Viscosity will not route to lan devices on a Tomato server

Got a problem with Viscosity or need help? Ask here!

zzz2580

Posts: 2
Joined: Tue Sep 25, 2018 6:39 pm

Post by zzz2580 » Tue Sep 25, 2018 6:56 pm
My Viscosity to version 1.7.11.
My Tomato Router Version is 1.28.
My home LAN is 10.100.1.0/24 with the router at 10.100.1.1.
OpenVPN subnet/netmask is 10.8.0.0 and 255.255.255.0.

I followed Sparklab's instructions about how to configure the Tomato's OpenVPN Server and a Viscosity Client:
https://www.sparklabs.com/support/k...n ... viscosity/

My OpenVPN clients are able to connect with Viscosity to my Tomato's OpenVPN Server. They get an IP number 10.8.0.6. Tomato's -> VPN Tunneling -> OpenVPN Server -> Server 1 -> Status will register a client when connected. However, there is NO ROUTING across the OpenVPN connection!

At first, I focused on the Tomato Router as the problem. Unlike GLuDeRo's post here:
http://www.linksysinfo.org/index.php?th ... ice.72806/
My clients cannot ping 10.100.1.1 nor any other device on 10.100.1.0/24.
When I connect a second client at 10.8.0.10, neither client can ping each other.

I tried configuring a Tomato -> Administration -> Scripts -> Firewall script like GLuDeRo suggested. It didn't make a difference for me:
iptables -t nat -I POSTROUTING -s 10.8.0.0/24 -o br0 -j SNAT --to $(nvram get lan_ipaddr)

Based on someone else's post somewhere, I tried this firewall script without success:
iptables -I FORWARD -s 10.8.0.0/24 -d 10.100.1.0/24 -j DROP

Here is my Tomato Routing Table. Everything looks reasonable:
https://drive.google.com/file/d/1AqsvMd ... sp=sharing

From Tomato's -> Tools -> Ping, I cannot ping a client like 10.8.0.6. However, I can ping 10.8.0.1.
From the client, I cannot Ping 10.8.0.1 nor can it even ping itself, 10.8.0.6.
Based on this one small but unreliable test, I tend to think the problem is with Viscosity.

The problem occurs whether Viscosity is running on a Mac or PC.
"Send all traffic over VPN connection" doesn't make a difference.
I have entered my Lan's Default Gateway in Viscosity without routing success.

Can someone make some suggestions for me as to a possible solution to this routing problem? Maybe I need to set a static route in Viscosity?

I'll be happy to provide more information if requested.

Rob

Eric

User avatar
Posts: 1146
Joined: Sun Jan 03, 2010 3:27 am

Post by Eric » Wed Sep 26, 2018 12:03 pm
Hi Rob,

Please start by checking the log in Viscosity. It sounds like you have an issue with mismatched compression, probably because the version of OpenVPN in Tomato is quite old, please disable compression on both client and server side. The following articles should help:

https://sparklabs.com/support/kb/articl ... envpn-log/
https://sparklabs.com/support/kb/articl ... ader-byte/

Regards,
Eric
Eric Thorpe
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs

zzz2580

Posts: 2
Joined: Tue Sep 25, 2018 6:39 pm

Post by zzz2580 » Thu Sep 27, 2018 10:37 am
Eric,

The compression setting was the problem!

"Adaptive" on Tomato and "Automatic" on Viscosity are incompatible.

"Disabled" on Tomato and "Off" on Viscosity works great!

Thanks you!
Rob
3 posts Page 1 of 1