I hope someone can help me out, as I've been banging my head against the wall here for ages. I've not got much experience with iptables, routes, or VPNs, so I may need some stuff explaining to me.
I've got an account with KryptoTel for their VPN service and have been using it fine from my Windows 7 laptop, it uses the following configuration:
client dev tun proto tcp port 80 remote 126.96.36.199:80 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert 280044.crt key 280044.key ns-cert-type server cipher AES-256-CBC comp-lzo verb 3
I want to get this running on my Netgear WNR3500L v2 router which I have connected to my cable modem in Gateway mode (default? Router mode doesn't seem to work anyway). I have the router setup on 192.168.5.1 and the remainder 192.168.5.2-255 are assigned via DHCP for the rest of my local LAN.
I've managed to get the OpenVPN client to connect and it appears to be setting everything up as expected, however when it actually comes to sending/receiving data it fails dismally. I can see in the OpenVPN status screen that the TCP/UDP read/write bytes are incrementing, but the TUN/TAP read/write bytes all remain at zero. The auth read bytes appear to increase too, but very slowly. I believe there's something wrong with either the routes or the iptables that get setup after the connection is established. But like I say I barely understand any of this stuff so I've really no idea.
I've put up my iptables —list results and my route -n results and and the a log plus some example pings to show you whats happening here at the url below (sorry for bad linking, have no karma apparently).
httpslashslash ciety.net slash files slash routerInfo
I've contacted KryptoTel and asked them to figure it out and while they were very helpful and had an engineer remote login to the router for a couple of hours, they didn't get very far either. I've since followed up with them and they've said that they tried a tomatousb configured router in-house and couldn't get it going either.
So I'm at a bit of a loss now. If anyone could suggest anything I'd much appreciate it.