Skip to content
Viscosity and OpenVPN on Tomato Firmware
Got a problem with Viscosity or need help? Ask here!
Hi all,
I've created a post on the Tomato Firmware board, but thought I'd ask here as well:
What I want to do is, when I bring up the VPN to tunnel all network traffic over the VPN connection to avoid snooping and blocking sites/apps.
I've installed the v1.23vpn2.0006 firmware and can connect from my client. I have the following setup so far:
On the router:
Interface: TUN
Proto: UDP
Port: 1194
Firewall: Auto
Auth: Static Key
Local/remote endpoint addresses: 10.99.88.1 10.99.88.101
Encryption cipher: Default
Compression: Enabled
[no custom config]
Static key: my 2048 bit OpenVPN static key
On the client: Viscosity Version 1.0.3 on OS X 10.5.6 running OpenVPN 2.0.9
I can connect, but can't do anything else. If I set the default route to 10.99.88.1 I get this in the connection log:
I've created a post on the Tomato Firmware board, but thought I'd ask here as well:
What I want to do is, when I bring up the VPN to tunnel all network traffic over the VPN connection to avoid snooping and blocking sites/apps.
I've installed the v1.23vpn2.0006 firmware and can connect from my client. I have the following setup so far:
On the router:
Interface: TUN
Proto: UDP
Port: 1194
Firewall: Auto
Auth: Static Key
Local/remote endpoint addresses: 10.99.88.1 10.99.88.101
Encryption cipher: Default
Compression: Enabled
[no custom config]
Static key: my 2048 bit OpenVPN static key
On the client: Viscosity Version 1.0.3 on OS X 10.5.6 running OpenVPN 2.0.9
I can connect, but can't do anything else. If I set the default route to 10.99.88.1 I get this in the connection log:
Code: Select all
Any ideas to get me started? I'd like to force all DNS through the VPN as well (no leakage).Wed Mar 4 21:59:22 2009: IMPORTANT: OpenVPN's default port number is now 1194
Wed Mar 4 21:59:22 2009: LZO compression initialized
Wed Mar 4 21:59:23 2009: gw 192.168.130.1
Wed Mar 4 21:59:23 2009: TUN/TAP device /dev/tun0 opened
Wed Mar 4 21:59:23 2009: UDPv4 link local: [undef]
Wed Mar 4 21:59:23 2009: UDPv4 link remote: **redacted**:1194
Wed Mar 4 21:59:40 2009: Peer Connection Initiated with **redacted**:1194
Wed Mar 4 21:59:40 2009: Initialization Sequence Completed
Hi Geoff,
Judging by your log you aren't being assigned an IP address. Normally when using a TUN based connection your OpenVPN server should be pushing out an IP address to Viscosity using the ifconfig command. For example, the following should appear in the Details window log (when using the default log level):
/sbin/ifconfig tun0 x.x.x.x y.y.y.y mtu 1500 netmask 255.255.255.255 up
To correct this you should get your server to push out an IP address, or you can specify one at Viscosity's end like so:
1. Open Viscosity and edit your connection
2. Click on the Advanced tab
3. Enter the following command on a new line. Replace x.x.x.x with the IP address you want, and y.y.y.y with the IP address of the server (e.g. ifconfig 10.8.0.2 10.8.0.1)
ifconfig x.x.x.x y.y.y.y
Also make sure you have given the OpenVPN server an IP address as well using the same technique (e.g. the server would have the opposite: ifconfig 10.8.0.1 10.8.0.2).
To secure your DNS you should specify a DNS server to use while connected to the VPN. This should be a DNS server accessible through the VPN (and not one on your local network). You can tell Viscosity to set this VPN server while connected like so:
1. Open Viscosity and edit your connection
2. Under the General tab make sure "Enable DNS support" is ticked
3. Click on the Advanced tab
4. Enter the following command on a new line. Replace x.x.x.x with the DNS server you want to use:
dhcp-option DNS x.x.x.x
5. Click Save and try connecting
Cheers,
James
Judging by your log you aren't being assigned an IP address. Normally when using a TUN based connection your OpenVPN server should be pushing out an IP address to Viscosity using the ifconfig command. For example, the following should appear in the Details window log (when using the default log level):
/sbin/ifconfig tun0 x.x.x.x y.y.y.y mtu 1500 netmask 255.255.255.255 up
To correct this you should get your server to push out an IP address, or you can specify one at Viscosity's end like so:
1. Open Viscosity and edit your connection
2. Click on the Advanced tab
3. Enter the following command on a new line. Replace x.x.x.x with the IP address you want, and y.y.y.y with the IP address of the server (e.g. ifconfig 10.8.0.2 10.8.0.1)
ifconfig x.x.x.x y.y.y.y
Also make sure you have given the OpenVPN server an IP address as well using the same technique (e.g. the server would have the opposite: ifconfig 10.8.0.1 10.8.0.2).
To secure your DNS you should specify a DNS server to use while connected to the VPN. This should be a DNS server accessible through the VPN (and not one on your local network). You can tell Viscosity to set this VPN server while connected like so:
1. Open Viscosity and edit your connection
2. Under the General tab make sure "Enable DNS support" is ticked
3. Click on the Advanced tab
4. Enter the following command on a new line. Replace x.x.x.x with the DNS server you want to use:
dhcp-option DNS x.x.x.x
5. Click Save and try connecting
Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
James,
I got things working by switching to TLS and generating the cert and keys. I basically used these Instructions:
http://www.ventanazul.com/webzine/artic ... u-and-hulu
And did everything from Xubuntu inside a VMWare Fusion machine.
Thanks again, and thanks for the great product!
-Geoff
I got things working by switching to TLS and generating the cert and keys. I basically used these Instructions:
http://www.ventanazul.com/webzine/artic ... u-and-hulu
And did everything from Xubuntu inside a VMWare Fusion machine.
Thanks again, and thanks for the great product!
-Geoff
3 posts
Page 1 of 1