OpenVPN on CentOS VS DD-WRT or OpenWRT

Wiki.TerraBase.info
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Environment(s): CentOS 7 and DD-WRT (late 2019 version on a Buffalo Tech WZR-600DHP Router) with OpenVPN version 2.4.7 on ALL devices.

The Problem

Well, there were multiple issues, but for the sake of focus let's deal with the routing issue.

Notes and the Solution

There are several websites that give examples for the ifconfig-push command in a "CCD" configuration file for clients that are similar to this: ifconfig-push WhatEverIPAddress1 WhatEverIPAddress2, example: ifconfig-push 192.168.100.11 192.168.100.1. This is not correct. The documentation notes: ifconfig-push WhatEverIPAddress "Subnet Mask of target subnet on server". A correct example: ifconfig-push 192.168.100.11 255.255.255.0.

One difference between the CentOS implementation / compilation and DD-WRT or OpenWRT is that a CentOS OpenVPN server defaults to a "subnet" type for the "topology" command. DD-WRT and OpenWRT default to "Point to Point". This can cause routing issues

The "client" command cannot be used in a "CCD" configuration file

Several websites make comments about various ways to have a client automatically reconnect with a server. Most of it is crap. Tested this and it works (on server): keepalive 5 15 AND ping-restart 5 The former command is sent as part of the client configuration and means ping server every 5 seconds and if you don't receive a reply for 15 seconds, then reconnect. Works great in conjunction with the ping-restart command as the keepalive command only seems to work for one repetition and the ping-restart command has it retry the keepalive command.

Retrieved from "https://wiki.terrabase.info/index.php?title=OpenVPN_on_CentOS_VS_DD-WRT_or_OpenWRT&oldid=155"