Hello there
I have VDSL router comtrend vr-3026e in bridge mode on which is connected Turris.
I successfully set tup the bridge mode in router but i would like to arrange access to turris from outside internet, with OpenVPN which You have to have opened port 1194/UDP .
I am not sure about the necessary settings on both sides - Turris and Router.
On turris i did setup :
in LuCi:
Network / Firewall / Traffic rules
Accept input:
From any host in wan To any router IP at port 1194 on this device
source zone : WAN
destination zone: Device (input)
in Foris:
OpenVPN module :
prodocol UDP, opeWPN network 10.111.111.0/24
port 1194
use DNS from vpn - yes
all traffic through vpn - yes
I am gratefull to all of Your hints or experience,
thank You !
hello, are You sure about this ? really sure ? [sorry, You are talking with poor civil engineer, no IT perk ]
well i have commtrend comtrend vr-3026e v2 multi-dsl
where i did bridge mode according manuals at http://comtrend.michnzee.net/
but it seems it is not working.
Documentation for OpenVPN told me nothing new,m neither the forum…
Actually, I though i had set a specific question, or not ?
I will just keep looking more.
thank You
Well, this is somehow common, yes. But I don’t know this device and I can’t read a czech manual because I don’t speak czech, sorry… There may be some firewall even in Bridge mode that intercepts traffic, but I can’t tell.
But what you should do is to start debugging to not only find out that “it’s not working”, but WHY it’s not working… I’d do the following:
Ensure that you have a public routed IP, no Provider NAT, DS Light or whatsoever. Check that you can access at least any service on your Omnia from the internet or ask your ISP. If you have no public routed IP you have to fix that first.
Ensure that OpenVPN server is started: grep openvpn /var/log/messages. OpenVPN should log some information there that it was started. If there are no messages the Server didn’t start, so enable automatic startup on boot and start it: /etc/init.d/openvpn enable && /etc/init.d/openvpn start
If you have a public IP and your Server is started check your firewall settings and try to connect to your Server. If connection fails check Client Log and Server Log (see above) why it failed. If Server doesn’t recognise any connection attempt (no Log during connection attempt) the problem has to be between your Server (Omnia) and your Client: Firewall on Omnia, Firewall on Modem or any device between. It may also be that the network your client is connected to is blocking connection, so try to connect from a diffrent network. Your Client Log may give you some more Information. Check and fix firewall setting.
If you see some Logs in the Server log it means that a connection between your Client and your Server was established. If your client still can’t get a working connection something during Handshake failed. Again check Server and Client Logs to find out what failed and try to fix it (If you ask for help include BOTH Client and Server Logs and config files)
If your client tells you that a connection could be established successfully but you can’t access any services through OpenVPN Tunnel it might be a routing problem. Ask for help here
I’d work through this step by step and try to fix what you find. Ask for help if you need assistance at some point including full logs and configuration (Like relavant firewall or Server/Client configuration)
Edit: And always try to connect from outside your network, not from inside your network. E.g. use a mobile network…
Just to add: Yes you asked a specific question but it lacked some information. I or someone else here can’t guess what you did. It’s hard to help without detailed logs and config files.
My experience ist that often the problem is in the basics, that’s why I linked documentation and asked you to search the forum to get some hints on debugging (steps like I wrote to you now).
The description of your firewall settings in your first post seem to be correct… Should have said that in first place, sorry . And I don’t expect your modem to be your problem if you put it in some “bridge mode”, but as I said I can’t tell for sure.
Dear protree,
thank You for Your response.
First of all, I had headache from the suggestions You wrote me. Just because i am civil engineer with lack of knowledge and terminology of this branch is far away from me.
Besides these possible evaluations i tried to swap router (VDSL router in the router of BRIDGE) to Zyxel vmg1312-b30b with belief, ports is somehow not passing through my original commtrend vr-3026e in BRIDGE mode.
result is the same : port 1194 is not visible from the outside web .
That means with high probability i did not set-up something correctly in my Omnia
and I must to find out more why it is not working as You were suggesting
Easy way to check correct Bridge mode is question WHO established PPOE protokol? Whenever Turris it’s OK, your modem is pure bridge and everything over IP and ports need make on Turris.
In Turris LOG (in the case of ppoe working) you must see something as:
notice pppd[31905]: pppd 2.4.7 started by root, uid 0
notice pppd[31905]: Connect: pppoe-wan <–> eth2
info pppd[31905]: Using interface pppoe-wan
dear all,
i have found a reason of the problem…
but actually i have to confess, many times i did not see that the port UDP is opened,
becasue was checking (via web page apps) the UTP protocol
