Hello,

I have a router as server and I have an account hostname with dynamic DNS.

I created from kde network manager the VPN connection.
At gateway I added my hostname.
At optional settings , gateway port ,I added the port I have on the router for openvpn.I also configured router for the hostname account.


I can connect to vpn but I don't have internet access.

The route -n after connecting to vpn:

Code: Select all

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 wlan0
79...........   192.168.1.254   255.255.255.255 UGH   0      0        0 wlan0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 tap0
192.168.1.0     0.0.0.0         255.255.255.0   U     9      0        0 wlan0
192.168.1.2     127.0.0.1       255.255.255.255 UGH   303    0        0 lo
192.168.1.134   127.0.0.1       255.255.255.255 UGH   303    0        0 lo

Where 79.... is my correct external ip.

Any ideas please?

Thank you!

The OpenVPN connection as shown there, in that routing table, has been configured to not route all traffic over the VPN. It will only route traffic local to that network over the VPN, in this case - all systems in 192.168.1.0/24. All access to other networks is still being performed via the system default route, which is using your wireless connection.

On the "IPv4 Address" tab of the settings for this VPN connection, select "Routes" from the dropdown, and ensure that "Use only for resources on this connection" is not ticked.

Ok, I managed to make it work (I don't remember what I did) .

But the problem is that the IP doesn't change,it remains the same as for the network I am using to connect.
Any ideas about that?


PS: If I don't tick the "Use only for resources on this connection" , I have no internet access.It shows connected to vpn though.
Thanks!

Please post the output of "ip addr" when connected to the VPN.

Code: Select all

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 7c:.....fd brd f....:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    link/ether 24:.....d2 brd ff......:ff
    inet 192.168.1.2/24 brd 192.168.1.255 scope global wlan0
       valid_lft forever preferred_lft forever
    inet6 fe80.....d2/64 scope link
       valid_lft forever preferred_lft forever
4: tap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100
    link/ether c2:.......0 brd f....f
    inet 192.168.1.200/24 brd 192.168.1.255 scope global tap0
       valid_lft forever preferred_lft forever
    inet6 fe8.....9b0/64 scope link
       valid_lft forever preferred_lft forever

-----_EDIT------------------------

I noticed 2 things.

1) My internet connection (while connected to vpn) goes off after 30-60seconds!

2) The IP is changing only if I don't check the "Use only this connection.." as you said (but still internet goes off after few seconds)

From routers log:

Code: Select all

 OpenWrt daemon.err openvpn(lan)[26908]: read UDPv4 [EHOSTUNREACH]: No route to host (code=148)

Why is that? (the signal is ok)

Thanks

EDIT

I don't know what I did but now i am connected to VPN but have no internet access.
If I check the "Use only this connection.." ,then I have access but vpn doesn't seem to work because I saw traceroute and it doesn't have any difference before vpn and after.

Τhe routers address is 192.168.1.1

route -n (before VPN):

Code: Select all

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 wlan0
192.168.1.0     0.0.0.0         255.255.255.0   U     9      0        0 wlan0
192.168.1.2     127.0.0.1       255.255.255.255 UGH   303    0        0 lo
192.168.1.134   127.0.0.1       255.255.255.255 UGH   303    0        0 lo

route -n (after VPN):

Code: Select all

 Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.10.10.1      0.0.0.0         UG    0      0        0 tap0
10.10.10.0      0.0.0.0         255.255.255.0   U     0      0        0 tap0
4................   192.168.1.254   255.255.255.255 UGH   0      0        0 wlan0
192.168.1.0     0.0.0.0         255.255.255.0   U     9      0        0 wlan0
192.168.1.2     127.0.0.1       255.255.255.255 UGH   302    0        0 lo
192.168.1.134   127.0.0.1       255.255.255.255 UGH   302    0        0 lo
192.168.1.135   127.0.0.1       255.255.255.255 UGH   302    0        0 lo

My router is at 192.168.1.1.


/etc/config/openvpn

Code: Select all

config 'openvpn' 'lan'
   option 'enable' '1'
   option 'port' '1194'
   option 'proto' 'udp'
   option 'dev' 'tap0'
   option 'ca' '/etc/openvpn/ca.crt'
   option 'cert' '/etc/openvpn/server.crt'
   option 'key' '/etc/openvpn/server.key'
   option 'dh' '/etc/openvpn/dh1024.pem'
   option 'ifconfig_pool_persist' '/tmp/ipp.txt'
   option 'keepalive' '10 120'
   option 'comp_lzo' '1'
   option 'persist_key' '1'
   list 'push' 'dhcp-option DNS 192.168.1.1'
   option 'server_bridge' '10.10.10.1 255.255.255.0 10.10.10.2 10.10.10.10'

/etc/config/firewall

Code: Select all

config  'rule'
    option 'target' 'ACCEPT'
    option 'dest_port' '1194'
    option 'src' 'wan'
    option 'proto' 'tcpudp'
    option 'family' 'ipv4'

The change you have made in this case has been to put OpenVPN in a different subnet, in this case 10.10.10.0/24. Previously your primary network and OpenVPN were operating in the same subnet, 192.168.1.0/24 - which was causing routing conflicts I suspect.

From what I can tell, this might actually be a OpenWRT configuration issue now - can you try some traceroute's to local network and internet based systems both with and without the VPN connection being active?

Connected to my friends wifi (before vpn):

traceroute 192.168.1.151

Code: Select all

traceroute to 192.168.1.151 (192.168.1.151), 30 hops max, 60 byte packets
 1  work-pc (192.168.1.2)  3004.870 ms !H  3004.833 ms !H  3004.828 ms !H

1.151 is my other pc

traceroute google.com

Code: Select all

traceroute to google.com (62.169.193.24), 30 hops max, 60 byte packets
 1  192.168.1.254 (192.168.1.254)  4.043 ms  9.689 ms  11.618 ms
 2  62.....85 (62......85)  28.463 ms  30.931 ms  30.933 ms
 3  62.....69 (62......69)  33.403 ms  34.150 ms  34.151 ms
 4  62......81 (62......81)  46.319 ms  47.049 ms  49.271 ms
 5  62.......170 (62......170)  50.091 ms  53.602 ms  53.626 ms
 6  * * *

Connected to VPN:

traceroute 192.168.1.151

Code: Select all

traceroute to 192.168.1.151 (192.168.1.151), 30 hops max, 60 byte packets
 1  work-pc (192.168.1.2)  3005.802 ms !H  3005.775 ms !H  3005.772 ms !H


traceroute google.com

Code: Select all

traceroute to google.com (62.169.193.39), 30 hops max, 60 byte packets
 1  10.10.10.2 (10.10.10.2)  26.174 ms !H  26.164 ms !H  26.159 ms !H


Connected to VPN (if I check "Use only resources on this connection") :
It is exactly the same as before VPN except the last digits.(of course google.com is different).

traceroute google.com

Code: Select all

traceroute to google.com (62.169.193.39), 30 hops max, 60 byte packets
 1  192.168.1.254 (192.168.1.254)  4.421 ms  5.965 ms  5.974 ms                                                                       
 2  62......85 (62.......85)  26.596 ms  30.145 ms  35.263 ms                                                                   
 3  62......6 (62......6)  35.277 ms  38.293 ms  38.301 ms                                                                     
 4  62.......97 (62......97)  43.223 ms  43.231 ms  43.768 ms                                                                   
 5  62......174 (62.......174)  84.127 ms  85.489 ms  86.368 ms                                                                 
 6  *

In my /etc/config/network :

Code: Select all

config interface 'loopback'
   option ifname 'lo'
   option proto 'static'
   option ipaddr '127.0.0.1'
   option netmask '255.0.0.0'

config interface 'lan'
   option type 'bridge'
   option proto 'static'
   option ipaddr '192.168.1.1'
   option netmask '255.255.255.0'
   option _orig_ifname 'eth0.1 radio0.network1 radio1.network1'
   option _orig_bridge 'true'
   option ifname 'eth0.1 tap0'


I remind you that it still shows:

Code: Select all

OpenWrt daemon.err openvpn(lan)[26908]: read UDPv4 [EHOSTUNREACH]: No route to host (code=148)

Also,

while i am connected to vpn ,i can ping
192.168.1.1 (router)
10.10.10.2 (tap0 interface)

I can't ping 10.10.10.1

Okay, that indicates that while the VPN is connecting successfully, it is unable to route any traffic. This means you have a configuration fault on the OpenWRT / OpenVPN Daemon side - as 10.10.10.1 should be pingable, regardless of how that option is checked.

I would suggest asking on the OpenWRT forums for more assistance, as they're more likely to be familiar with how to set it up properly.

Ok,thank you