OpenVPN client on Linksys WRT32X
I've been trying to set up the openvpn client on a linksys wrt32x router it does conect but speed is slow
this is my ovpn file and router log
this is my ovpn file and router log
client dev tun proto udp remote us-east.privateinternetaccess.com 1198 resolv-retry infinite nobind persist-key persist-tun cipher aes-128-cbc auth sha1 tls-client remote-cert-tls server auth-user-pass comp-lzo verb 1 reneg-sec 0 disable-occ <ca> -----BEGIN CERTIFICATE----- MIIFqzCCBJOgAwIBAgIJAKZ7D5Yv87qDMA0GCSqGSIb3DQEBDQUAMIHoMQswCQYD VQQGEwJVUzELMAkGA1UECBMCQ0ExEzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNV BAoTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIElu dGVybmV0IEFjY2VzczEgMB4GA1UEAxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3Mx IDAeBgNVBCkTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkB FiBzZWN1cmVAcHJpdmF0ZWludGVybmV0YWNjZXNzLmNvbTAeFw0xNDA0MTcxNzM1 MThaFw0zNDA0MTIxNzM1MThaMIHoMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex EzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNVBAoTF1ByaXZhdGUgSW50ZXJuZXQg QWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UE AxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBCkTF1ByaXZhdGUgSW50 ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkBFiBzZWN1cmVAcHJpdmF0ZWludGVy bmV0YWNjZXNzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPXD L1L9tX6DGf36liA7UBTy5I869z0UVo3lImfOs/GSiFKPtInlesP65577nd7UNzzX lH/P/CnFPdBWlLp5ze3HRBCc/Avgr5CdMRkEsySL5GHBZsx6w2cayQ2EcRhVTwWp cdldeNO+pPr9rIgPrtXqT4SWViTQRBeGM8CDxAyTopTsobjSiYZCF9Ta1gunl0G/ 8Vfp+SXfYCC+ZzWvP+L1pFhPRqzQQ8k+wMZIovObK1s+nlwPaLyayzw9a8sUnvWB /5rGPdIYnQWPgoNlLN9HpSmsAcw2z8DXI9pIxbr74cb3/HSfuYGOLkRqrOk6h4RC OfuWoTrZup1uEOn+fw8CAwEAAaOCAVQwggFQMB0GA1UdDgQWBBQv63nQ/pJAt5tL y8VJcbHe22ZOsjCCAR8GA1UdIwSCARYwggESgBQv63nQ/pJAt5tLy8VJcbHe22ZO sqGB7qSB6zCB6DELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRMwEQYDVQQHEwpM b3NBbmdlbGVzMSAwHgYDVQQKExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4G A1UECxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAMTF1ByaXZhdGUg SW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQpExdQcml2YXRlIEludGVybmV0IEFjY2Vz czEvMC0GCSqGSIb3DQEJARYgc2VjdXJlQHByaXZhdGVpbnRlcm5ldGFjY2Vzcy5j b22CCQCmew+WL/O6gzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBDQUAA4IBAQAn a5PgrtxfwTumD4+3/SYvwoD66cB8IcK//h1mCzAduU8KgUXocLx7QgJWo9lnZ8xU ryXvWab2usg4fqk7FPi00bED4f4qVQFVfGfPZIH9QQ7/48bPM9RyfzImZWUCenK3 7pdw4Bvgoys2rHLHbGen7f28knT2j/cbMxd78tQc20TIObGjo8+ISTRclSTRBtyC GohseKYpTS9himFERpUgNtefvYHbn70mIOzfOJFTVqfrptf9jXa9N8Mpy3ayfodz 1wiqdteqFXkTYoSDctgKMiZ6GdocK9nMroQipIQtpnwd4yBDWIyC6Bvlkrq5TQUt YDQ8z9v+DMO6iwyIDRiU -----END CERTIFICATE----- </ca>
Fri Dec 22 20:47:43 2017 us=190492 OpenVPN 2.3.11 arm-openwrt-linux-gnu [SSL (PolarSSL)] [LZO] [EPOLL] [MH] [IPv6] Fri Dec 22 20:47:43 2017 us=190570 library versions: PolarSSL 1.3.17, LZO 2.09 Fri Dec 22 20:47:43 2017 us=190636 WARNING: file '/etc/openvpn/password' is group or others accessible Fri Dec 22 20:47:43 2017 us=190759 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Fri Dec 22 20:47:43 2017 us=191893 LZO compression initialized Fri Dec 22 20:47:43 2017 us=192174 Control Channel MTU parms [ L:1558 D:1212 EF:38 EB:0 ET:0 EL:3 ] Fri Dec 22 20:47:43 2017 us=192258 Socket Buffers: R=[163840->163840] S=[163840->163840] Fri Dec 22 20:47:43 2017 us=193494 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:143 ET:0 EL:3 AF:3/1 ] Fri Dec 22 20:47:43 2017 us=193581 Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client' Fri Dec 22 20:47:43 2017 us=193616 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server' Fri Dec 22 20:47:43 2017 us=193720 Local Options hash (VER=V4): '66096c33' Fri Dec 22 20:47:43 2017 us=193774 Expected Remote Options hash (VER=V4): '691e95c7' Fri Dec 22 20:47:43 2017 us=193811 UDPv4 link local: [undef] Fri Dec 22 20:47:43 2017 us=193848 UDPv4 link remote: [AF_INET]66.55.141.44:1198 Fri Dec 22 20:47:43 2017 us=213104 TLS: Initial packet from [AF_INET]66.55.141.44:1198, sid=188e3fb1 139dffa8 Fri Dec 22 20:47:43 2017 us=213267 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Fri Dec 22 20:47:43 2017 us=245414 VERIFY OK: depth=1, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=Private Internet Access, ??=Private Internet Access, [email protected] Fri Dec 22 20:47:43 2017 us=245927 Validating certificate key usage Fri Dec 22 20:47:43 2017 us=245976 ++ Certificate has key usage 00a0, expects 00a0 Fri Dec 22 20:47:43 2017 us=246009 VERIFY KU OK Fri Dec 22 20:47:43 2017 us=246039 Validating certificate extended key usage Fri Dec 22 20:47:43 2017 us=246072 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Fri Dec 22 20:47:43 2017 us=246137 VERIFY EKU OK Fri Dec 22 20:47:43 2017 us=246170 VERIFY OK: depth=0, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=58143dce329491537ba2b8b6d67a3c2f, ??=58143dce329491537ba2b8b6d67a3c2f Fri Dec 22 20:47:43 2017 us=492501 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key Fri Dec 22 20:47:43 2017 us=492580 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Dec 22 20:47:43 2017 us=492621 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key Fri Dec 22 20:47:43 2017 us=492656 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Dec 22 20:47:43 2017 us=492736 Control Channel: TLSv1.2, cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384, 2048 bit key Fri Dec 22 20:47:43 2017 us=492799 [58143dce329491537ba2b8b6d67a3c2f] Peer Connection Initiated with [AF_INET]66.55.141.44:1198 Fri Dec 22 20:47:45 2017 us=643046 SENT CONTROL [58143dce329491537ba2b8b6d67a3c2f]: 'PUSH_REQUEST' (status=1) Fri Dec 22 20:47:45 2017 us=665135 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 209.222.18.222,dhcp-option DNS 209.222.18.218,ping 10,comp-lzo no,route 10.68.10.1,topology net30,ifconfig 10.68.10.6 10.68.10.5,auth-token 84mKkSrMkcmqUhyG66TGyjNqOPYHOQg6FfXZMiCIz4k=' Fri Dec 22 20:47:45 2017 us=665323 OPTIONS IMPORT: timers and/or timeouts modified Fri Dec 22 20:47:45 2017 us=665380 OPTIONS IMPORT: LZO parms modified Fri Dec 22 20:47:45 2017 us=665413 OPTIONS IMPORT: --ifconfig/up options modified Fri Dec 22 20:47:45 2017 us=665451 OPTIONS IMPORT: route options modified Fri Dec 22 20:47:45 2017 us=665481 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Fri Dec 22 20:47:45 2017 us=668235 TUN/TAP device tun0 opened Fri Dec 22 20:47:45 2017 us=670378 TUN/TAP TX queue length set to 100 Fri Dec 22 20:47:45 2017 us=670438 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Fri Dec 22 20:47:45 2017 us=670502 /sbin/ifconfig tun0 10.68.10.6 pointopoint 10.68.10.5 mtu 1500 Fri Dec 22 20:47:45 2017 us=673553 /etc/openvpn/openvpn_updown tun0 1500 1558 10.68.10.6 10.68.10.5 init remote1: us-east.privateinternetaccess.com script_context: init script_type: up signal: trusted_ip: 66.55.141.44 untrusted_ip: 66.55.141.44 gateway1: 192.168.5.1 gateway2: 192.168.5.1 gateway: 192.168.5.1 nameserver 209.222.18.222 nameserver 209.222.18.218 Fri Dec 22 20:47:45 2017 us=690687 /sbin/route add -net 66.55.141.44 netmask 255.255.255.255 gw 192.168.5.1 Fri Dec 22 20:47:45 2017 us=692256 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.68.10.5 Fri Dec 22 20:47:45 2017 us=693586 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.68.10.5 Fri Dec 22 20:47:45 2017 us=695042 /sbin/route add -net 10.68.10.1 netmask 255.255.255.255 metric 1 gw 10.68.10.5 Fri Dec 22 20:47:45 2017 us=696353 Initialization Sequence Completed
Comments
I fixed it was a mtu size problem ,I add this line to the ovpn file "mssfix 1420" I was getting les than 1 Mbps with vpn on a 50Mbps connection now get 47 Mbps with the vpn on pretty nice speed