DSM-G600, DNS-3xx and NSA-220 Hack Forum

Unfortunately no one can be told what fun_plug is - you have to see it for yourself.

You are not logged in.

Announcement

#1 2008-01-17 16:46:10

HaydnH
Member
Registered: 2007-09-28
Posts: 187

Compiled & Working: OpenVPN

Hi All,

WARNING: I strongly suggest you run the server with your server.conf manually before adding it to your funplug, that way if you manage to make a mess of your network a reset will fix the problem instead of needing a pc!

I thought a VPN daemon may be of use, it runs but I haven't tested actually connecting to it yet as I'm not at home to forward the port on my router The tarball is available here: http://www.mediafire.com/?39xlywjvysk

And here are the instructions (included in the tarball also) - you may want to look at the openvpn site for more configuration options:

Code:

Install instructions for the dns-323:
=====================================

  To install & configure:
  -----------------------
    # extract this file to /mnt/HD_a2

    - Follow these instructions to create a key and edit server.conf file:
        http://openvpn.net/static.html


  To run after each reboot (i.e: in funplug)
  ------------------------------------------
    # mkdir /dev/net
    # mknod /dev/net/tun c 10 200
    # insmod /mnt/HD_a2/openvpn/tun.ko 


  To launch the vpn daemon:
  -------------------------
    # cd /mnt/HD_a2/openvpn
    # ./openvpn --config server.conf


Further configuration is required for the client, see the link above, also you may need to open firewall ports/forward ports in your router etc.

Enjoy!

Haydn.

p.s: Before someone asks yes I did have to compile the tun.ko kernel module to get it to work!

EDIT: added warning!

Note to me for testing, may need to run "echo 1 > /proc/sys/net/ipv4/ip_forward" to access rest of lan.

Last edited by HaydnH (2008-01-17 17:12:21)

Offline

 

#2 2008-01-18 16:10:59

index monkey
Member
From: UK
Registered: 2007-06-14
Posts: 112

Re: Compiled & Working: OpenVPN

I will try this. Is there anything this little wonder cant do?

Thanks in advance!

Last edited by index monkey (2008-01-18 16:16:09)


DNS-323, HW B1, 2 x 2TB WD green, fw 1.08, fun_plug 0.5, transmission, automatic, nzbget newsreader & rsync time machine backup.

Offline

 

#3 2008-01-18 17:17:45

HaydnH
Member
Registered: 2007-09-28
Posts: 187

Re: Compiled & Working: OpenVPN

index monkey wrote:

Is there anything this little wonder cant do?

I take it you mean the DNS-323?? or should I be flattered? ;P

Offline

 

#4 2008-01-19 15:25:59

n0m0r3
Member
Registered: 2007-09-20
Posts: 20

Re: Compiled & Working: OpenVPN

LINIX NOOOB ;-) has a wuestion.

Wow great but I seem to have an issue with getting everything to work.

I copied the extracted files to the HD_a2 volume. there is now a directory in the root called "openvpn" with 4 files + the generated static.key file.

When I try to run the openvpn deamon  I get.

/mnt/HD_a2/openvpn $ ./openvpn --config server.conf
Sat Jan 19 14:34:59 2008 OpenVPN 2.0.9 arm-unknown-linux [SSL] [LZO] [EPOLL] built on Jan 17 2008
Sat Jan 19 14:34:59 2008 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Sat Jan 19 14:34:59 2008 Note: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)
Sat Jan 19 14:34:59 2008 Note: Attempting fallback to kernel 2.2 TUN/TAP interface
Sat Jan 19 14:34:59 2008 Cannot allocate TUN/TAP dev dynamically
Sat Jan 19 14:34:59 2008 Exiting
/mnt/HD_a2/openvpn $

So I tried to make the directory for autostarting.... but I get this...

/ $ mkdir /dev/net
mkdir: cannot create directory '/dev/net': Permission denied
/ $

I'm running all this on a CONCEPTRONIC CH3SNAS with fun_plug 0.3 installed. and FW 1.02 I believe.

n0m0r3

Offline

 

#5 2008-01-19 16:10:26

fonz
Member / Developer
From: Berlin
Registered: 2007-02-06
Posts: 1716
Website

Re: Compiled & Working: OpenVPN

n0m0r3 wrote:

/ $ mkdir /dev/net
mkdir: cannot create directory '/dev/net': Permission denied

You must be 'root' for this.

Offline

 

#6 2008-01-20 17:29:45

n0m0r3
Member
Registered: 2007-09-20
Posts: 20

Re: Compiled & Working: OpenVPN

fonz wrote:

n0m0r3 wrote:

/ $ mkdir /dev/net
mkdir: cannot create directory '/dev/net': Permission denied

You must be 'root' for this.

So how do I become the root user?

linux noob.

n0m0r3

Offline

 

#7 2008-01-29 03:02:36

halfsoul
Member
Registered: 2008-01-28
Posts: 57

Re: Compiled & Working: OpenVPN

HaydnH wrote:

I thought a VPN daemon may be of use, it runs but I haven't tested actually connecting to it yet as I'm not at home to forward the port on my router

Did you get a chance to confirm this works?

Offline

 

#8 2008-01-29 14:47:27

HaydnH
Member
Registered: 2007-09-28
Posts: 187

Re: Compiled & Working: OpenVPN

n0m0r3: "So how do I become the root user?"

I think the default telnet install from the wiki logs you in as root by default, if not use the "su -" command as long as you know the root password.


halfsoul: "Did you get a chance to confirm this works?"

Yes, I'm using it right now ;-p

Offline

 

#9 2008-01-29 21:27:01

Zen Seeker
Member
Registered: 2007-11-28
Posts: 74

Re: Compiled & Working: OpenVPN

HaydnH wrote:

Yes, I'm using it right now ;-p

Would you say it's ready for testing on a production box? (I don't mind a small risk but if it needs to be cooked a little longer I can wait before jumping in.)

Have you ever tried Webmin? Sally, another group member, was able to get a copy working on her CH3SNAS but she hasn't been back since.

Offline

 

#10 2008-01-30 12:43:02

HaydnH
Member
Registered: 2007-09-28
Posts: 187

Re: Compiled & Working: OpenVPN

Zen Seeker wrote:

HaydnH wrote:

Yes, I'm using it right now ;-p

Would you say it's ready for testing on a production box? (I don't mind a small risk but if it needs to be cooked a little longer I can wait before jumping in.)

Have you ever tried Webmin? Sally, another group member, was able to get a copy working on her CH3SNAS but she hasn't been back since.

Yes I would say it's ready for production - all it is is a compiled version of openvpn which is quite a good product. However, if this is a production box I would recommend reading the openvpn site to familiarise yourself with different setups and the security implications of each.

I haven't tried webmin - I use the cli religiously ;P

Last edited by HaydnH (2008-01-30 12:43:54)

Offline

 

#11 2008-01-30 22:10:07

Zen Seeker
Member
Registered: 2007-11-28
Posts: 74

Re: Compiled & Working: OpenVPN

Cool, thanks for the feedback, I'll see if I can get a day this weekend to plug it in and configure.

The new router is stable and doing fine finally but none of the new gigabit ones I've been testing have great firmware. Hardwares all good but it's a firmware game right now.

DIR-655 seems to be the best over-all option out of the box in Canada at the moment but the US has at least 4 new models from D-Link and Linksys that kick ass. (DGL-4500 and DIR-855 are the two off the top of my head that I last reviewed.) We don't usually see them until a year later.

So, that said, I should have time to play safe and set this up. Now let's hope the router directs my VPN smoothly, it's the high functions and access control that seems to always be a problem.

Appreciate your efforts.

Offline

 

#12 2008-01-31 13:29:25

HaydnH
Member
Registered: 2007-09-28
Posts: 187

Re: Compiled & Working: OpenVPN

"Now let's hope the router directs my VPN smoothly"

The default port for openVpn (as approved by IANA) is 1194 - you'll need to forward this on the router to the ip address of the dns-323... probably should have mentioned that in the OP.

Offline

 

#13 2008-01-31 16:23:55

Zen Seeker
Member
Registered: 2007-11-28
Posts: 74

Re: Compiled & Working: OpenVPN

Thanks for the reminder...I've been testing that on all three routers but behind the wall until it's done and as good as I can make it.

Grabbed the archive you posted up top...latest version or should I grab a different one? Any other notes or issues before I install?

Thanks again.

Offline

 

#14 2008-02-01 03:16:14

323vpn
New member
Registered: 2008-01-18
Posts: 1

Re: Compiled & Working: OpenVPN

Hi,

I am trying to use openvpn in bridge mode. From the default kernel config, it seems that bridge is not included. I compiled the module bridge.ko but cannot load it onto the default kernel b/c of missing symbols.

bridge: Unknown symbol br_handle_frame_hook
bridge: Unknown symbol br_fdb_put_hook
bridge: Unknown symbol br_fdb_get_hook


Any ideas ?

Offline

 

#15 2008-02-01 22:01:26

Zen Seeker
Member
Registered: 2007-11-28
Posts: 74

Re: Compiled & Working: OpenVPN

Well Rogers turned off my modem last night so I have no connection to test on until I either yell at them or I get the newer model modem. I download the add-on here at work and will still see if I can install it over the weekend.

l8r

Offline

 

#16 2008-02-28 11:34:01

n0m0r3
Member
Registered: 2007-09-20
Posts: 20

Re: Compiled & Working: OpenVPN

OK, I upgrade the NAs and no I do have telnet access via root. so I created the directory etc described above.

And started the openvpn deamon.
this is what happend:

/mnt/HD_a2/openvpn # ./openvpn --config server.conf
Thu Feb 28 10:43:03 2008 OpenVPN 2.0.9 arm-unknown-linux [SSL] [LZO] [EPOLL] built on Jan 17 2008
Thu Feb 28 10:43:03 2008 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Thu Feb 28 10:43:03 2008 TUN/TAP device tun0 opened
Thu Feb 28 10:43:03 2008 /sbin/ifconfig tun0 192.168.1.253 pointopoint 192.168.1.162 mtu 1500
Thu Feb 28 10:43:03 2008 UDPv4 link local (bound): [undef]:1194
Thu Feb 28 10:43:03 2008 UDPv4 link remote: [undef]

Is this OK?

n0m0r3

Offline

 

#17 2008-02-28 13:51:45

HaydnH
Member
Registered: 2007-09-28
Posts: 187

Re: Compiled & Working: OpenVPN

I can't remember what the output looks like atm and can't check as I'm connecting via vpn and don't want to cut myself off! But that looks fine to me, usually in *NIX no error means OK.

Offline

 

#18 2008-02-29 21:28:14

sally
Member
Registered: 2007-12-02
Posts: 6

Re: Compiled & Working: OpenVPN

@Zen Seeker: sorry, I had to finish my exams, so i had no time to do anything else than lerning. But now i'm back and I will finish my project. But give me some time, then i will publish the complete changes i made on my ch3snas...

Offline

 

#19 2008-03-12 16:12:15

knireis
Member
Registered: 2007-12-10
Posts: 231

Re: Compiled & Working: OpenVPN

Can i use this to connect with a upnp mediaplayer (freecom musicpal or philips sla5520) connected to lets say network A, to the mediaserver on my CH3SNAS which is connected to network B?
And if yes, any instructions available? I run funplug 0.4, lighttpd and also Twonky

Offline

 

#20 2008-03-12 16:38:36

fonz
Member / Developer
From: Berlin
Registered: 2007-02-06
Posts: 1716
Website

Re: Compiled & Working: OpenVPN

knireis wrote:

Can i use this to connect with a upnp mediaplayer (freecom musicpal or philips sla5520) connected to lets say network A, to the mediaserver on my CH3SNAS which is connected to network B?
And if yes, any instructions available? I run funplug 0.4, lighttpd and also Twonky

You need to say more about what net A and B are.

I have a freecom musicpal, too. My setup is like this:

Code:

dns323 ---..Ethernet..--- WLAN-Basestation ))) ..wireless.. (((  musicpal

Works fine with mediatomb. Didn't work with the built-in upnp.

It's all the same IP subnet, the WLAN basesation forwards traffic between them. No VPN required.

Offline

 

#21 2008-03-12 16:43:56

knireis
Member
Registered: 2007-12-10
Posts: 231

Re: Compiled & Working: OpenVPN

fonz wrote:

knireis wrote:

Can i use this to connect with a upnp mediaplayer (freecom musicpal or philips sla5520) connected to lets say network A, to the mediaserver on my CH3SNAS which is connected to network B?
And if yes, any instructions available? I run funplug 0.4, lighttpd and also Twonky

You need to say more about what net A and B are.

I have a freecom musicpal, too. My setup is like this:

Code:

dns323 ---..Ethernet..--- WLAN-Basestation ))) ..wireless.. (((  musicpal

Works fine with mediatomb. Didn't work with the built-in upnp.

It's all the same IP subnet, the WLAN basesation forwards traffic between them. No VPN required.

Net A is my parents home network and net B is my home network, so their at phisically different locations and behind routers.

Last edited by knireis (2008-03-12 16:45:44)

Offline

 

#22 2008-03-17 02:03:11

ojve
Member
Registered: 2008-03-02
Posts: 28

Re: Compiled & Working: OpenVPN

Hi!

I tried installing this, but I can't seem to get my 323 to open the port. If I run netstat it should say that it's listening on port 1194 right? there nothing there:(

Any clues?

//T

Offline

 

#23 2008-03-22 11:18:59

andrey
Member
Registered: 2008-03-22
Posts: 34

Re: Compiled & Working: OpenVPN

HaydnH,

Can you post your server.conf for both the server and the client? I seem to get things running, but get into "Authenticate/Decrypt packet error: packet HMAC authentication failed" error. Not sure where to go from there...

Offline

 

#24 2008-03-27 00:58:02

andrey
Member
Registered: 2008-03-22
Posts: 34

Re: Compiled & Working: OpenVPN

Well, I kind of got OpenVPN to work on DNS-323.. but there is slight problem, which is most likely with either OpenVPN or my router configuration.

Here is my setup (router is D-Link DGL-4500)

laptop -----> internet -----> router -----> PC #1
                                                   -----> PC #2
                                                   -----> DNS-323

I can connect to DNS-323 from my laptop just fine and browse shares by using an IP address of DNS-323. But the problem is that I cannot see any other computers on the network (PC #1, PC #2). For router I'm using 10.0.0.1 as the IP and for OpenVPN I'm using 10.10.0.x IP range. Any suggestions of what I should look at to troubleshoot this setup?

Thanks!

Last edited by andrey (2008-03-27 01:00:23)

Offline

 

#25 2008-03-27 01:07:17

andrey
Member
Registered: 2008-03-22
Posts: 34

Re: Compiled & Working: OpenVPN

well... nm, I re-read your first post and adding 'echo 1 > /proc/sys/net/ipv4/ip_forward' did the trick!

Offline

 

Board footer

Powered by PunBB
© Copyright 2002–2010 PunBB