DSM-G600, DNS-3xx and NSA-220 Hack Forum

...Er, but now the tun kernel module isn't working; i presume i'll have to compile this myself as well (the error is "insmod: cannot insert 'tun.ko': invalid module format").

Here's how far I've come:

1) Download the linux kernel from linux.org
2) Copy to device and extract
3) "make menuconfig", select "Enable loadable module support" and "Device Drivers -> Network Device Support -> Universal TUN/TAP" to <M> (module)
5) make

Once it's done, I get tun.ko in drivers/net/tun.ko

...But the tun.ko file STILL generates the "invalid module format" when using insmod!

Anyone? I've been really stumped by this one all day...

Last edited by metal450 (2009-05-05 07:35:53)

Sinobato wrote:

Andrey,

I have another box with Ubuntu x86 installed. Can I use it and install OpenVPN and generate the keys there, and just copy the keys to my DNS-323 OpenVPN folder? That way, I don't have to install Debian on the NAS?

First of all many thanks to Haydn and all the contributers to the OpenVPN port.

Just wondering if there was any conclusion reached on alternative ways of generating the necessary keys for OpenVPN without installing Debian on the NAS? I've got a static key at the moment, but as Andrey said, there isn't much point to having a VPN setup without proper security.

Great, thanks very much Electrocut. The easy-rsa tools you referenced worked beautifully. Now I have full SSL working with the extra TLS key for robustness. You guys are awesome.

Just for reference, for some reason though I configured my 'vars' file properly, each time I executed it none of the variables would stick; running 'env' afterward showed no changes. Not a big deal, entered them in manually but just FYI for anyone else.

EDIT:

By the way, would anyone know the default log directory of openVPN as it's running? I'd like to move it to a USB drive so as to prevent spinups when no one is connected and wanted to know if I should move/symlink the log as well. Many thanks.

Last edited by krimb1 (2009-05-28 17:56:44)

Is it safe to assume that if /ffp/start/syslogd.sh isn't run at startup (i.e. if the execute bit isn't set), then logging for openVPN will be disabled?

You're the man electrocut! Worked like a charm.

Hope I'm not pushing my luck but I have one more question. Is there anyway to configure the syslogd_flags so that it will both (a) log to the ram buffer and (b) log to a text file (i.e. stored on a USB)? It'd be nice to keep it in memory but save the log files across multiple sessions/reboots.

I've tried setting it to

syslogd_flags="-C100 -O /mnt/USB/syslogd.log"

but the second parameter is simply ignored.

Many thanks again!

Last edited by krimb1 (2009-05-29 07:12:24)

Here is the file I'm using on my DNS-313 device.

You may need to edit the script, according to your device. (path to tun.ko ...)

---

Attachments:
openvpn.sh, Size: 844 bytes, Downloads: 821

I need help for the setup configuration for openvpn. Openvpn was installed in DNS-323. with ffp 0.5.

When I am in office, I used iphone openvpn client to connect to my home DNS-323 Openvpn server. I am able to browse my Transmission Bitorrent via local IP address, i.e. 192.168.1.88:9091

However, I am not able to connect to other local IP address, i.e 192.168.1.100 (IP camera) via VPN.

I am keeping it very simple and below is my network configuration:

DSL Modem - Default Gateway 192.168.1.1 Subnet 255.255.255.0

-----------------------------------------------------------------------------------------------
OpenVPN Server config

dev tun
proto udp
ifconfig 10.0.250.253 10.0.250.254

push "route-gateway 10.0.250.254"
route 10.0.250.0 255.255.255.0 192.168.1.1 gw

comp-lzo

keepalive 10 120
ping-timer-rem
persist-key

------------------------------------------------------------------------------------------------------------------
OpenVPN Iphone Client config

remote remoteipaddress 1194
dev tun
proto udp
ifconfig 10.0.250.254 10.0.250.253

comp-lzo

keepalive 10 120
ping-timer-rem
persist-key

route 192.168.1.0 255.255.255.0

-------------------------------------------------------------------------------------------------------

root@323:~# route -n
Kernel IP routing table
Destination       Gateway          Genmask                       Flags Metric Ref    Use Iface
10.0.250.254    0.0.0.0             255.255.255.255           UH    0      0        0       tun0
192.168.1.0      0.0.0.0             255.255.255.0               U      0      0        0       egiga0
10.0.250.0        192.168.1.1     255.255.255.0               UG    0      0        0       egiga0
224.0.0.0          0.0.0.0             255.0.0.0                       U      0      0        0       egiga0
0.0.0.0              192.168.1.1     0.0.0.0                           UG    0      0        0       egiga0
---------------------------------------------------------------------------------------------------------



What do I need to do or add in the config (server or client) file in order to view local IP address 192.168.1.100.?

Thank you.

Shiyou

Last edited by shiyou (2010-08-24 19:36:24)

rubber wrote:

Hello,
openvpn 2.1.2 for DNS-323 with predefined start/stop script bundled as fun_plug package (get it from http://www.condor-edv.com/~rubber/Downl … DNS323.tgz)

I'm interested but the file is empty! Is there an alternative download location?

...here the attachment.

Seems so, as if I am not able to attach the file here... but as I said... download should work.

Last edited by rubber (2010-10-17 20:31:24)

Anyone managed to write a sh which starts two openvpn tunnels simultaniosly?
I want to connect to two servers, I can do that one at a time, but when I try to start them at the same time I get :WARNING: openvpn: Already running for the second one...
A sample shell script would be appreciated...

Have you followed "OpenVPN HowTo" advices, about running multiples openvpn clients on the same machine ?

OpenVPN HowTO wrote:

If you want to run multiple OpenVPN instances on the same machine, each using a different configuration file, it is possible if you:
- Use a different port number for each instance (the UDP and TCP protocols use different port spaces so you can run one daemon listening on UDP-1194 and another on TCP-1194).
- If you are using Windows, each OpenVPN configuration needs to have its own TAP-Win32 adapter. You can add additional adapters by going to Start Menu -> All Programs -> OpenVPN -> Add a new TAP-Win32 virtual ethernet adapter. > You shouldn't be concerned, lol
- If you are running multiple OpenVPN instances out of the same directory, make sure to edit directives which create output files so that multiple instances do not overwrite each other's output files. These directives include log, log-append, status, and ifconfig-pool-persist.

Note: it may be also necessary to create as many /dev/tunX devices as VPN clients.

Last edited by Electrocut (2011-04-25 00:49:11)

Which file are you talking about ? Openvpn 2.1.3 is available on http://ffp.wolf-u.li/additional/net-misc/