Difference between revisions of "OpenVPN dd-wrt"

From BTGuard Wiki
Jump to: navigation, search
 
(16 intermediate revisions by the same user not shown)
Line 17: Line 17:
 
If you're having issues with OpenVPN, please try the [[PPTP_dd-wrt|PPTP method]].<br/>
 
If you're having issues with OpenVPN, please try the [[PPTP_dd-wrt|PPTP method]].<br/>
 
<br/>
 
<br/>
'''Check List''' <br/>
+
<u>'''Check List'''</u> <br/>
 
*Router must support OpenVPN. (big, mega or some std builds of the firmware)
 
*Router must support OpenVPN. (big, mega or some std builds of the firmware)
 
*Check both '''Model''' and '''Revision''' of your router to get the correct firmware.
 
*Check both '''Model''' and '''Revision''' of your router to get the correct firmware.
Line 37: Line 37:
 
   <div style="padding-left:5px;border-left:black 1px solid">
 
   <div style="padding-left:5px;border-left:black 1px solid">
 
   <p>
 
   <p>
 +
__NOTOC__
 
== Links for dd-wrt ==
 
== Links for dd-wrt ==
 
*[http://www.dd-wrt.com/ Main Website]
 
*[http://www.dd-wrt.com/ Main Website]
Line 44: Line 45:
 
*[http://www.dd-wrt.com/site/support/router-database Router Database (Searchable)]
 
*[http://www.dd-wrt.com/site/support/router-database Router Database (Searchable)]
 
*[http://www.dd-wrt.com/wiki/index.php/Installation Install Instructions: dd-wrt Firmware]
 
*[http://www.dd-wrt.com/wiki/index.php/Installation Install Instructions: dd-wrt Firmware]
*[ ]
+
<br/><br/>
<br/>
+
 
 
   </p>
 
   </p>
 
   </div>
 
   </div>
 
  </div>
 
  </div>
 
</div>
 
</div>
 +
 +
<div class="wrapper"><br/>
 +
----
 +
<br/></div>
  
  
Line 55: Line 60:
 
  <div class="wrapleft">    
 
  <div class="wrapleft">    
 
   <div class="left">
 
   <div class="left">
<span class="plainlinks">[http://wiki.btguard.com/images/b/ba/Openvpn_ddwrt_1.png http://wiki.btguard.com/images/b/ba/Openvpn_ddwrt_1.png]</span>
+
<span class="plainlinks">[https://wiki.btguard.com/images/b/ba/Openvpn_ddwrt_1.png https://wiki.btguard.com/images/b/ba/Openvpn_ddwrt_1.png]</span>
 
   </div>
 
   </div>
 
  </div>     
 
  </div>     
 
  <div class="right">
 
  <div class="right">
 
   <p>
 
   <p>
== Setup Instructions ==
+
== Setup Instructions Method 1==
 +
[[OpenVPN_dd-wrt#Setup Instructions Method 2|Setup Instructions Method 2]]<br/>
 +
<br/>
 
1. Connect to http://192.168.1.1/<br/>
 
1. Connect to http://192.168.1.1/<br/>
2. Click the '''Administration > Commands'''. <br/>
+
2. Click on '''Administration > Commands'''. <br/>
3. Copy the whole content of the [http://wiki.btguard.com/uploads/ddwrt_btguard.txt ddwrt_btguard.txt] file in the '''Command Shell'''.  
+
3. Copy the whole content of the [https://wiki.btguard.com/uploads/ddwrt_btguard.txt ddwrt_btguard.txt] file in the '''Command Shell'''.  
[http://wiki.btguard.com/uploads/ddwrt_btguard_startup_firewall.zip ZIP with both .txt files]<br/>
+
[https://wiki.btguard.com/uploads/ddwrt_btguard_startup_firewall.zip ZIP with both .txt files]<br/>
*'''ddwrt_btguard.txt''' Full Content:<br/>
+
*'''ddwrt_btguard.txt''' ''(Click below to select all)''<br/>
 
<html>
 
<html>
 
<textarea class="textarea" rows=6 cols=50  onclick="this.select()" readonly>
 
<textarea class="textarea" rows=6 cols=50  onclick="this.select()" readonly>
Line 78: Line 85:
  
 
CA_CRT='-----BEGIN CERTIFICATE-----
 
CA_CRT='-----BEGIN CERTIFICATE-----
MIIDcjCCAtugAwIBAgIJAPKjuBleHokmMA0GCSqGSIb3DQEBBQUAMIGDMQswCQYD
+
MIIDQTCCAimgAwIBAgIJAJV9QqE+ZzsXMA0GCSqGSIb3DQEBCwUAMBoxGDAWBgNV
VQQGEwJERTEVMBMGA1UECBMMSGVzc2UtTmFzc2F1MRIwEAYDVQQHEwlGcmFua2Z1
+
BAMMD3Zwbi5idGd1YXJkLmNvbTAeFw0yMDA4MDUxMzUzNDhaFw00MTAyMTYxMzUz
cnQxEDAOBgNVBAoTB0JUR3VhcmQxEzARBgNVBAMTCkJUR3VhcmQgQ0ExIjAgBgkq
+
NDhaMBoxGDAWBgNVBAMMD3Zwbi5idGd1YXJkLmNvbTCCASIwDQYJKoZIhvcNAQEB
hkiG9w0BCQEWE3N1cHBvcnRAYnRndWFyZC5jb20wHhcNMTAwODA3MDc0NTA5WhcN
+
BQADggEPADCCAQoCggEBAMxVmPrlfsHocRYR1D/kOj47ZRZDv2XG2Z5rkq1ode/a
MjAwODA0MDc0NTA5WjCBgzELMAkGA1UEBhMCREUxFTATBgNVBAgTDEhlc3NlLU5h
+
jMSV082EqKhhIE2o6f03abXhWe8VSoM2ZPoB0818x7WIYeoXzaHJQooZTyKjCpm2
c3NhdTESMBAGA1UEBxMJRnJhbmtmdXJ0MRAwDgYDVQQKEwdCVEd1YXJkMRMwEQYD
+
8Fz/XDvyShZpyKUZPjuoo9UxNWDEhnMHJegtL9ccJGXWRrbgUjvrOsiyiiAolftu
VQQDEwpCVEd1YXJkIENBMSIwIAYJKoZIhvcNAQkBFhNzdXBwb3J0QGJ0Z3VhcmQu
+
8MjSYRTveuARxMyIlMNAXMaG2r3H2tM1QGoDdCn6FaMBYl4JOExXsOtofjGcRxcb
Y29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4cBR6VLQICqdpTsjosIQ5
+
MLQLYkORwTwx7TGTacQizsFxg9pSF7jNQwgHtIjZ5fY6SLgmFHEFOaP0mbuHTF9I
9elQZSRNQFaxWW3MeRC1xpJqjkbLJ9B9IO/Q/UyOa4a3qYHg8rI43wIF/RR6bwNX
+
6e58ACbkJ4wuk4IVTXup80c8Zsr+yBFGM8pB5pqEBj0CAwEAAaOBiTCBhjAdBgNV
3sZ5w6TrdVBk0DFZq6lDQ8/4Kpg1dKbdAgJjvtxiyrHWFtB0jYVGTlxwBSPflc2J
+
HQ4EFgQUhHt2BX7StG7Op1OaZCosAicYJvMwSgYDVR0jBEMwQYAUhHt2BX7StG7O
RZDMAVVj83gQh8ODJeGjnwIDAQABo4HrMIHoMB0GA1UdDgQWBBQCj1U+EICMz8hF
+
p1OaZCosAicYJvOhHqQcMBoxGDAWBgNVBAMMD3Zwbi5idGd1YXJkLmNvbYIJAJV9
++KZ8Ld1vR0sqTCBuAYDVR0jBIGwMIGtgBQCj1U+EICMz8hF++KZ8Ld1vR0sqaGB
+
QqE+ZzsXMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA
iaSBhjCBgzELMAkGA1UEBhMCREUxFTATBgNVBAgTDEhlc3NlLU5hc3NhdTESMBAG
+
A4IBAQDB/OX+2GJB1Zql1DNVoQst1V/5y/AzKUclCpQb5VVpGU3hrXw1GD/HnVaU
A1UEBxMJRnJhbmtmdXJ0MRAwDgYDVQQKEwdCVEd1YXJkMRMwEQYDVQQDEwpCVEd1
+
Mwq8e+C9+FgJNXh0LtpOuksr7YD0IMie4h0rXh1U8tLk1Zh5gLcq5RPee/CK44Qs
YXJkIENBMSIwIAYJKoZIhvcNAQkBFhNzdXBwb3J0QGJ0Z3VhcmQuY29tggkA8qO4
+
E2X5BUdWfOyL4AkoBAvk2roy25plk4rlOLleUKsHl1qqXMB/o3n+o90pnRKsYZZ4
GV4eiSYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQAgVeYTxvAonucE
+
PAZGB39DDO9ANTX/CzRXC+GKpTnmEB5KiIJzuDCHI9HeEv9LTGMhZaCvSjJhPuA9
qWloEvzCCUWs8bS/HJ6M85WzG7FPNAXx2QbWwN3EMwKxtGc7QF8f+APoMukzsvd2
+
VuotY2nOSJ9jO/K7aa2Q9dXVbKXYWo29nq0EUGomo/WwzX8ABAP/RLyESDDIukFA
vuI+1n0YwtD12cWMM9PLV2FhA2B+ajzssBTgvrbtX/SzKt0//lzrBp5Gyo6T/vO5
+
T1Ip5RClcWgkxPlQdzCxhGJ5iEJ0
9KRb6DVfVWfB76+DLpTf9f3SLTgzKw==
+
 
-----END CERTIFICATE-----'
 
-----END CERTIFICATE-----'
  
Line 137: Line 143:
 
log btguard.log
 
log btguard.log
 
ca ca.crt
 
ca ca.crt
 +
cipher AES-256-CBC
 +
auth SHA512
 
mute-replay-warnings
 
mute-replay-warnings
 
daemon
 
daemon
Line 148: Line 156:
  
 
4. Type in your '''username''' and '''password'''. <br/>
 
4. Type in your '''username''' and '''password'''. <br/>
''Both username and password are case sensitive.'' <br/>
+
''Both username and password are case sensitive. Make sure not to add/forget Capital Letters. '' <br/>
 
''If UDP doesn't work, please type tcp instead of udp.'' <br/>
 
''If UDP doesn't work, please type tcp instead of udp.'' <br/>
 
5. Click on '''Save Startup'''. <br/>
 
5. Click on '''Save Startup'''. <br/>
Line 158: Line 166:
 
  <div class="wrapleft">    
 
  <div class="wrapleft">    
 
   <div class="left">
 
   <div class="left">
<span class="plainlinks">[http://wiki.btguard.com/images/e/ed/Openvpn_ddwrt_2.png http://wiki.btguard.com/images/e/ed/Openvpn_ddwrt_2.png]</span>
+
<span class="plainlinks">[https://wiki.btguard.com/images/e/ed/Openvpn_ddwrt_2.png https://wiki.btguard.com/images/e/ed/Openvpn_ddwrt_2.png]</span>
 
   </div>
 
   </div>
 
  </div>     
 
  </div>     
 
  <div class="right">
 
  <div class="right">
 
   <p>
 
   <p>
<br/><br/>6. Copy the whole content of the [http://wiki.btguard.com/uploads/ddwrt_firewall.txt ddwrt_firewall.txt] file in the '''Command Shell'''. <br/>
+
<br/><br/>6. Copy the whole content of the [https://wiki.btguard.com/uploads/ddwrt_firewall.txt ddwrt_firewall.txt] file in the '''Command Shell'''. <br/>
 
7. Click on '''Save Firewall''' <br/>
 
7. Click on '''Save Firewall''' <br/>
 
<br/>
 
<br/>
*'''ddwrt_firewall.txt''' Full Content:<br/>
+
*'''ddwrt_firewall.txt''' ''(Click below to select all)''<br/>
 
<html>
 
<html>
 
<textarea class="textarea" rows=6 cols=50  onclick="this.select()" readonly>
 
<textarea class="textarea" rows=6 cols=50  onclick="this.select()" readonly>
Line 175: Line 183:
 
</textarea>
 
</textarea>
 
</html>
 
</html>
 +
<br/>
 +
8. Now click on the '''Management tab''', go to the bottom of the page and click on '''Reboot Router'''.  <br/>
 +
<br/>
 +
Setup Complete! <br/>
 +
<br/>
 +
The router will reboot and it will take a couple minutes to finish setting everything up. <br/>
 +
  </p>
 +
</div>
 +
</div>
 +
 +
<div class="wrapper"><br/>
 +
----
 +
<br/></div>
 +
 +
 +
 +
<div class="wrapper">
 +
<div class="wrapleft">  
 +
  <div class="left">
 +
<span class="plainlinks">[https://wiki.btguard.com/images/openvpn_ddwrt2_1.png https://wiki.btguard.com/images/openvpn_ddwrt2_1.png]</span>
 +
  </div>
 +
</div>   
 +
<div class="right">
 +
  <p>
 +
== Setup Instructions Method 2==
 +
[[OpenVPN_dd-wrt#Setup Instructions Method 1|Setup Instructions Method 1]]<br/>
 +
<br/>
 +
 +
1. Connect to http://192.168.1.1/<br/>
 +
2. Click on '''Services > VPN'''. <br/>
 +
3. Enable '''OpenVPN Client'''and fill in the following:<br/>
 +
<br/>
 +
Server IP/Name: '''vpn.btguard.com'''<br/>
 +
Port: '''1194'''<br/>
 +
Tunnel Device: '''TUN'''<br/>
 +
Tunnel Protocol: '''UDP''' ''(switch to TCP if UDP doesn't work)''<br/>
 +
Encryption Cipher: '''AES-256-CBC'''<br/>
 +
Hash Algorithm: '''SHA512'''
 +
Leave '''nsCertType verification''' unchecked. <br/>
 +
Advanced Options: '''Enable'''<br/>
 +
TLS Cipher: '''None'''<br/>
 +
LZO Compression: '''Disabled'''<br/>
 +
NAT: '''Enable'''<br/>
 +
Firewall Protection: '''Disable'''<br/>
 +
Tunnel MTU setting: '''1500'''<br/>
 +
Tunnel UDP MSS-Fix: '''Disable'''<br/>
 +
Additional Config:<br/>
 +
'''auth-user-pass /tmp/openvpncl/user.conf'''<br/>
 +
'''persist-key'''<br/>
 +
'''persist-tun'''
 +
<br/>
 +
CA Cert:<br/>
 +
''(Click below to select all)''<br/>
 +
<html>
 +
<textarea class="textarea" rows=6 cols=50  onclick="this.select()" readonly>
 +
-----BEGIN CERTIFICATE-----
 +
MIIDQTCCAimgAwIBAgIJAJV9QqE+ZzsXMA0GCSqGSIb3DQEBCwUAMBoxGDAWBgNV
 +
BAMMD3Zwbi5idGd1YXJkLmNvbTAeFw0yMDA4MDUxMzUzNDhaFw00MTAyMTYxMzUz
 +
NDhaMBoxGDAWBgNVBAMMD3Zwbi5idGd1YXJkLmNvbTCCASIwDQYJKoZIhvcNAQEB
 +
BQADggEPADCCAQoCggEBAMxVmPrlfsHocRYR1D/kOj47ZRZDv2XG2Z5rkq1ode/a
 +
jMSV082EqKhhIE2o6f03abXhWe8VSoM2ZPoB0818x7WIYeoXzaHJQooZTyKjCpm2
 +
8Fz/XDvyShZpyKUZPjuoo9UxNWDEhnMHJegtL9ccJGXWRrbgUjvrOsiyiiAolftu
 +
8MjSYRTveuARxMyIlMNAXMaG2r3H2tM1QGoDdCn6FaMBYl4JOExXsOtofjGcRxcb
 +
MLQLYkORwTwx7TGTacQizsFxg9pSF7jNQwgHtIjZ5fY6SLgmFHEFOaP0mbuHTF9I
 +
6e58ACbkJ4wuk4IVTXup80c8Zsr+yBFGM8pB5pqEBj0CAwEAAaOBiTCBhjAdBgNV
 +
HQ4EFgQUhHt2BX7StG7Op1OaZCosAicYJvMwSgYDVR0jBEMwQYAUhHt2BX7StG7O
 +
p1OaZCosAicYJvOhHqQcMBoxGDAWBgNVBAMMD3Zwbi5idGd1YXJkLmNvbYIJAJV9
 +
QqE+ZzsXMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA
 +
A4IBAQDB/OX+2GJB1Zql1DNVoQst1V/5y/AzKUclCpQb5VVpGU3hrXw1GD/HnVaU
 +
Mwq8e+C9+FgJNXh0LtpOuksr7YD0IMie4h0rXh1U8tLk1Zh5gLcq5RPee/CK44Qs
 +
E2X5BUdWfOyL4AkoBAvk2roy25plk4rlOLleUKsHl1qqXMB/o3n+o90pnRKsYZZ4
 +
PAZGB39DDO9ANTX/CzRXC+GKpTnmEB5KiIJzuDCHI9HeEv9LTGMhZaCvSjJhPuA9
 +
VuotY2nOSJ9jO/K7aa2Q9dXVbKXYWo29nq0EUGomo/WwzX8ABAP/RLyESDDIukFA
 +
T1Ip5RClcWgkxPlQdzCxhGJ5iEJ0
 +
-----END CERTIFICATE-----'
 +
</textarea>
 +
</html>
 +
<br/>
 +
 +
4. Hit Save. <br/>
 +
 +
 +
<br/>
 +
<br/>
 +
  
 
   </p>
 
   </p>
 
  </div>
 
  </div>
 
</div>
 
</div>
 +
 +
  
 
<div class="wrapper">
 
<div class="wrapper">
 
  <div class="wrapleft">    
 
  <div class="wrapleft">    
 
   <div class="left">
 
   <div class="left">
<span class="plainlinks">[http://wiki.btguard.com/images/d/d9/Openvpn_ddwrt_3.png http://wiki.btguard.com/images/d/d9/Openvpn_ddwrt_3.png]</span>
+
<span class="plainlinks">[https://wiki.btguard.com/images/openvpn_ddwrt2_2.png https://wiki.btguard.com/images/openvpn_ddwrt2_2.png]</span>
 
   </div>
 
   </div>
 
  </div>     
 
  </div>     
 
  <div class="right">
 
  <div class="right">
 
   <p>
 
   <p>
8. Your settings should look like this. <br/>
+
5. Click on '''Administration > Commands'''. <br/>
''Please make sure your username and password are typed in correctly! Both are case sensitive.'' <br/>
+
6. Copy the following in the '''Commands''' window. <br/>
9. Now click on the '''Management tab''', go to the bottom of the page and click on '''Reboot Router'''. <br/>
+
<html>
<br/>
+
<textarea class="textarea" rows=6 cols=50  onclick="this.select()" readonly>
Setup Complete! <br/>
+
echo "Username
  <br/>
+
Password" > /tmp/openvpncl/user.conf
The router will reboot and it will take it a minute or two to finish setting everything up. <br/>
+
</textarea>
 +
</html>
 +
 
 +
Replace '''Username''' and '''Password''' with yours.<br/>
 +
 
 +
''Both username and password are case sensitive. Make sure not to add/forget Capital Letters. '' <br/>
 +
<br/>
 +
7. Click on '''Save Startup'''. <br/>
 +
 
 +
<br/>
 +
<br/>
 +
 
 +
 
 +
  </p>
 +
</div>
 +
</div>
 +
 
 +
 
 +
 
 +
<div class="wrapper">
 +
<div class="wrapleft">  
 +
  <div class="left">
 +
<span class="plainlinks">[https://wiki.btguard.com/images/openvpn_ddwrt2_3.png https://wiki.btguard.com/images/openvpn_ddwrt2_3.png]</span>
 +
  </div>
 +
</div>   
 +
<div class="right">
 +
  <p>
 +
8. Now click on the '''Management tab''', go to the bottom of the page and click on '''Reboot Router'''.  <br/>
 +
The router will reboot and it will take a couple minutes to finish setting everything up. <br/>
 +
9. Click on '''Status > OpenVPN''' to check if you're connected. <br/>
 +
 
 +
<br/>
 +
<br/>
 +
 
  
 
   </p>
 
   </p>
 
  </div>
 
  </div>
 
</div>
 
</div>

Latest revision as of 21:44, 5 August 2020

PLEASE READ THROUGH THIS WHOLE ARTICLE!
You risk breaking your router when using a custom firmware!
Proceed carefully and make sure your router is compatible!

INFORMATION & REQUIREMENTS

These instructions are ONLY for users who already have a dd-wrt compatible router flashed with the latest version of the firmware. If you haven't flashed your router, please check the links on the right. Make sure your router is supported and read through the dd-wrt instructions to flash your device.

Router used for this tutorial: D-Link DIR-825 rev. B2 was used,Firmware: DD-WRT v24-sp2 (05/27/13) std build 21676.

If you're having issues with OpenVPN, please try the PPTP method.

Check List

  • Router must support OpenVPN. (big, mega or some std builds of the firmware)
  • Check both Model and Revision of your router to get the correct firmware.
  • Router must be configured to connect to the internet. (connected to modem through WAN port)
  • Firewall on modem must be off.
  • Time & Date & Time Zone on the router must be set correctly. (Setup > Basic Setup > Time Settings)

WARNING!
Only big, mega and some std builds of dd-wrt support OpenVPN.
mini and micro builds will not work with OpenVPN!




Openvpn_ddwrt_1.png

Setup Instructions Method 1

Setup Instructions Method 2

1. Connect to http://192.168.1.1/
2. Click on Administration > Commands.
3. Copy the whole content of the ddwrt_btguard.txt file in the Command Shell. ZIP with both .txt files

  • ddwrt_btguard.txt (Click below to select all)

4. Type in your username and password.
Both username and password are case sensitive. Make sure not to add/forget Capital Letters.
If UDP doesn't work, please type tcp instead of udp.
5. Click on Save Startup.

Openvpn_ddwrt_2.png



6. Copy the whole content of the ddwrt_firewall.txt file in the Command Shell.
7. Click on Save Firewall

  • ddwrt_firewall.txt (Click below to select all)

8. Now click on the Management tab, go to the bottom of the page and click on Reboot Router.

Setup Complete!

The router will reboot and it will take a couple minutes to finish setting everything up.




openvpn_ddwrt2_1.png

Setup Instructions Method 2

Setup Instructions Method 1

1. Connect to http://192.168.1.1/
2. Click on Services > VPN.
3. Enable OpenVPN Clientand fill in the following:

Server IP/Name: vpn.btguard.com
Port: 1194
Tunnel Device: TUN
Tunnel Protocol: UDP (switch to TCP if UDP doesn't work)
Encryption Cipher: AES-256-CBC
Hash Algorithm: SHA512 Leave nsCertType verification unchecked.
Advanced Options: Enable
TLS Cipher: None
LZO Compression: Disabled
NAT: Enable
Firewall Protection: Disable
Tunnel MTU setting: 1500
Tunnel UDP MSS-Fix: Disable
Additional Config:
auth-user-pass /tmp/openvpncl/user.conf
persist-key
persist-tun
CA Cert:
(Click below to select all)

4. Hit Save.






openvpn_ddwrt2_2.png

5. Click on Administration > Commands.
6. Copy the following in the Commands window.
Replace Username and Password with yours.
Both username and password are case sensitive. Make sure not to add/forget Capital Letters.

7. Click on Save Startup.



openvpn_ddwrt2_3.png

8. Now click on the Management tab, go to the bottom of the page and click on Reboot Router.
The router will reboot and it will take a couple minutes to finish setting everything up.
9. Click on Status > OpenVPN to check if you're connected.


Retrieved from "https://wiki.btguard.com/index.php?title=OpenVPN_dd-wrt&oldid=2477"