I am running OpenVPN on my OpernWRT router in tun mode, similar as you.
To unblock the tun interface, I added these two lines to my iptables :
# allow tun to work
iptables -A input_rule -i tun+ -j ACCEPT
iptables -A forwarding_rule -i tun+ -j ACCEPT
Hope it helps.
I'm trying to get my Linksys WRT54G (v2) running OpenWRT/X-WRT. We use
username/password authentication against our AD Servers internally, if I
openvpn from the CLI on the Linksys I can connect no problem and access
any of the networks at my job with no problem.
If I try and access them from a client connected to the Linksys (i.e. my
laptop) it never gets there. A tcpdump on the tun0 interface does not
show any traffic being passed, so I'm sure it's just an iptables config
issue, but I can't seem to wrap my head around that convoluted syntax.
laptop: 192.168.127.150 (assigned via dhcp)
linksys: 192.168.127.1 (br0), xx.xx.xx.xx (vlan1), assigned via DHCP
openvpn server: some.public.ip, 192.168.88.1 (tun0), 192.168.1.88 (pcn0)
internal network at work: 192.168.1.0
>From the linksys I can ping 192.168.1.anything with no problems, but not
from the laptop.
Here is the output of "iptables-save" on the linksys (attached)
I've also attached the openvpn config file from the linksys as well and
the OpenVPN server.
If I OpenVPN in from the laptop it works fine as well, but I want to not
have to do that and have an "always on" site-to-site OpenVPN connection
between my Linksys and the OpenVPN server at work.
I don't really think it's an OpenVPN config issue, but an iptables
Thanks in advance,