Setting up an OpenVPN Client on a DD-WRT Router Setup Manually

I ‘d been tinkering around with my dd-wrt router setup (Buffalo WZR HP G450H) for a while through the GUI on the latest (23000+) build from June 2014, and couldn’t get it to work for the love of God.

Anyhow, I came across a tip, and it helped me get things going.

 

HOW TO GET YOUR DD-WRT ROUTER SETUP

1. Setup your router on a different IP subnet than your Modem

If you plug-in your router in to your modem, and you get internet off the get-go, then you probably do not have to do this step. However, if not, here is an example of what I did. Remember, the router is connected on it’s WAN port, to a regular LAN port on the modem.

My DD-WRT router has a standard IP setup as 192.168.1.1. So did my modem, so I changed the ip of my¬†modem to 192.168.0.1, and set it’s DHCP range from 192.168.1.2 – 192.168.1.99.

I left my DHCP server on the router running, and set it’s DHCP range from 192.168.1.100 – 192.168.1.150.

I don’t need more than 50 clients any how.

2. Now check if you have internet running through the router

Following the previous steps you should have access to the internet, if not, on the WAN connection of the router, you can set your default gateway to 192.168.0.1, and default DNS to 192.168.0.1, and alternate DNS’s to 8.8.8.8 , and 8.8.4.4

If this doesn’t work for you, make sure that you can connect to your modem first, and the net is working there. Refresh your ip settings if necessary on windoze.

3. Don’t setup the OpenVPN connection in the GUI, do it in the Commands window

This was the bit that did it for me, Go to ‘Administration’ and ‘Commands’, and paste this in to the box, by editing it with your server details. You may substitute 1194 for any alternate port you have in the text below, and click ‘Save Startup’

[ -d /tmp/openvpnsrv ] || mkdir /tmp/openvpnsrv
echo "
client
dev tun
proto udp
remote YOUR-SERVER-IP 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca /tmp/openvpnsrv/ca.crt
cert /tmp/openvpnsrv/client.crt
key /tmp/openvpnsrv/client.key
ns-cert-type server
cipher bf-cbc
comp-lzo
verb 3
mute 20" > /tmp/myvpnsrv.conf
echo "
-----BEGIN CERTIFICATE-----
PASTE-YOUR-CA HERE
-----END CERTIFICATE-----
" > /tmp/openvpnsrv/ca.crt
echo "
-----BEGIN PRIVATE KEY-----
PASTE-YOUR-CLIENT KEY HERE
-----END PRIVATE KEY-----
" > /tmp/openvpnsrv/client.key
echo "
-----BEGIN CERTIFICATE-----
PASTE-YOUR-CERTIFICATE HERE
-----END CERTIFICATE-----
" > /tmp/openvpnsrv/client.crt
ln -s /usr/sbin/openvpn /tmp/myvpn
sleep 10
chmod 400 /tmp/openvpnsrv/*
/tmp/myvpn --config /tmp/myvpnsrv.conf --daemon
sleep 15

Then go ahead and type the following, and click ‘Save Firewall’

iptables -A POSTROUTING -t nat -o tun0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

One you’re done with that, reboot your router, and check for any error messages on your OpenVPN server when it connects.

Last but not least, you can go to http://whatismyip.com and check what IP you are connecting from.

Charlie Out!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Archives