General NAS-Central Forums

Welcome to the NAS community
It is currently Thu Nov 23, 2017 8:30 pm

All times are UTC




Post new topic Reply to topic  [ 7 posts ] 
Author Message
PostPosted: Tue Apr 18, 2017 6:28 am 
Offline

Joined: Wed Feb 10, 2016 11:40 am
Posts: 9
Hi

Used openvpn-openssl package from entware-ng (zyxel-models also installed),
edited the startup script to correct path of tun.ko

in /opt/etc/init.d/S20openvpn
Code:
insmod /opt/net/tun.ko

to
Code:
insmod /opt/lib/modules/$(uname -r)/kernel/drivers/net/tun.ko


lsmod gives:
Code:
Module                  Size  Used by    Tainted: P 
tun                    10190  2


so it's loaded.

It is connected (removed the ip and bcast)
Code:
tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 
          inet addr: HIDDEN  P-t-P: HIDDEN  Mask:255.255.255.0
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:782 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:77272 (75.4 KiB)


This is the route
Code:
route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         HIDDEN1         128.0.0.0       UG    0      0        0 tun0
0.0.0.0         10.0.2.1        0.0.0.0         UG    6      0        0 egiga0
10.0.2.0        0.0.0.0         255.255.255.0   U     0      0        0 egiga0
10.0.2.0        0.0.0.0         255.255.255.0   U     0      0        0 egiga1
HIDDEN2         0.0.0.0         255.255.255.0   U     0      0        0 tun0
128.0.0.0       HIDDEN1         128.0.0.0       UG    0      0        0 tun0
HIDDEN3         10.0.2.1        255.255.255.255 UGH   0      0        0 egiga0

I can ping to make the RX change. But no internet
Anyone got any idea? (I use both eth-ports)


Top
 Profile  
 
PostPosted: Sun Apr 30, 2017 7:41 am 
Offline

Joined: Sat Jun 08, 2013 9:02 am
Posts: 116
Hi.

Here is a how-to for what you want:
https://openvpn.net/index.php/open-sour ... l#redirect

_________________
Zyxel NSA325 [4.71(AAAJ.0) + FFP, retired]
Zyxel NAS540 [V5.20(AATB.0)]


Top
 Profile  
 
PostPosted: Tue Sep 19, 2017 8:51 am 
Offline

Joined: Sun Mar 27, 2016 1:05 pm
Posts: 12
but it requires ip_tables nat module which is missing in zymodules opkg package.

Could you share this module for nas540 as well ?


Top
 Profile  
 
PostPosted: Tue Sep 26, 2017 12:28 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6075
I'm afraid that can't be done. The kernel is build without iptables support, and in that case the iptables module just won't fit.


Top
 Profile  
 
PostPosted: Tue Sep 26, 2017 1:14 pm 
Offline

Joined: Sun Mar 27, 2016 1:05 pm
Posts: 12
So what you are saying that on latest software (V5.21(AATB.0)) running OpenVPN is not possible ?

I had to revert to previous drop which I received from Zyxel where I've built kernel with such support but I regret that my firmware is not up to date :(


Top
 Profile  
 
PostPosted: Tue Sep 26, 2017 1:57 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6075
swider wrote:
So what you are saying that on latest software (V5.21(AATB.0)) running OpenVPN is not possible ?

No. I'm saying that running iptables is (virtually) impossible.

For OpenVPN you only need the tun module, which is available, and works, AFAIK.

I think you only need the iptables nat module, when you want to use the NAS as a VPN gateway to your lan. In that case you could also use a tup interface and bridge that. Here I wrote something about that for firmware <5.10. You can't use that software, but the idea should still work.


Top
 Profile  
 
PostPosted: Sun Oct 01, 2017 2:39 pm 
Offline

Joined: Sat Jun 08, 2013 9:02 am
Posts: 116
Without NAT it is possible if the kernel supports packet forwarding. You just have to add a static route in your router for the VPN subnet.

_________________
Zyxel NSA325 [4.71(AAAJ.0) + FFP, retired]
Zyxel NAS540 [V5.20(AATB.0)]


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 7 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 13 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group