OpenVPN Running, Not Connected

[ispyisail]

Code: Select all

config openvpn 'custom_config'
	option script_security '3'
	option up '/etc/openvpn.up'
	option down '/etc/openvpn.down'
	option enable '1'
	option config '/etc/openvpn/server.conf'

Code: Select all

config server 'server'
	option internal_ip '10.8.0.1'
	option internal_mask '255.255.255.0'
	option port '1194'
	option proto 'udp'
	option cipher 'BF-CBC'
	option keysize '128'
	option duplicate_cn 'false'
	option enabled 'true'
	option client_to_client 'true'
	option redirect_gateway 'false'
	option subnet_access 'true'
	option subnet_ip '192.168.1.0'
	option subnet_mask '255.255.255.0'

config client 'client'
	option enabled 'false'

config allowed_client 'lewtowork'
	option id 'lewtowork'
	option name 'LewToWork'
	option ip '10.8.0.2'
	option enabled 'true'
	option remote '203.109.xxx.xxx'

config allowed_client 'shanetowork'
	option id 'shanetowork'
	option name 'ShaneToWork'
	option ip '10.8.0.3'
	option enabled 'true'
	option remote '203.109.xxx.xxx'

config allowed_client 'brendatowork'
	option id 'brendatowork'
	option name 'BrendaToWork'
	option ip '10.8.0.4'
	option enabled 'true'
	option remote '203.109.xxx.xxx'

[ispyisail]

2013-03-27 20_43_42-Gargoyle Router Management Utility.png (53.38 KiB) Viewed 7394 times

[Alan_smithee]

Thnx that all looks good. Same content in my config.

Is it also possible to give me the data from

/etc/openvpn/current_status
/etc/openvpn/server.conf
?
Many thanks

[Robertf]

Alan,

Please let us know if you have any breakthroughs as I'm experiencing exactly the same issue.

Gargoyle 1.5.9 / Buffalo WZR-HP-G300NH

Pop up informs 5-10mins wait but goes immediately back to page with 'Running, Not Connected' displayed.

Trying to download credentials results in the same error message.

No sign of server.conf in /etc/openvpn/

[Alan_smithee]

just an update I think the answer might be found here
https://forum.openwrt.org/viewtopic.php?id=3680
Don't know for sure but I'll update this thread if I make any progress

[ispyisail]

Code: Select all

OpenVPN CLIENT LIST
Updated,Thu Mar 28 10:09:50 2013
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
shanetowork,27.252.xxx.xxx:56328,413364,457012,Wed Mar 27 05:30:45 2013
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
10.8.0.3,shanetowork,27.252.xxx.xxx:56328,Wed Mar 27 19:33:23 2013
GLOBAL STATS
Max bcast/mcast queue length,0
END

[ispyisail]

Code: Select all

mode                  server
port                  1194
proto                 udp
tls-server
ifconfig              10.8.0.1 255.255.255.0
topology              subnet
client-config-dir     /etc/openvpn/ccd
client-to-client




cipher                BF-CBC
keysize               128

dev                   tun
keepalive             25 180
status                /var/openvpn/current_status
verb                  3


dh                    /etc/openvpn/dh1024.pem
ca                    /etc/openvpn/ca.crt
cert                  /etc/openvpn/server.crt
key                   /etc/openvpn/server.key
tls-auth              /etc/openvpn/ta.key 0

persist-key
persist-tun
comp-lzo

push "route-gateway 10.8.0.1"

[Robertf]

Alan,

if you wait 14 days it'll work

I'll explain...

I traced the problem to the script that's called when the submit button is clicked. (/utility/run_commands.sh). This script aborts due to an error in the file that it calls (/usr/lib/gargoyle/openvpn.sh)

Around line 53 of this file is a section of code that was added to deal with a so called bug 2038... anyhow, within this section is year_day=$(date +%j). This populates the variable year_day with the current day of the year. this currently being 086. Here lies the problem. the leading zero causes an 'arithmetic syntax error'. This is why I say, wait for 14 days when this variable becomes '100' and the problem will magically dissappear.

To fix this permanently, I made an ammendment to remove any leading zeros.

This should fix it:
In /usr/lib/gargoyle/openvpn.sh on line 52 change:
EXPIRATION_MAX=$(( (365*(2038-$year)) - $year_day ))
to:
EXPIRATION_MAX=$(( (365*(2038-$year)) - ${year_day//0} ))

Then give the OpenVPN configuration another shot and all required files should be generated and client zip file download should also work.

I haven't actually proceded to test with a client (it's late and I'm tired) but I have a feeling OpenVPN should function normally after this.

Let me know how you get on.

Regards, Robert

PS. Not sure who to direct this to, but this problem will probably need to be rectified in a future release.

[ispyisail]

message sent to Eric

Thanks

[ispyisail]

A solution for that bug was already committed to the repository on January 18th 2013 (1f082daf), so while it's not in 1.5.9, it's already fixed.

Eric

http://www.gargoyle-router.com/gargoyle ... openvpn.sh

updated firmware

http://www.gargoyle-router.com/phpbb/vi ... =14&t=4027