DD-WRT OpenVPN

I need to VPN back to home, it looks like with the DD-WRT firmware load on a Linksys WRT-54GL, this is quite doable. Here are the steps:

* “Install DD-WRT”:http://www.dd-wrt.com/wiki/index.php/Index:Install. This is open source firmware for the popular Linksys WRT-54GL router. These routers have 4MB of nvRAM and can run a nice version of Linux. Its a little complicated, you have to first load in the mini version of DD-WRT, then the VPN version.
* “Configure OpenVPN”:http://www.geek-pages.com/articles/latest/openvpn_server_and_client_on_dd-wrt_–_bridged.html. This is an open source project that turns your home router into a VPN server, pretty neat actually gives a good overview. The only problem with these instructions is that it assumes you can use JFSS (journaled file system) which only works “WRT54GS Version 3 or lower”:http://www.dd-wrt.com/wiki/index.php/JFFS_File_System routers with more memory
* “DD-WRT OpenVPN”:http://www.dd-wrt.com/wiki/index.php/OpenVPN#Server_mode_with_Static_Key. These instructions are work with any WRT54G v3 or WRT54GL where you put the key for the VPN into the script itself. The only change is that to create the key, you can telnet to your router and run the _openvpn –genky –secret static.key” command there instead of having to load the Windows verson of Openvpn.
* “BSR-Clan.de”:http://forum.bsr-clan.de/ftopic5111.html has specific instructions on how to get this working on a low memory WRT54G v4
* “Windows OpenVPN Client”:http://www.osnews.com/story.php/5803/Introduction-to-OpenVPN/page2/. YOu do need to load OpenVPN on each machine, it is SSL based and Windows doesn’t have a built in client for it. You get it from “Openvpn.net”:http://openvpn.net

Here are the instructions that seem to work, it is the simplest in that it uses a single key and only allows a single client to login, which is all I need:

1. Create a static key by downloading “OpenVPN”:http://openvpn.net and on Windows running Start/OpenVPN/Generate a static OpenVPN Key which dumps it into _c:\program files\openvpn\configs\key.txt_
2. Go to your routers web page (typically at “http://192.168.1.1”:http://192.168.1.1) and go to Administration/Commands and enter into the Commands text box and click on Save firewall
bq. iptables -I INPUT 1 -p tcp –dport 443 -j ACCEPT
3. Now enter the code below and insert the text from key.txt into the echo command and click on Save Startup

openvpn –mktun –dev tap0
brctl addif br0 tap0
ifconfig tap0 0.0.0.0 promisc up
echo “
—–BEGIN OpenVPN Static key V1—–
…INSERT YOUR OWN KEY.TXT HERE…
—–END OpenVPN Static key V1—–
” > /tmp/static.key
ln -s /usr/sbin/openvpn /tmp/myvpn
/tmp/myvpn –dev tap0 –secret /tmp/static.key –comp-lzo –port 443 –proto tcp-server –verb 3 –daemon

4. Reboot the router and go to the web interface Administration/Commands and look for mypvn when you type in
5. Because your router is probably on an ISP with rotating, connection, create an account at “dyndns.org”:http://dyndns.org so that you get a DNS address for your home that looks like “myhome”.dyndns.org
6. Create an openvpn config file on your client computer (see the openvpn instructions)

# Use the following for simple connections:
remote XXXX.dyndns.org
port 443
dev tap
secret key.txt
proto tcp-client
comp-lzo
7. Start Openvpn on your windows machine and click connect.
bq. ps | grep vpn

2 responses to “DD-WRT OpenVPN”

  1. Steve Avatar

    I just setup DD-WRT (DD-WRT v23 SP2 vpn) on a Linksys WRT54GL with OpenVPN in tunnel mode. It’s setup for road warrior access which means I can have multiple users with their own unique certificates log in. It’s working great so far.

    http://blog.zenone.org/2008/01/openvpn-and-dd-wrt-on-linksys-wrt54gl.html

  2. steve Avatar

    You should give Hamachi a try; it’s a MUCH easier (and more powerful) solution.

    Cheers,
    Steve

I’m Rich & Co.

Welcome to Tongfamily, our cozy corner of the internet dedicated to all things technology and interesting. Here, we invite you to join us on a journey of tips, tricks, and traps. Let’s get geeky!

Let’s connect

Recent posts

Loading Mastodon feed…