Typically it'll vary between 20x to 50x of the bonus quantity and initial deposit.
ReplyDelete