OpenVPN routing problem on N900
 

I have OpenVPN installed and working on tomato flashed router using a static key and tap. I'm using a win xp laptop successfully with this setup.

I wanted to try and get the N900 to work with it as well. It installed OpenVPN and the applet fine. When I run the test, it all looks good. When I connect, it looks good too except the routing through the vpn doesn't work. I am not familiar enough with this stuff to understand why though.

Here is the config:
Here is the test output:

Any help is greatly appreciated.

- Greg

Re: OpenVPN routing problem on N900
 

>Mon Dec 21 11:09:52 2009 NOTE: unable to redirect default gateway -- Cannot read current default gateway from system

redirect-gateway doesn't work when cellular (3g/gprs) connection is used. Reason is stated in above error message

Re: OpenVPN routing problem on N900
 

Is this a software limitation? Any way around it? I'm posting this on my computer that is using the N900 as a modem on GSM through a VPN to our work without any issues.

Re: OpenVPN routing problem on N900
 

It is because how network interfaces are setup on N900, so you could say it's a software limitation.

There may be workaround for it, see http://talk.maemo.org/showthread.php...hlight=openvpn (actually these threads should be merged)

Re: OpenVPN routing problem on N900
 

Workaround (script) found here works just fine:
https://bugs.maemo.org/show_bug.cgi?id=7596#c9

- Copied the script to /etc/openvpn
- Added
to my openvpn config file and all traffic was tunneled (tested with Wireshark). BTW, there is one last thing I had to do in order to get DNS resolution, I had to add
Where 192.168.0.254 is the address of my router at home to either /var/run/resolv.conf.gprs or /var/run/resolv.conf.wlan0 depending of the connection.

To automate that process I simply added the following to the workaround script found up there:
As a side note here are the special options I have enabled in my openvpn config:

:) I now have OpenVPN working on both Wifi and Gprs with full internet traffic routed through the tunnel... cool!

Re: OpenVPN routing problem on N900
 

Just checking that you guys know what the "redirect-gateway" option does?

It replaces the default gateway on the client/device and makes *all* your network traffic from the client/device go via the (slow) VPN.

So if you are just using a VPN to allow access to machines on a private LAN then you probably don't want it.

Re: OpenVPN routing problem on N900
 

Yep.. that was the intended purpose especially when browsing the web from untrusted locations such as public WiFi hot spots.

As a side note, if you use password protected certificates you will have to add to the OpenVPN config file in order to get prompted for your password by OpenVPN-gui applet (very convenient).

Alphazo

Re: OpenVPN routing problem on N900
 

I added to the openvpn client config file the following 3 lines:

script-security 2
up /etc/openvpn/maemo-update-resolvconf
down /etc/openvpn/maemo-update-resolvconf

The script maemo-update-resolvconf existed already.
This works for me very fine with wlan and gprs/umts.

Cheers

mr.zoom

Re: OpenVPN routing problem on N900
 

What does this addition do?

Thanks

Re: OpenVPN routing problem on N900
 

Hi Dave

• script-security 2 # sets the security settings that you can run external scripts
• up /etc/openvpn/maemo-update-resolvconf # runs the script maemo-update-resolvconf if your vpn connection is up
• down /etc/openvpn/maemo-update-resolvconf # runs the script maemo-update-resolvconf if your vpn connection is down

The maemo-update-resolvconf script existed on my phone already after the installation of openvpn on my phone. The script takes the dns settings from your openvpn environment and writes it in your /etc/resolv.conf if the connection is up. If you disconnect it wirtes the orginal settings to the /etc/resolv.conf.

Cheers

mr.zoom

Re: OpenVPN routing problem on N900
 

I have very little understanding of this stuff. Security is not my concern but just wanted to use OpevVPN to hide my IP when connected with t-mobile 3G by tunneling through my own network at home. ToR is way too slow (to Germany and back) and does not let me use DialCentral for Google voice. (httpS://www.google.com/voice/m not accessible)

So, I bought a newly released Cisco RV 120W to set up VPN on my home network and use OpenVPN or OpenSSH. Cisco documentation says it can work with OpenVPN but I have no clue on how to set up the whole thing, generating a self-signed certificate, get config. files, etc. I spent hours with Cisco tech support to no avail.

Am I in over my head? Should I just forget about the whole thing? Can anybody help?

Re: OpenVPN routing problem on N900
 

Check the documentantion and/or forums for your router.

I upgraded my Linksys to DD-WRT and found a really helpful how-to guide on OpenVPN in the DD-WRT wiki.

With the information in this thread, it wasn't too difficult to create a second configuration that routes all traffic through the VPN.

Re: OpenVPN routing problem on N900
 

In June 2010 I downloaded the current version of OpenVPN for the N900 and it seems I have no trouble connecting to the VPN over both WiFi and EDGE... haven't tried 3G yet... it shouldn't make a difference though. This worked without making any of the above stated changes.

Did this issue somehow get fixed?

Re: OpenVPN routing problem on N900
 

It appears my last message was not correct... it seems I ran into a fluke (random scenario) when it actually worked over EDGE without changes being made... I guess I'll have to actually look into the above instructions...

I see several different sets of instruction here for making OpevVPN work over EDGE/GPRS, can someone please indicate the best/most reliable method?

Thank you

Re: OpenVPN routing problem on N900
 

As far as I know, there are no special requirements for using openvpn over GPRS/Edge/3G. The hacks in this thread apply to routing all traffic over the vpn while using these types of connection.

Is that what you are trying to do? What else is in your configuration?

Re: OpenVPN routing problem on N900
 

guys i installed and everything is finethen imported this hideipvpnuk and i m also connected but when i try to open facebook it doesn t work.

p s I m in china

Re: OpenVPN routing problem on N900
 

How to generate the VPN file?

can I connect to my website storage. (on DreamHost)
using VPN?

Is it good to use VPN or SSH to map network drives on N900?

Thank you

Re: OpenVPN routing problem on N900
 

This doesn't work for me.

I followed the guide on Evertdekker.com and I am able to establish a connection to my local network via the external gprs connection.

However I need traffic routing for my sip accounts used on n900. I added the three lins to the client config, but it didn't work. Are there any other changes needed?

Re: OpenVPN routing problem on N900
 

Thanks guys this thread was really useful, as I was struggling to connect to my office intra via openvpn client.
Also I noticed a slight problem - while being connected to the intra n/w via the ovpnclient my battery drained off and the phone got switched off. On restart the normal internet connection via 3g started to fail, though it shows connected there ws no data transfer. After much googling the culprit was the resolv.conf file to which the "nameserver 127.0.0.1 " was overwritten but was not restored as the phone got off abruptly.
Any workaround to prevent this? Also will such a situation affect any other service due to the above mentioned configurations.

I have enabled all the scripts mentioned in the thread.


Thanks again.