openvpn server + ddwrt openvpn client

  • Hello all,

    I have a pfsense server with a single nic in use just as an Openvpn server.
    This server is placed in my local lan (
    my router has udp:1150 opened to the outside world (port 1150 is being used for this openvpn server)

    I also have a ddwrt router (cisco wrt160n v3 ddwrt: build 21061) that i want to use as a site to site vpn.

    as configured now the cisco can connect to the pfsense box, so that part of the thing works....

    The thing now: I cannot ping / reach networks on the other side..
    so pinging from local to remote fails and vice versa

    in the pfsense firewall alle traffic coming in is allowed

    Can someone tell me what am doing wrong: i have been struggling with this for 2 months now and am an bit fed up with it.....

    network lay out:

    home network: 192.168.0.x /
    tunnel network: (want to change this to 192.168.66.x in the future)
    remote (cisco router) /

    server config:
    port 1150
    interface wan
    protocol udp
    shared key

    ipv4 tunnel network:
    remote ipv4:

    Custom options:

    client side:


    Move to writable directory and create scripts

    cd /tmp
    ln -s /usr/sbin/openvpn /tmp/myvpn

    Config for Site-to-Site wrt160n1-Home

    echo "

    here you would specify your pfsense WAN IP

    remote Home Wan
    proto udp
    port 1150
    dev tun1
    secret /tmp/static.key
    verb 3
    keepalive 15 60
    cipher AES-256-CBC #needed !!!!
    " > wrt160n1-Home.conf

    Config for Static Key

    echo "

    2048 bit OpenVPN static key

    -----BEGIN OpenVPN Static key V1-----
    -----END OpenVPN Static key V1-----
    " > static.key

    Create interfaces

    /tmp/myvpn --mktun --dev tun1
    ifconfig tun1 netmask promisc up

    Create routes

    route add netmask gw
    route add netmask gw

    Initiate the tunnel

    sleep 5
    /tmp/myvpn --config wrt160n1-Home.conf


    iptables -I INPUT 2 -p udp --dport 1150 -j ACCEPT
    iptables -I FORWARD -i br0 -o tun1 -j ACCEPT
    iptables -I FORWARD -i tun1 -o br0 -j ACCEPT

    iptables -I INPUT 3 -i tun1 -p icmp -j ACCEPT
    iptables -I INPUT 1 -i tun1 -p tcp --dport 80 -j ACCEPT
    ptables -I INPUT 3 -i tun1 -p icmp -j ACCEPT
    iptables -I INPUT 1 -i tun1 -p tcp --dport 80 -j ACCEPT
    iptables -t nat -A POSTROUTING -j MASQUERADE

    The clientside config is something i found online and worked perfectly when the pfsense box is the firewall / router

    (ps. i have my reasons to use my router as a router and not the pfsense box)

    Thnks for your time ;)

  • on pfSense which is the server and the DDWRT is the client you need to add this part on the pfSense client override

 is my openvpn server and the is my LAN which is behind pfSense change the IP depending to your config

Log in to reply