OpenVPN Server setup

[legallink]

Hi all,

Newb here and I hope my questions aren't too obnoxious. I did a little searching, but won't state I did it exhaustively, but I'll post and hopefully won't get yelled at too loudly.

I'm trying to setup my OpenVPN Server on my N66U with Merlin firmware 378.55

Key point that I think is the problem: My router is double natted (in that it is behind the first router - Verizon FIOS provided router).

Steps I have taken:

1. I have port forwarded on the Verizon router the indicated port on UDP.
2. I configured DDNS for my dyndns login so that it would generate the correct details on the ovpn file. (wrong login as the double nat would provide the local ip address as opposed to the external IP Address.)
3. I followed the tomato guide setups, and my advanced looks like their advanced. (attached screen shot)
4. VPN Status shows it "Running"

However, when I export the file and import it into the OpenVPN app on my iphone, it simply won't connect.

Thoughts?

 

[Zirescu]

On your Phone are you still connected to the Wifi?

 

[legallink]

No, I disconnected from wifi and went through the data connection

 

[Zirescu]

Could try using TCP, not sure if maybe Verizon is blocking it.

 

[Zirescu]

Can you put the router in the DMZ zone of the Fios system? It's likely that it's that it's not able to complete the communications as more than just 1194 is used to complete the connection.

 

[Cake]

Can you open your ovpn file that is generated? I bet the IP is your local one.
I am not a expert...
If it is indeed a IP4 Class C address, you need a Dynamic Domain Name. (DDNS).
You could use the one included with the router, I have had trouble with that in the past so I use a script to get the job done.
Sign up for a ddns service like no-ip or something, then search the forums here on how to set it up so it reports your public ip from the first (edge) router. If your ovpn does in fact say something like 192.*.*.* then that is the culprit. I can share my script that I copied from someone else a while back if you need.

EDIT: Nevermind, I just re-read your fist post and you covered my idea already.

 

[martinr]

Did you look at the log in your mobile 'phone? On my iPhone I open the OpenVPN app, and just below the green slider "Save" is the word "Disconnected". If you tap on the arrow at the right end of the line, you see the log. There may be some clue there. Meanwhile, to eliminate problems with keys and certs, you could temporarily try saying "yes" to "username/password auth only" in the Settings. (So, assuming you have set up username and passwords, you'd be only using that, rather than that AND certs/keys to log in. I can't remember if they need to be set up before exporting the .ovpn file. If necessary, I'd re-export after having entered the relevant client username/passwords on the Settings page.)

 

[legallink]

Thanks for the replies. I got busy the last couple of days and will try out the suggestions and give it another shot.