DD-WRT VPN tunnel between 2 offices

I have installed a WRT54G2 with DD-WRT VPN version installed in our main office.  We have installed an identical one in our satellite office.  Both are setup and reporting to No-ip for DDNS.

192.168.1.x is the main office.  Setup a route to 192.168.2.x that uses the satellite No-ip name.
192.168.2.x is the satellite office.  Setup a route to 192.168.1.x that uses main office No-ip name.

The main office is the VPN server and the sattelite is a client router.

When I browse or ping from either side, I cannot get to the other side.  Any ideas of what to check would be appreciated.
hydraziAsked:
Who is Participating?
 
MikeKaneConnect With a Mentor Commented:
HAve you followed this guide: http://www.dd-wrt.com/wiki/index.php/OpenVPN_-_Site-to-Site_routed_VPN_between_two_routers

If the tunnel builds, but there is no traffic, you probably need to concentrate on the IPTables and filtered IP lists for the sites.  
0
 
shadowmantxCommented:
It will be best to setup site to site VPN.  Then check the vpn log and it will give you an error code that will help with troubleshooting.
0
 
hydraziAuthor Commented:
Alright, I will give the site to site with OPENVPN a try
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
onlyamir007Commented:
did you try PPTP connection ??
0
 
hydraziAuthor Commented:
Yes, I believe I tried the PPTP.  I went on vacation and now I am back.  I am going to look into it tomorrow.  SOrry for the delay.
0
 
hydraziAuthor Commented:
Ok, so I setup OpenVPN routed between the two sites wit different subnets.
I setup syslog to tell me if there are issues and this is what I get:

03-14-2011      10:30:59      Daemon.Notice      192.168.1.1      Mar 14 09:31:00 pppd[1221]: pppd 2.4.4 started by root, uid 0
03-14-2011      10:30:59      Daemon.Info      192.168.1.1      Mar 14 09:31:00 pptpd[1220]: CTRL: Starting call (launching pppd, opening GRE)
03-14-2011      10:30:58      Daemon.Info      192.168.1.1      Mar 14 09:30:59 pptpd[1220]: CTRL: Client 50.75.36.188 control connection started
03-14-2011      10:30:52      Daemon.Info      192.168.1.1      Mar 14 09:30:52 pptpd[1211]: CTRL: Client 50.75.36.188 control connection finished
03-14-2011      10:30:52      Daemon.Debug      192.168.1.1      Mar 14 09:30:52 pptpd[1211]: CTRL: Reaping child PPP[1212]
03-14-2011      10:30:52      Daemon.Error      192.168.1.1      Mar 14 09:30:52 pptpd[1211]: CTRL: PTY read or GRE write failed (pty,gre)=(9,10)
03-14-2011      10:30:52      Daemon.Error      192.168.1.1      Mar 14 09:30:52 pptpd[1211]: GRE: read(fd=9,buffer=420c6c,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
03-14-2011      10:30:52      Daemon.Info      192.168.1.1      Mar 14 09:30:52 pppd[1212]: Exit.
03-14-2011      10:30:48      Daemon.Notice      192.168.1.1      Mar 14 09:30:48 pppd[1212]: pppd 2.4.4 started by root, uid 0
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Your syslog shows errors for PPTP/GRE, not OpenVPN. OpenVPN uses SSL.
0
 
hydraziAuthor Commented:
So, something else is trying to start and shouldn't be?
0
 
hydraziAuthor Commented:
Ok, so what you are saying is that having PPTP VPN Passthrough enabled is not correct?
0
 
QlemoConnect With a Mentor Batchelor, Developer and EE Topic AdvisorCommented:
PPTP PassThru is not related - it is used if you need ot manage incoming PPTP calls, and forward them to another router, instead of letting the DD-WRT box handle it.

Your Syslog snippet looks kind of strange, but that just might be the PPTP daemon restarting, which we can ignore. But you might want to switch off the pppd daemon, if you do not use it for PPTP.

I cannot see any OpenVPN logging in Syslog. Either OpenVPN is configured to log into files (if the log keyword is used in the config file), or it is not started. With the configuration showed in above link, OpenVPN connection is initiated on reboot only. Since in daemon mode it should then run all the time, trying to connect to the other side. In that particular configuration there isn't a particular server or client, both sides try to connect actively.
0
 
hydraziAuthor Commented:
Is there any way that I can verify that OpenVPN is working then?  Or do I just have to connect to one network and check to see if I can ping a machine on the other side?
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
My *nux knowledge is rusty, but you should be able to see whether the process runs (e.g. using ps). If it runs, it should try to connect to the other site. Since you do not see anything in Syslog, I suspect OpenVPN is not running at all.
0
 
hydraziAuthor Commented:
All help was appreciated.  The error was in the router install, had to reflash them both and then reconfigure and it worked.
0
 
hydraziAuthor Commented:
I am ready to award points
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.