Can't successfull get OpenVPN to run on DM800HD

DodgyTech

DodgyTech

VIP Member
VIP Member
Joined
Nov 17, 2004
Messages
2,634
Reaction score
68
I’ve recently tried to get my DM800HD clone to go behind a VPN. I started by reading around on the internet and stumbled upon the use of OpenVPN. After some digging around, I found that my existing VPN provider already provides *.ovpn files, so I got to work with some guides I found online.

FYI, I have tested my connection to my VPN and can confirm that it is active and working through other devices.

What I did:
1. I installed openvpn onto my box using the following command which was successful: opkg install openvpn
2. I then created my files as per the guides (the method the guide mentioned didn’t connect at all, I had to go by one of the comments which seemed to give back no login error)
a. Created a *.crt file using the info in the *.ovpn file which included and was between the <ca></ca> tags
b. Created a login.txt file which contains only 2 lines
i. Username
ii. Password​
c. Created a *.conf file which contained all of the following (server address masked):
Code: 
You don't have permission to view the code content. Log in or register now.
3. put all the above files into /etc/openvpn
4. Opened up a telnet connection via putty (also tried via DCC but same outcome)
5. Executed the following command to start open vpn with the config files: /etc/init.d/openvpn start
6. Observed the following message (uk is the name of the *.conf file): Starting openvpn: uk.
7. Waited a while
8. Ran the following command to see if my IP address was that of the VPN server: wget -q -O - SerdIT Consulting | IP and Proxy test tool. | grep "IP address is"
a. I got a result back which showed that my IP address hadn’t changed​

Questions:
1. How can I see what is happening at step 5 when I executed the openvpn program?​

Btw:
1. I don’t like the shell on my dreambox, can I upgrade it?
2. Would I need better specs on my box to support a better shell?​

Thanks in advance all
 
So I've been doing some investigation and I've found the following:

1. The VPN provider said that my set up was correct
2. When I run openvpn, I cannot run any further network commands as they all end up as "State D" processes which require a box reboot to kill

I have a feeling that my box requires a pre-requisite step for it to run VPN successfully. The box has a very primitive Linux kernel running on it so I can't even run some of the stuff I find on the internet to try and fix ths issue.

Are there any linux experts on here that can help?

My distro is: Linux version 2.6.18-7.4-dm800 (gertjan@ds9) (gcc version 4.4.4 (GCC) ) #1 Fri Jan 18 22:00:51 CET 2013

Can anyone help? I've been trying to set up a linux virtual machine on my computer to try and investigate this but it's proving harder than normal :mad:

This is something which I feel should be getting more responses as this is all about protecting yourself from being seen by the outside world ;)
 
Update:

Used a virtual machine to run a linux distro and installed openvpn. Whacked in the same files i used in the DM box and although the command prompt didn't return, I opened another terminal and checked the IP address and viola it worked!!

So now that I know that it works through my network using linux and openvpn, I have to find out why it's not working through the DM box and why all network operations after running Openvpn on the DM box end up as "D" state processes

Can anyone help?
 
After I spoke to the VPn provider and fixed my files, I get the following logs and the box no longer works with any further network commands (as explained in my previous post above). IP address has been masked with XXs:

Wed Nov 26 22:06:43 2014 OpenVPN 2.1.0 mipsel-oe-linux [SSL] [LZO1] [EPOLL] built on Jun 5 2013
Wed Nov 26 22:06:43 2014 WARNING: file '/etc/openvpn/login.txt' is group or others accessible
Wed Nov 26 22:06:43 2014 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Nov 26 22:06:43 2014 LZO compression initialized
Wed Nov 26 22:06:43 2014 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Nov 26 22:06:44 2014 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Nov 26 22:06:44 2014 Local Options hash (VER=V4): '41690919'
Wed Nov 26 22:06:44 2014 Expected Remote Options hash (VER=V4): '530fdded'
Wed Nov 26 22:06:44 2014 UDPv4 link local: [undef]
Wed Nov 26 22:06:44 2014 UDPv4 link remote: XX.XX.XX.XX:443
Wed Nov 26 22:06:44 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Nov 26 22:06:44 2014 VERIFY OK: depth=1, /C=GB/ST=LN/L=London/O=vpnsvc/OU=vpnsvc/CN=vpnsvc.com/name=vpnsvc/[email protected]
Wed Nov 26 22:06:44 2014 VERIFY OK: nsCertType=SERVER
Wed Nov 26 22:06:44 2014 VERIFY OK: depth=0, /C=GB/ST=LN/L=London/O=vpnsvc/OU=vpnsvc/CN=vpnsvc/name=vpnsvc/[email protected]
Wed Nov 26 22:06:48 2014 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 26 22:06:48 2014 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 26 22:06:48 2014 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 26 22:06:48 2014 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 26 22:06:48 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Nov 26 22:06:48 2014 [vpnsvc] Peer Connection Initiated with XX.XX.XX.XX:443
 
have you solved this problem, I faced the same problem.:Bounce:
 
lancedwz said:
have you solved this problem, I faced the same problem.:Bounce:
Click to expand...

No mate. No replies :(

What I decided to try was to open the program in a text editor and run the following 2 commands manually:

Code: 
You don't have permission to view the code content. Log in or register now.

before i filled in the second command, it looked like the following:
Code: 
You don't have permission to view the code content. Log in or register now.

When I ran the second command, i still got the command ending up running as a zombie "state d" process and all other network commands ended up running as inactive "state d" processes which I can't kill without rebooting the box. Where I can connect via putty and ftp to the box via its hostname, those connections from my windows machine drop off and i cannot connect using the hostname anymore; i have to connect using the physical IP address of the box instead.

I have a feeling that the command requires some final connection handshaking to finish such as vpn tunneling to successfully connect to the vpn server.

As explained before, this has worked through a unix virtual machine I've ran on my PC.

Is is possible to upgrade the unix OS on my DM800HD? That could fix the issue I reckon
 
If it helps anyone, this is what the program looks like; the interesting part to really note is what happens inside "start_vpn":

Code: 
You don't have permission to view the code content. Log in or register now.
 
I have a suspicion that I am missing the tun.ko module. From reading around on the net, I may need to compile this module. Although, the last time I tried a "make" command, it didn't work. could be that the symlink to make.sh isn't available.

I'll have a mess around and report back for anyone who's interested ;)
 
Pimped said:
I have a suspicion that I am missing the tun.ko module. From reading around on the net, I may need to compile this module. Although, the last time I tried a "make" command, it didn't work. could be that the symlink to make.sh isn't available.

I'll have a mess around and report back for anyone who's interested ;)
Click to expand...

Did you ever get this working please?? :)
 
11ben11 said:
Did you ever get this working please?? :)
Click to expand...

No unfortunately, I gave up as I didn't get any support anywhere I looked :(

It would be good if someone could take this forward as it would help keep everyone shielded from the outside world...
 
thanks,but its really hard to follow what you as saying

- - - Updated - - -

could you upload the files: ca.crt, myvpn.conf, myvpn.crt, and myvpn.key

- - - Updated - - -

so that I can upload to etc/openvpn
 
You must log in or register to reply here.

Similar threads

O
    • Like
Millions of Netflix subscribers to get free upgrade that improves streaming
Replies
2
Views
501
Ferret
Ferret
alimac
    • Like
Get a free premium open source vpn
Replies
2
Views
350
alimac
alimac
Arthur Daley
    • Like
VPN Decided to upgrade my VPN speed.
Replies
3
Views
725
Arthur Daley
Arthur Daley
lagigolo
Amazon Fire TV Firetv how to sideload
Replies
5
Views
675
Ferret
Ferret
B
Recover dat on 1tb seagate Drive?
Replies
12
Views
581
Kryton
Kryton
Back
Top