Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Set up the OpenVPN on the DD-WRT Router - Part 2
Network Administration - This is the second part of the series that includes two introductions to how to set up the OpenVPN on the DD-WRT Router. A great way to set up secure connections for your network with the 'warriors' on the road or to connect remote offices. This cost-effective solution can support dozens or two VPN users.
Set up the OpenVPN on the DD-WRT Router - Part 1
In part 1 of the series, we uploaded the DD-WRT software onto the router, changed the router's IP address and subnet for several reasons and created SSL certificates for the server and OpenVPN client.
Now we will continue by enabling OpenVPN server and copying in SSL certificates. We will also enter startup scripts and firewalls. It will then configure the client and finally test it.
Configure OpenVPN Server
We can start configuring the OpenVPN server on the DD-WRT router. Start by connecting to the router. Enter the new IP address (192.168.2.1) into the web browser. Then activate and configure the server:
- Click Services > VPN .
- In the OpenVPN Daemon area, enable Start OpenVPN .
- With Start Type , select WAN Up .
With the boxes below, enter the contents of the certificate file specified below:
- Public Server Cert: ca.crt
- Certificate Revoke List: (left blank)
- Public Client Cert: server.crt. Do not enter the first part of the file. Like other components, start with ----- BEGIN CERTIFICATE ----- and end with ----- END CERTIFICATE ----- .
- Private Client Key: server.key
- DH PEM: dh1024.pem
- OpenVPN Config: (see below)
- OpenVPN TLS Auth: (left blank)
Open each certificate file in Notepad to view the content. Some files you can right-click, select Open With and Notepad . Some of you may have to open and then choose Notepad as the program is opened.
With the OpenVPN Config box, enter the following configuration parameters:
server modeproto udpport 1194dev tap0server-bridge 192.168.2.2 255.255.255.0 192.168.2.200 192.168.2.249keepalive 10 120daemonverb 5client-to-clientdh /tmp/openvpn/dh.pemca /tmp/openvpn/ca.crt/tmp/openvpn/cert.pem certkey /tmp/openvpn/key.pemmanagement localhost 5001
When you're done entering all this information, click Apply Settings .
Startup configuration and Firewall
At this point you must enter the boot script so that the server can start during boot. Then you must enter the firewall script so that the VPN traffic can pass. On the DD-WRT control panel, click Administration> Commands .
Paste the following paragraph and click Save Startup :
openvpn --mktun --dev tap0brctl addif br0 tap0ifconfig tap0 0.0.0.0 promisc upPaste the following and click Save Firewall:iptables -A INPUT -i tap0 -j ACCEPTiptables -I INPUT -p udp --dport 1194 -j ACCEPT
Restart the router
Now everything is set for the OpenVPN server on the router, restart it. You can do so by unplugging the router source for a few seconds or by going through the control panel by clicking the Administration tab and clicking the Reboot Router button at the bottom.
Configure the Windows client
Next, you must set up the clients, the computers you want to connect to the VPN server. Start by downloading and installing OpenVPN on each computer using Windows Installer.
Now open Notepad and paste into the following configuration parameters:
remote XXX.XXX.XXX.XXX 1194clientdev tap0proto udpresolv-retry infinitenobindpersist-keypersist-tunfloatca.crtclient1.crt certclient1.key keyns-cert-type server
Need to change the remote address in the preamble with the IP address of the WAN or the Internet. You can use a hostname, such as for a dynamic DNS service, if the Internet connection does not have a static IP. In addition, it is necessary to ensure the correct client certificate name and key.
Save the Notepad file with the .ovpn extension to the following location: C: Program FilesOpenVPNconfig. To save with another extension, you will have to change the Save as Type option on the Save from Text Files dialog box to All Files .
You must also copy the three lines below the line from the computer and the folder where you created the certificates (C: Program FilesOpenVPNeasy-rsakeys) to the client in the C: Program FilesOpenVPNconfig folder.
- ca.crt
- client1.crt
- client1.key
It should be noted that the names of each client certificate and key may be different; Select the correct name for each client.
Configure additional DD-WRT routers
If you want to connect offices together, you can set up DD-WRT secondary routers at other locations. It can then use its OpenVPN client to connect back to the VPN server you just configured. Configuring the client is completely simple, this is how to configure them:
- Click Services> VPN .
- With OpenVPN Client, click Enable .
- With the IP / Name Server , enter the WAN / Internet IP address or hostname of the DD-WRT router configuring OpenVPN Server.
With the boxes below, enter the contents of the certificate file specified below:
- Public Server Cert: ca.crt
- Public Client Cert: client1.crt. Do not enter the first part of the file. Like other components, start with ----- BEGIN CERTIFICATE ----- and end with ----- END CERTIFICATE ----- .
- Private Client Key: client1.key
Kiểm TRA
After you have completed the above steps, you can connect. If the OpenVPN GUI has not been loaded into the system tray, the bottom right corner of Windows, launch the program right now. Click Start> All Programs> OpenVPN> OpenVPN GUI .
Right-click the OpenVPN GUI icon in the system tray and select Connect .
You can now access the DD-WRT router and shared components on the local network, where OpenVPN server is residing.
Remember that you are connecting to a WAN or Internet address so you should connect from outside the DD-WRT router's local area network, for example from another location on the Internet.
If you want to test the server without moving to another location, connect to the DD-WRT router from the WAN / Internet port to the Ethernet port on another network or other router. Ensure that the DD-WRT router has a WAN IP address; Use this address in the OpenVPN configuration file on the test client. You can then access the other network and connect to the OpenVPN server. This way will simulate a connection from the Internet. When you're done and want to use it via the Internet, cancel the DD-WRT router connection and plug it directly into the Internet modem.
We can view the OpenVPN status and connections in DD-WRT by clicking Status> OpenVPN.
Jessica TannerYou should read it
- What is OpenVPN? OpenVPN client does the best
- Create a private Hotspot with DD-WRT
- How to Use Connectify Hotspot
- 5 ways to create WiFi when there is no Internet service provider
- Connect anywhere with OpenVPN and Tomato
- Hotspot Shield - Free VPN Software
- The difference between Tethering and Hotspot
- Download Hotspot Shield 10.9.4
May be interested
- 7 must-have features on a WiFi router
your internet router is arguably the most important part of your home or office network. and whether you realize it or not, it has a lot of features that you can take advantage of. - Explain the rule 30-30-30 when resetting the routertechnology enthusiasts have developed a so-called 30-30-30 rule when the hard reset router helps bring any router back to its original default settings.
- What is a router? Operating principle of Routerto better understand what a router is, let's take a look at the article below with huy khang. router is a device that spreads wifi waves to connect to many devices.
- Instructions to buy a Wi-Fi Routerin this article we will give you some tips on choosing the best router for your needs.
- Set up a new router using IP address 192.168.1.1192.168.1.1 ip address is often used by linksys broadband routers and sometimes by other router brands or home network gateway devices.
- Instructions for choosing the right Wi-Fi routerhow to choose a router to suit your needs? in this article we will give you some tips on choosing the best router for your needs.
- Does your router use IP address 10.0.0.1?the 10.0.0.1 ip address is a private ip address that can be used on a client device or assigned to a part of the network hardware as its default ip address.
- How to connect a Linksys router to another routercascading is a term used when connecting one router to another. in this case, the first router could be linksys or another provider and is called the primary router. the second router must be from linksys and called the secondary router.
- The router is not as safe as you thinkit all depends on whether your router is secure. here are 10 ways that your router may be exploited by hackers and other intruders.
- Design a small network with a broadband router (Last part)there are now more and more people willing to build a small network to divide data files or even connect to the internet. the network can be set up at your home or office and using a router, you can fully share your internet connection automatically.
LAN - WAN
- Windows User State Virtualization - Part 1: Technology and some problems
- IPSec Policy Agent security
- Check the TMG 2010 virtual private network server - Part 1: Overview of VPN configuration
- Check the TMG 2010 virtual private network server - Part 2: Configure TMG Firewall as the PPTP Remote Access VPN Server
- Comprehensive guide for home networking
- Optimize Apache server performance
Windows User State Virtualization - Part 1: Technology and some problems
IPSec Policy Agent security
Check the TMG 2010 virtual private network server - Part 1: Overview of VPN configuration
Check the TMG 2010 virtual private network server - Part 2: Configure TMG Firewall as the PPTP Remote Access VPN Server
Comprehensive guide for home networking
Optimize Apache server performance