Works well. Extremely stable router; much better with openVPN included in firmware update a couple of years ago.
Nice to see the Certificate generating changes in recent firmware, too.
Question - can I log more security information or increase security?
I note very little info in logs. Each day, I see 2 or 3 abusive IPs in the 'system log' and almost nothing in the 'security log'. example
I presume nothing is successful, or I'd see a ' pool returned IPv4=x.x.0.26, IPv6=(Not enabled)'Jan 28 10:31:39 daemon notice openvpn[20288]: TCP connection established with [AF_INET]156.251.172.117:43188
Jan 28 10:31:39 daemon warn openvpn[20288]: 156.251.172.117:43188 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1556 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition c
Jan 28 10:31:40 daemon notice openvpn[20288]: TCP connection established with [AF_INET]156.251.172.117:44138
Is it possible to log more information? Changing [configuration > system > configure log] from 'informational' to 'debugging' doesn't help.
I'd particularly like to see attempts to log into the VPN. If I log in, all I get in 'security log' is:
J
...not even a log of the VPN account I logged into.an 28 23:21:10 kern info kernel: PacketFilter: Forward TCP packet from [pppoa0] 2xx.20x.xxx.8:41496 to xx.9.xx.xx:1xx4 (x=redcated)
Are there any other security recomendations? I realise I could limit IP ranges, but mobile providers seem to have such a range; certainly can't find a reliable set of ranges for EE.