OpenWrt/OpenVPN: Difference between revisions

Dynamic DNS

• Install "luci-app-ddns" package (Webinterface: Administration -> System -> Software -> Update package list)
• Now you can access the newly installed menu (Webinterface: Administration -> Services -> Dynamic DNS)

File:OpenWrt DDNS.jpg

OpenVPN bridge

• Install "luci-app-openvpn" + "openvpn" package (Webinterface: Administration -> System -> Software -> Update package list)
• Create certificates (preferably on a seperate Ubuntu Linux machine):
  • DD-WRT Howto
  • OpenVPN Howto
  • In short:

su
apt-get install openvpn openssl
cd /usr/share/doc/openvpn/examples/easy-rsa/2.0/
source ./vars
./clean-all
./build-ca
./build-key-server server
./build-key client1
./build-key client2   #Etc, for other clients
./build-dh

• copy these certificate files to /etc/openvpn of the router (e.g. with WinSCP)

ca.crt
dh1024.pem
server.crt
server.key

• access the router through SSH

mc
cd /etc/config

edit "openvpn" (F4):

config  'openvpn' 'custom_config'
        option 'config' '/etc/openvpn/openvpn.conf'
        option 'enable' '1'

edit "network" (F4) and change:

...
config  'interface' 'lan'
        option 'ifname' 'eth0 tap0'
        option...
...

edit "firewall" (F4) and add:

...
config  'rule'
        option 'target' 'ACCEPT'
        option '_name' 'vpn'
        option 'src' 'wan'
        option 'dest_port' '1194'
        option 'proto' 'udp'
...

cd /etc/openvpn
touch openvpn.conf

edit "openvpn.conf" (F4):

mode server
proto udp
port 1194
dev tap0
server-bridge   192.168.1.1 255.255.255.0 192.168.1.201 192.168.1.250
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
keepalive  10 60
comp-lzo
daemon
verb 3
client-to-client

• Enable OpenVPN
  • Webinterface: Administration -> Services -> Initscripts -> openvpn -> enable

• Reboot router