Difference between revisions of "OpenVPN on CentOS VS DD-WRT or OpenWRT"
(Created page with "Environment(s): CentOS 7 and DD-WRT (late 2019 version on a Buffalo Tech WZR-600DHP Router) with OpenVPN version 2.4.7 on ALL devices.") |
|||
Line 1: | Line 1: | ||
Environment(s): CentOS 7 and DD-WRT (late 2019 version on a Buffalo Tech WZR-600DHP Router) with OpenVPN version 2.4.7 on ALL devices. | Environment(s): CentOS 7 and DD-WRT (late 2019 version on a Buffalo Tech WZR-600DHP Router) with OpenVPN version 2.4.7 on ALL devices. | ||
=== The Problem === | |||
Well, there were multiple issues, but for the sake of focus let's deal with the routing issue. | |||
=== Notes and the Solution === | |||
There are several websites that give examples for the ifconfig-push command in a "CCD" configuration file for clients that are similar to this: ifconfig-push WhatEverIPAddress1 WhatEverIPAddress2, example: ifconfig-push 192.168.100.11 192.168.100.1. This is not correct. The documentation notes: ifconfig-push WhatEverIPAddress "Subnet Mask of target subnet on server". A correct example: ifconfig-push 192.168.100.11 255.255.255.0. | |||
One difference between the CentOS implementation / compilation and DD-WRT or OpenWRT is that a CentOS OpenVPN server defaults to a "subnet" type for the "topology" command. DD-WRT and OpenWRT default to "Point to Point". This can cause routing issues | |||
The "client" command cannot be used in a "CCD" configuration file | |||
Several websites make comments about various ways to have a client automatically reconnect with a server. Most of it is crap. Tested this and it works (on server): keepalive 5 15 This command is sent as part of the client configuration and means ping server every 5 seconds and if you don't receive a reply for 15 seconds, then reconnect. Works great. |
Revision as of 19:06, 2 January 2020
Environment(s): CentOS 7 and DD-WRT (late 2019 version on a Buffalo Tech WZR-600DHP Router) with OpenVPN version 2.4.7 on ALL devices.
The Problem
Well, there were multiple issues, but for the sake of focus let's deal with the routing issue.
Notes and the Solution
There are several websites that give examples for the ifconfig-push command in a "CCD" configuration file for clients that are similar to this: ifconfig-push WhatEverIPAddress1 WhatEverIPAddress2, example: ifconfig-push 192.168.100.11 192.168.100.1. This is not correct. The documentation notes: ifconfig-push WhatEverIPAddress "Subnet Mask of target subnet on server". A correct example: ifconfig-push 192.168.100.11 255.255.255.0.
One difference between the CentOS implementation / compilation and DD-WRT or OpenWRT is that a CentOS OpenVPN server defaults to a "subnet" type for the "topology" command. DD-WRT and OpenWRT default to "Point to Point". This can cause routing issues
The "client" command cannot be used in a "CCD" configuration file
Several websites make comments about various ways to have a client automatically reconnect with a server. Most of it is crap. Tested this and it works (on server): keepalive 5 15 This command is sent as part of the client configuration and means ping server every 5 seconds and if you don't receive a reply for 15 seconds, then reconnect. Works great.