[Cerowrt-devel] [Cerowrt-users] Open VPN config
Joel Wirāmu Pauling
joel at aenertia.net
Mon Sep 22 04:01:06 EDT 2014
I've found that OpenVPN on the ar71xx boards with tls-client security
and UDP based tunnel encap max hit a cpu bound upper transfer limit of
On 22 September 2014 17:21, Dave Taht <dave.taht at gmail.com> wrote:
> Most of the cerowrt folk are on cerowrt-devel.
> http://wiki.openwrt.org/doc/howto/vpn.openvpn has some doc on setting
> up openvpn on openwrt which mostly applies to cerowrt.
> Your internal hosts should be able to initiate a vpn connection
> through a cerowrt box, no problem.
> As for routing the vpn, you do have to allow the ips in with bcp38,
> among other things. If you post your route table here (or to a bug in
> the cerowrt database) perhaps that will show something.
> As for generating keys and CA on the router itself - well, it's safer,
> faster and there is more entropy if you do that on a separate box
> On Mon, Sep 22, 2014 at 7:18 AM, Eric Johansson <esj at eggo.org> wrote:
>> Install the latest cerowrt so far so good. I'm trying to set up Open VPN configuration on it. I need to set of one client connection and 1 server side connection.
>> On the client side, everything came up I can access from the cerowrt box but not from any machine on my internal network. I suspect there are firewall rules missing . Yes, I saw all the internal routes to all of the networks at the far end.
>> Any pointers would be appreciated.
>> On the server side, I'm not sure what to do exactly. I'm not thrilled about making a CA run on the cerowrt box. I'm tempted to run Tiny CA internally and move certificates over as needed. Suggestions are welcome.
>> Cerowrt-users mailing list
>> Cerowrt-users at lists.bufferbloat.net
> Dave Täht
> Cerowrt-devel mailing list
> Cerowrt-devel at lists.bufferbloat.net
More information about the Cerowrt-devel