Hi!
I didn't find Openvpn in the stable and unstable feed, so I compiled it.
This is my first ipkg so it is really unstable and please, be tolerant
I tried it on my SL-6000 and it seems to work.

First I've to compile with the --disable-lzo in configure,
because can't find compression library. Any suggestion?

After installed,

# modprobe tun

the following dev and symlink are created

# ls -al /dev/net/tun*
lr-xr-xr-x 1 root root 12 Jul 4 17:57 /dev/net/tun -> misc/net/tun

I don't know if it's a bug, but openvpn didn't work, so I modified:
# ln -s /dev/misc/net/tun /dev/net/tun

Now:
# ls -al /dev/net/tun*
lr-xr-xr-x 1 root root 17 Jul 4 18:08 /dev/net/tun -> /dev/misc/net/tun

and it's ok.

I put conf files in /etc/openvpn and start with /etc/rc.d/init.d/openvpn start.

I make some tests....

tun0 Link encap:Point-to-Point Protocol
inet addr:10.8.0.4 P-t-P:10.8.0.3 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:30 errors:0 dropped:0 overruns:0 frame:0
TX packets:40 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:4097 (4.0 Kb) TX bytes:4216 (4.1 Kb)

# ping 10.8.0.3
PING 10.8.0.3 (10.8.0.3): 56 octets data
64 octets from 10.8.0.3: icmp_seq=0 ttl=64 time=9.6 ms
64 octets from 10.8.0.3: icmp_seq=1 ttl=64 time=9.1 ms
....

Max

Sweet - thanks for the package. I installed it last night and could get connected with no problems. The only problem is my routes don't seem to be working like they should. I can not ping my P-T-P.

It could be something wrong with another thin, and I have only tried UDP traffic instead of TCP. I'll keep messing with things today and see if I can get any further. If you can think of anything off hand that I might be missing let me know.

I'm using a 6000 BTW.

Uhm... Have you looked at /var/log/messages ?? And route -n ?

I'm using a very simple configuration:

on the client:
#/etc/openvpn/vpn.conf

remote my.remote.server 65024
proto udp
dev tun
ifconfig 10.8.0.4 10.8.0.3
secret /etc/openvpn/mykey.key
#comp-lzo Should be fixed with the lzo library enabled!!!
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
user nobody
group nobody
daemon

on the server:
#/etc/openvpn/vpn.conf

dev tun
daemon
port 65024
proto udp
ifconfig 10.8.0.3 10.8.0.4
secret mykey.key
#comp-lzo
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
user nobody
group nogroup #check the correct group name!

My routes look just fine with gateways and subnets. I'm wondering if it's an lzo thing though like you stated in your first post.

If I do a tcpdump -i tun0 I get the following when I ping from the Openvpn server itself:

IP15 bad-len 0
IP15 bad-len 0
IP15 bad-len 0
IP15 bad-len 0
.
.
.
IP15 bad-len 0


I'm going to disable lzo on the server and see if that is what's causing my problem next.

I think lzo on server must be disabled! I had to compile without the lzo support and when I tried to connect it didn't work until i disabled comp-lzo on both sides. But this was pointed out by openvpn log!
I'll try to add the lzo library support recompiling the package...

I look forward to having openvpn 2.0 with lzo support.. my c1000 is on its way...

thanks a lot!

Juz

Yeah, it's LZO that causes the problem on the server side. Problem is I have to keep that on there since I have 30-40 others connecting to it throughout the day.

Other then that it looks really close and thanks for all the work.

Hi,

sorry for the late reply, but I currently have very little spare time for my Zaurus .

As to OpenVPN:
for LZO you need the LZO library and headers. The source can be found at http://www.oberhumer.com/opensource/lzo. It compiles fine under pdaxrom.
I hope the upload of my ipkgs of LZO (libraries only) and OpenVPN 2.0 with LZO (only the binary) works.

To get OpenVPN to run on my C-860 I had to do the following:

Add the following lines to /etc/devfsd.conf
# Create correct /dev/net/tun symlink
REGISTER ^misc/net/tun$ CFUNCTION GLOBAL unlink net/tun
REGISTER ^misc/net/tun$ CFUNCTION GLOBAL symlink /dev/$devname net/tun
UNREGISTER ^misc/net/tun$ CFUNCTION GLOBAL unlink net/tun

Add the following lines to /etc/modules.conf:
# tap device configuration
alias char-major-10-200 tun
alias tap0 tun
alias tap1 tun
alias tap2 tun
alias tap3 tun
alias tap4 tun
alias tap5 tun
alias tap6 tun
alias tap7 tun
alias tap8 tun
alias tap9 tun
alias tap10 tun
alias tap11 tun
alias tap12 tun
alias tap13 tun
alias tap14 tun
alias tap15 tun

Have fun ;-)
Click to view attachmentClick to view attachment

Thanks Olaf!

it works fine! I took your openvpn package and added the init.d script and the /etc/openvpn dir.

Now it seems complete, waiting for other feedback...

Super fine.
Been waitin long time for the right wifi security solution, this is it folks! Easy too!

Processing overhead is minimal, connection rock solid, works on pdaxrom, os x, linux, obsd...ovpn rules. Wake z, vpn auto-nogotiates, it's surf-ready immediately without any intervention. Good stuff.

thanks fo the pkg