OpenVPN on DD-WRT v.24 SP1 doesn’t start on reboot

At home I use a router flashed with DD-WRT v.24 SP1 with OpenVPN support to connect to the office private network. I upgraded from v.23 SP2 a few months ago. When I did so, I discovered that OpenVPN doesn’t seem to start automatically. Let’s fix it.

Enabling syslog and collecting it at my laptop, I discovered that OpenVPN actually seems to crash or be killed.

Feb  4 08:00:41 192.168.0.1 openvpn[1238]: Re-using SSL/TLS context
Feb  4 08:00:41 192.168.0.1 openvpn[1238]: LZO compression initialized

After this point it would just hang. Normally you’d see more:

Feb  4 08:47:07 192.168.0.1 openvpn[3906]: UDPv4 link local: [undef]
Feb  4 08:47:07 192.168.0.1 openvpn[3906]: UDPv4 link remote: 10.0.0.1:1194
Feb  4 08:47:12 192.168.0.1 openvpn[3906]: [aegir] Peer Connection Initiated with 10.0.0.1:1194
Feb  4 08:47:14 192.168.0.1 openvpn[3906]: TUN/TAP device tun0 opened
Feb  4 08:47:14 192.168.0.1 openvpn[3906]: /sbin/ifconfig tun0 10.1.0.30 pointopoint 10.1.0.29 mtu 1500
Feb  4 08:47:15 192.168.0.1 openvpn[3906]: Initialization Sequence Completed

DD-WRT v.24 seems to have some new features that allow you to apply changes from the web frontend without rebooting the entire OS, but the networking layer restarts. I’m guessing that when this happens OpenVPN is not invited to restart. I hope the devs fix this, but in the mean time I have my own solution.

Login to the web interface and go to Administration -> Commands. Save this as your new Firewall command list (which is run each time you restart networking):

# start openvpn again if failed
(sleep 30 && (ps | grep openvpn | grep -v grep || openvpn --config /tmp/openvpncl/openvpn.conf --route-up /tmp/openvpncl/route-up.sh --down /tmp/openvpncl/route-down.sh --daemon))&

This command waits 30 seconds after restarting networking and checks for the existence of an openvpn process. If it does not find one, it starts it using the same command line as DD-WRT would normally use if the VPN were working. The VPN will now connect within the first minute after rebooting the router.

Tags: ,

  1. Ray Lee’s avatar

    ps | grep openvpn | grep -v grep can be replaced by a pgrep openpvn, if you have pgrep available…

    Reply

    1. tyler’s avatar

      DD-WRT provides only busybox and a few other executables. The reason I’m using grep at all is because the busybox ‘ps’ doesn’t even support switches.

      Reply

    2. tyler’s avatar

      It’s not in the filesystem of the standard v.24 SP1 + OpenVPN build (for 4MB flash).

      Reply

    3. Ray Lee’s avatar

      Hmm, is it not compiled the default BusyBox they provide? DD-WRT’s SVN shows that pgrep should be part of it, as of 8 months ago:

      http://svn.dd-wrt.com:8000/dd-wrt/browser/src/router/busybox/procps/pgrep.c?rev=9739

      Reply

    4. Chris’s avatar

      Hi! I find that with v24sp1, the VPN connection sometimes terminates while the router is apparently still connected to the Internet [though since I use my VPN provider’s DNS server, nothing works client-side]. No amount of fiddling with the router will seem to bring the openVPN back up. The longest stretch I’ve managed to keep the connection up is 2 hours. Having to reboot every two hours is more than a little annoying..

      I just added this line into my firewall script and hope it works.

      Reply

    5. Tomi’s avatar

      Hi! I add and save commands: sleep 20 in the Startup

      cd /tmp/openvpn
      sleep 20
      openvpn –config openvpn.conf –daemon

      I add and save commands,e.g.:
      /usr/sbin/iptables -I INPUT -p udp –dport 1194 -j ACCEPT
      in firewall
      Sorry, my English is not very well.

      Reply

    6. samtruman’s avatar

      If i put the # start openvpn again if failed script in firewall script my router doesn’t response after reboot, if i put it on startup script it’s all ok…

      Reply

    7. john’s avatar

      Hi there,
      How to apply this to PPTP situation? please advice. I have same problem but I am using pptp instead of Openvpn. I don’t know the command line. Thanks in advance

      Reply

      1. Tyler Wagner’s avatar

        Sorry, I have no idea what commands are started by pptp. Start by logging in via SSH to the device and using “ps” to see what is running while the PPTP link is up. One of those will be what you need.

        Reply

      2. Andreas’s avatar

        I just want to say thank you very much for this script. I have spent hours upon hours looking for a fix and this solved it for me. I sincerely appreciate this.

        Reply

Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.