Eric: Most of the cerowrt folk are on cerowrt-devel.
http://wiki.openwrt.org/doc/howto/vpn.openvpn has some doc on setting up openvpn on openwrt which mostly applies to cerowrt. Your internal hosts should be able to initiate a vpn connection through a cerowrt box, no problem. As for routing the vpn, you do have to allow the ips in with bcp38, among other things. If you post your route table here (or to a bug in the cerowrt database) perhaps that will show something. As for generating keys and CA on the router itself - well, it's safer, faster and there is more entropy if you do that on a separate box entirely. On Mon, Sep 22, 2014 at 7:18 AM, Eric Johansson <[email protected]> wrote: > Install the latest cerowrt so far so good. I'm trying to set up Open VPN > configuration on it. I need to set of one client connection and 1 server side > connection. > > On the client side, everything came up I can access from the cerowrt box but > not from any machine on my internal network. I suspect there are firewall > rules missing . Yes, I saw all the internal routes to all of the networks at > the far end. > > Any pointers would be appreciated. > > On the server side, I'm not sure what to do exactly. I'm not thrilled about > making a CA run on the cerowrt box. I'm tempted to run Tiny CA internally and > move certificates over as needed. Suggestions are welcome. > _______________________________________________ > Cerowrt-users mailing list > [email protected] > https://lists.bufferbloat.net/listinfo/cerowrt-users -- Dave Täht https://www.bufferbloat.net/projects/make-wifi-fast _______________________________________________ Cerowrt-devel mailing list [email protected] https://lists.bufferbloat.net/listinfo/cerowrt-devel
