After installing openvpn_2.2_mipsel.ipk, How to access blocked websites ??

[GoogleCodeExporter]

Hello,

I wonder how can i access blocked websites at my work place.

Now, I install openvpn_2.2_mipsel.ipk to my rt-n56u by wiki manual and

vpn-connection between my pc and rt-n56u is not a problem.

But Nevertheless I can't access some blocked websites

Thanks for any help... I attach my network capture.

Original issue reported on code.google.com by howm...@gmail.com on 27 Feb 2012 at 11:15

Attachments:

• cap.jpg

[GoogleCodeExporter]

Hi, 
have you installed openvpn in these few days? (I mean not so far) Am I right?
The thing is doesn't resolve any address, so I can't access to the Internet at 
all via openssh. As far I can see you don't have any problems with dns 
resolving, do you? =)

This means that I'm an idiot and changed all setting completely and can't find 
my mistake. Or maybe.... what version of firmware do you use?

To your question. I'm not sure, but I think you're on Windows.

do tracert in the terminal to any website , which is available. Lets see how it 
is routed (via your home router or not)

Original comment by d...@soulblader.com on 27 Feb 2012 at 11:29

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

Yes, I have installed openvpn yesterday by your very kind wiki manual and now 
my router's firmware is RT-N56U_1.0.1.8d-p1. 
Also I use windows xp sp2 and Openvpn GUI.

On installing process, I delete following 4 lines at S20openvpn.

 #  --username-as-common-name \
 #  --auth-user-pass-verify check-auth.sh via-file \
 #  --tmp-dir ${temp_dir} \
 #  --client-cert-not-required

because user accounts method does not work and so I decide to use certificates.
For that, I copy ca, cert, key file to client config folder and ...
The following is my client.ovpn content

client
remote my router ip 1194
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\client.crt"
key "C:\\Program Files\\OpenVPN\\config\\client.key"
cipher AES-128-CBC 
dev tap
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
verb 3

Sorry , Since I am totally normal user (not expert) I don't know what is the 
problem.

Again I want to know is how can I connect blocked websites at my work place by 
connecting rt-n56u through openvpn.

To do this, how to modify openvpn.conf ? and what kind of manipulation needed ??

If someone can help me, please reply below. Thanks.

Original comment by howm...@gmail.com on 27 Feb 2012 at 2:55

[GoogleCodeExporter]

I asked you to do tracert. Maybe you haven't read to the end. The should work, 
And I want to understand how traffic is being routed. 

Press Win+R, type cmd <Enter>, and type tracert google.com at work place.

Original comment by d...@soulblader.com on 27 Feb 2012 at 7:20

[GoogleCodeExporter]

Btw, authentication with login and password works. I've just checked it. No 
errors.

Original comment by d...@soulblader.com on 27 Feb 2012 at 7:26

[GoogleCodeExporter]

Sorry for misunderstanding the end of your comment, 

After openvpn-connecting between my pc and rt-n56u , 

I attach my ipconfig /all capture.

Also I try to tracert google.com and that result also attach.

Please see what is problem to connect blocked site( eg. 
http://cartoon.media.daum.net) at my work place and how can i figure out this.

After you see this result, If you can help me, please post reply below.

Thank you very much in advance...

Original comment by howm...@gmail.com on 28 Feb 2012 at 9:02

Attachments:

• cap1.jpg
• cap2.jpg

[GoogleCodeExporter]

Sorry, forgot to ask...
Is there your home ip in the tracert output? 
Could you please also show routes table from work place?..
(I don't know how to view it in Windows, sorry. maybe smth like route print 
should work)
I've just succeeded to configure it myself properly =)
I'll update the package tonight. So, lets check with that package

Original comment by d...@soulblader.com on 29 Feb 2012 at 1:02

[GoogleCodeExporter]

updated. Pls, find the updated package in 'Downloads'

Original comment by d...@soulblader.com on 29 Feb 2012 at 6:34

[GoogleCodeExporter]

Thank you very much.
Although I do not know why,
I solve this by excuting following 2 lines on linux,

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 10.248.84.0/24 -o eth3 -j MASQUERADE

Thank you for your consideration. (-:

Original comment by howm...@gmail.com on 2 Mar 2012 at 12:21

[GoogleCodeExporter]

Hi!
You know, when you start S20openvpn, it checks /proc/sys/net/ipv4/ip_forward 
and does it automatically.
Also, on start there is /opt/etc/openvpn/firewall.sh, which writes iptables -t 
nat -A POSTROUTING -s 10.248.84.0/24 -o eth3 -j MASQUERADE to the rules of 
iptables.

So, these lines have been already added to your system ;)

The problem actually was is host names resolving. I'm glad that everything 
works now!
Good luck!

Original comment by d...@soulblader.com on 6 Mar 2012 at 12:47

• Changed state: Fixed