Configuring Tomato router to use CentOS OpenVPN server

August 8, 2014 2.4k views

Hi, first off, my unix skills, never stunning, are about 15 years old. I'd like to create an OpenVPN server on a CentOS droplet, then connect my Tomato-based router to the server. I've followed the directions found here:
http://www.vpntips.com/how-to-setup-a-vpn-server/

Not sure what to do next...has anyone done such a setup?

2 Answers

Hi! It's a bit unclear what you need help with. Did you run into any specific problems following the tutorial that you linked to? Or is it just the configuring your router to use the VPN?

On your router's settings page, go to the "VPN Tunneling" tab and then “OpenVPN Client.” Then fill out the details. Check out this useful post.

  • Hi Andrew,
    Thanks for taking the time to respond. I think I have things running ok on the droplet; from my openvpn.log:
    Sun Aug 10 01:15:01 2014 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
    Sun Aug 10 01:15:01 2014 /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
    Sun Aug 10 01:15:01 2014 GID set to nobody
    Sun Aug 10 01:15:01 2014 UID set to nobody
    Sun Aug 10 01:15:01 2014 UDPv4 link local (bound): [undef]
    Sun Aug 10 01:15:01 2014 UDPv4 link remote: [undef]
    Sun Aug 10 01:15:01 2014 MULTI: multi_init called, r=256 v=256
    Sun Aug 10 01:15:01 2014 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
    Sun Aug 10 01:15:01 2014 IFCONFIG POOL LIST
    Sun Aug 10 01:15:01 2014 Initialization Sequence Completed

    and from my openvpn-status.log:
    OpenVPN CLIENT LIST
    Updated,Sun Aug 10 01:27:12 2014
    Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
    ROUTING TABLE
    Virtual Address,Common Name,Real Address,Last Ref
    GLOBAL STATS
    Max bcast/mcast queue length,0
    END

    However, I can't create the vpn on my router. My error messages are:
    Aug 9 23:17:57 unknown daemon.info dnsmasq-dhcp[3309]: DHCPINFORM(br0) 192.168.15.9 00:1a:ef:19:7d:93
    Aug 9 23:17:57 unknown daemon.info dnsmasq-dhcp[3309]: DHCPACK(br0) 192.168.15.9 00:1a:ef:19:7d:93 screamer
    Aug 9 23:18:14 unknown daemon.warn openvpn[3385]: DEPRECATED OPTION: --tls-remote, please update your configuration
    Aug 9 23:18:14 unknown daemon.notice openvpn[3385]: OpenVPN 2.3.4 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on May 18 2014
    Aug 9 23:18:14 unknown daemon.notice openvpn[3385]: library versions: OpenSSL 1.0.1g 7 Apr 2014, LZO 2.06
    Aug 9 23:18:14 unknown daemon.warn openvpn[3385]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Aug 9 23:18:14 unknown daemon.err openvpn[3385]: Cannot load CA certificate file ca.crt (no entries were read) (OpenSSL)
    Aug 9 23:18:14 unknown daemon.notice openvpn[3385]: Exiting due to fatal error

    However, I do have keys loaded in my keys tab on the Tomato router. I used the post you listed to verify my setup, but it shows connecting to a VPN provider, and I'm wondering if I need different settings to connect to the OpenVPN server on the droplet.

    I realize that, at this point, this may no longer be an issue for this forum, but if you have Tomato experience, I would greatly appreciate your insight.

    Note: I'm currently using a commercial VPN provider with the Tomato router on Client 1, and that OpenVPN connection is working fine. I get the error above when I stop Client 1 on the router, and try to use Client 2 on the Tomato to connect to the OpenVPN server running on my droplet.

I rebuilt all my certs, fiddled with some settings, and now everything works! Perhaps you can teach an old dog new tricks....just very slowly :)

Have another answer? Share your knowledge.