[plug] Working from home - VPN routers

Ian Kent raven at themaw.net
Sun Apr 12 09:48:18 AWST 2020 

On Sat, 2020-04-11 at 13:18 +0800, Kevin Shackleton wrote:
> I was assuming that sudo would run openvpn with adequate permissions
> 
> Running from a root login results in the same output (specific
> details x'd out):
> 
> # openvpn --config /etc/openvpn/client.ovpn
> Sat Apr 11 12:57:44 2020 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL
> (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on
> May 14 2019
> Sat Apr 11 12:57:44 2020 library versions: OpenSSL 1.1.1  11 Sep
> 2018, LZO 2.08
> Enter Auth Username: xxxxxx
> Enter Auth Password: ********
> Sat Apr 11 12:57:54 2020 TCP/UDP: Preserving recently used remote
> address: [AF_INET]xxx.xxx.xxx.xxx:1194
> Sat Apr 11 12:57:54 2020 UDP link local: (not bound)
> Sat Apr 11 12:57:54 2020 UDP link remote:
> [AF_INET]xxx.xxx.xxx.xxx:1194
> Sat Apr 11 12:57:54 2020 WARNING: this configuration may cache
> passwords in memory -- use the auth-nocache option to prevent this
> Sat Apr 11 12:57:54 2020 [DSL-AC68U] Peer Connection Initiated with
> [AF_INET]xxx.xxx.xxx.xxx:1194
> Sat Apr 11 12:57:55 2020 TUN/TAP device tap0 opened
> Sat Apr 11 12:57:55 2020 Initialization Sequence Completed
> Sat Apr 11 12:58:56 2020 [DSL-AC68U] Inactivity timeout (--ping-
> restart), restarting
> Sat Apr 11 12:58:56 2020 SIGUSR1[soft,ping-restart] received, process
> restarting
> Sat Apr 11 12:58:56 2020 SIGUSR1[soft,ping-restart] received, process
> restarting
> Sat Apr 11 12:59:01 2020 TCP/UDP: Preserving recently used remote
> address: [AF_INET]xxx.xxx.xxx.xxx:1194
> Sat Apr 11 12:59:01 2020 UDP link local: (not bound)
> Sat Apr 11 12:59:01 2020 UDP link remote:
> [AF_INET]xxx.xxx.xxx.xxx:1194
> Sat Apr 11 12:59:01 2020 WARNING: 'link-mtu' is used inconsistently,
> local='link-mtu 1582', remote='link-mtu 1602'
> Sat Apr 11 12:59:01 2020 WARNING: 'cipher' is used inconsistently,
> local='cipher AES-256-GCM', remote='cipher AES-256-CBC'
> Sat Apr 11 12:59:01 2020 WARNING: 'auth' is used inconsistently,
> local='auth [null-digest]', remote='auth SHA256'
> Sat Apr 11 12:59:01 2020 [DSL-AC68U] Peer Connection Initiated with
> [AF_INET]xxx.xxx.xxx.xxx:1194
> Sat Apr 11 12:59:02 2020 TUN/TAP device tap0 opened
> Sat Apr 11 12:59:02 2020 Initialization Sequence Completed
> Sat Apr 11 13:00:02 2020 [DSL-AC68U] Inactivity timeout (--ping-
> restart), restarting

So I thought I'd try enabling a VPN server on my router and see if
I could connect to it from the ubuntu vpn. It's far from a sensible
test since it's on the same LAN as the vpn server and a different
router than you are using and likely a different firmware.

I get quite different result than you do:

raven at sparky:~$ sudo openvpn --config /etc/openvpn/client1.ovpn
Sun Apr 12 09:39:39 2020 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019
Sun Apr 12 09:39:39 2020 library versions: OpenSSL 1.1.1  11 Sep 2018, LZO 2.08
Enter Auth Username: raven
Enter Auth Password: ******
Sun Apr 12 09:39:46 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]118.209.191.183:1194
Sun Apr 12 09:39:46 2020 UDP link local: (not bound)
Sun Apr 12 09:39:46 2020 UDP link remote: [AF_INET]118.209.191.183:1194
Sun Apr 12 09:39:46 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Apr 12 09:39:46 2020 [RT-AX88U] Peer Connection Initiated with [AF_INET]192.168.1.1:1194
Sun Apr 12 09:39:47 2020 TUN/TAP device tun0 opened
Sun Apr 12 09:39:47 2020 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sun Apr 12 09:39:47 2020 /sbin/ip link set dev tun0 up mtu 1500
Sun Apr 12 09:39:47 2020 /sbin/ip addr add dev tun0 10.8.0.2/24 broadcast 10.8.0.255
Sun Apr 12 09:39:47 2020 Initialization Sequence Completed

and ifconfig shows tun0 present, but I haven't checked if I have
throughput or actual connectivity.

Ian

More information about the plug mailing list