How to setup a vpn server using a dd-wrt router

We have previously covered how to set up a PPTP VPN Server using Debian Linux here on Sysadmin Geek, however if you are already utilizing a DD-WRT firmware based router in your network then you can easily configure your router to act as the PPTP VPN Server.

DD-WRT Configuration

Before setting up the VPN Server, you must first make sure your installed build of DD-WRT includes the PPTP VPN features. The DD-WRT feature list shows this as “PPTP / PPTP Client” on their chart. Check the installed version on your router (which you can see in the upper right corner on the configuration pages) against the chart. If the feature is not included in your build, you will need to flash your router with a DD-WRT version which does include the “PPTP / PPTP Client”.

To turn on the PPTP VPN Server, navigate to the Services tab and then the VPN sub-tab and select the option to enable the PPTP Server.

Once enabled, several previously hidden options will appear. Configure them as follows:

• Server IP: Public IP address of the router
• Client IP(s): List of local IP’s (respective to the VPN network) to use when assigning IP addresses to clients connecting through the VPN. In our example, we are setting aside 5 IP addresses (192.168.16.5, .6, .7, .8, .9) for use by the VPN clients.
• CHAP-Secrets: User name and passwords for VPN authentication. The format is “user * password *” (user[space]*[space]password[space]*), with each entry on its own line. In our example, there is just a single accepted user name (jfaulkner) and password (SecretPassword1).

You can view detailed documentation on all of these options by clicking the “Help more…” link on this page on the right side of the DD-WRT configuration.

Once you are finished, click the Apply Settings button to push the configuration through to your DD-WRT router and you are finished.

Connecting to the PPTP VPN Server

Once you have your DD-WRT router configured, all that is left is to simply connect your client computers to the VPN. For our example, we will be showing how this is done using Windows 7 Professional.

In the Network and Sharing Center of the Control Panel, click the option to set up a new network connection.

Select the option to connect to a workplace VPN.

If you have existing connections, they will be displayed here. For our example, we want to create a new connection.

Select the option to use your Internet connection to connect to the VPN.

Enter the domain or IP address of your VPN Server (the public IP address of the DD-WRT router configured above) and give a title to the VPN connection.

Enter the credentials for your VPN login which was configured in the DD-WRT router settings. Click Connect.

After a few moments, if everything is configured correctly, you should be connected to the PPTP VPN Server on the DD-WRT router.

Running ‘ipconfig’ on the local machine should show you are connected to both the VPN and your existing internet connection.

Once connected, you can now access all the resources on the VPN as though you were connected to the network locally.

Ранее мы рассмотрели как настроить PPTP VPN-сервер с помощью Debian Linux здесь, в Sysadmin Geek, однако, если вы уже используете маршрутизатор на основе прошивки DD-WRT в своей сети, вы можете легко настроить свой маршрутизатор для работы в качестве сервера PPTP VPN.

Конфигурация DD-WRT

Перед настройкой VPN-сервера вы должны сначала убедиться, что установленная вами сборка DD-WRT включает функции PPTP VPN. В списке функций DD-WRT это отображается как «Клиент PPTP / PPTP» на диаграмме. Сравните версию, установленную на вашем маршрутизаторе (которую вы можете увидеть в правом верхнем углу на страницах конфигурации), по таблице. Если эта функция не включена в вашу сборку, вам нужно будет прошить ваш маршрутизатор версией DD-WRT, которая включает «PPTP / PPTP Client».

Чтобы включить PPTP-сервер VPN, перейдите на вкладку «Службы», а затем во вложенную вкладку «VPN» и выберите параметр для включения PPTP-сервера.

После включения появятся несколько ранее скрытых параметров. Настройте их следующим образом:

• IP-адрес сервера: общедоступный IP-адрес маршрутизатора.
• Клиентские IP-адреса: список локальных IP-адресов (соответствующих сети VPN) для использования при назначении IP-адресов клиентам, подключающимся через VPN. В нашем примере мы выделяем 5 IP-адресов (192.168.16.5, .6, .7, .8, .9) для использования клиентами VPN.
• CHAP-Secrets: имя пользователя и пароли для аутентификации VPN. Формат: «пользователь * пароль *» (пользователь[space] * [space]пароль[space] *), где каждая запись находится в отдельной строке. В нашем примере есть только одно допустимое имя пользователя (jfaulkner) и пароль (SecretPassword1).

Вы можете просмотреть подробную документацию по всем этим параметрам, щелкнув ссылку «Help more…» на этой странице справа от конфигурации DD-WRT.

После завершения нажмите кнопку «Применить настройки», чтобы передать конфигурацию маршрутизатору DD-WRT, и все готово.

Подключение к PPTP VPN серверу

После того, как вы настроили маршрутизатор DD-WRT, все, что осталось – просто подключить клиентские компьютеры к VPN. В нашем примере мы покажем, как это делается с помощью Windows 7 Professional.

В Центре управления сетями и общим доступом на панели управления щелкните параметр, чтобы настроить новое сетевое подключение.

Выберите вариант подключения к VPN на рабочем месте.

Если у вас есть существующие подключения, они будут отображаться здесь. В нашем примере мы хотим создать новое соединение.

Выберите вариант использования подключения к Интернету для подключения к VPN.

Введите домен или IP-адрес своего VPN-сервера (публичный IP-адрес маршрутизатора DD-WRT, настроенный выше) и дайте название VPN-соединению.

Введите учетные данные для входа в VPN, которые были настроены в настройках маршрутизатора DD-WRT. Щелкните Подключиться.

Через несколько секунд, если все настроено правильно, вы должны подключиться к PPTP VPN серверу на маршрутизаторе DD-WRT.

Запуск «ipconfig» на локальном компьютере должен показать, что вы подключены как к VPN, так и к существующему интернет-соединению.

После подключения вы можете получить доступ ко всем ресурсам в VPN, как если бы вы были подключены к сети локально.

Interesting article about strength and security of PKI today Pro-Linux (german)

On DD-WRT, go to the Administration->Services and set PPTP server to active, save the changes, then set the IP of router (192.168.1.1) for the server IP, and under Client IP(s) set a range for connections. (192.168.1.20-29 for example of a ten client set up)

Under Chap Secret put in username * password * for example: testmachine * password1234 * ( The “*” are NOT a Placeholder, they must be there ! ) Use no capital letters. Also avoid using the # character since this breaks pptp. (This also applies to the router administration password that is included by default in the password file for pptpd.)

Now on your PC select Create new Connection under Control Panel -> Network Connections. Select Connect to Network at my Workplace, then select Virtual Private Connection, give it a name (home link). Select what applies, dial up or LAN. Type the WAN IP address of your router, it must be static address or an address through DynDNS.org or the likes. (Thanks loxza)

Then at connect window, type the username and password you used earlier under Chap Secret (in our example: testmachine:password1234 ). Use no capital letters.

If you have followed the above steps and still cannot connect to the VPN, try forwarding the PPTP Port (1723) with TCP protocol to the LAN IP Address of your router (i.e. 192.168.1.1). Although it seems like this is a weird approach since you are using your router to forward to itself, it often times allows the VPN connection to suceed.

For more information on setting up a VPN connection in Windows XP see this article.

For other Windows versions see this link.

If you have Problems to see your Network Neighbourhood or Programs like VNC and Remote Desktop are not working, then you should Disable the Loopback Adapter under Administration -> Management in your Router. If this does not work, then it is also useful to edit your new VPN Connection under Properties -> TCP/IP -> Advanced -> and select Use Standard Gateway of the Remote Network. With this Option you are fully inside the Router’s Network, all Traffic include your Surfing is then over your VPN Connect. With both Settings, you are fully integrated in the Remote LAN.

Я пытаюсь настроить VPN-сервер PPTP на своем маршрутизаторе DD-WRT за NAT (маршрутизатор ISP моего провайдера). Я много гуглил, но, похоже, не так много людей упоминают об этом точном сценарии ниже:

ИНТЕРНЕТ Интернет-провайдер DD WRT

Маршрутизатор ISP: WAN IP: xx.xxx.xx.xx подсеть: 192.168.1.xxx IP-маршрутизатор: 192.168.1.1

DD WRT (My Router): WAN IP: 192.168.1.10 подсеть: 10.170.1.xxx ip маршрутизатора: 10.170.1.1

VPN-сервер включен с секретным паролем PPTP: томас * пароль *

ISP-маршрутизатор – это то, чего я не могу коснуться. У меня нет логина к роутеру, и провайдер не собирается менять для меня какие-либо настройки (например, DMZ).

Я попытался подписаться на службу VPN (StrongVPN), и мой маршрутизатор DD-WRT подключился к этой VPN, чтобы он мог получить публичный IP-адрес WAN (скажем, 123.123.123.123). Мне удалось получить IP-адрес WAN, но когда я использую другой компьютер (из внешней сети) и подключаюсь к 123.123.123.123, по какой-то причине StrongVPN немедленно обрывает соединение.

Я сейчас очень расстроен и надеюсь, что некоторые сетевые эксперты могут пролить мне свет на это.

Ваша помощь приветствуется!

Серверу PPTP требуется TCP-порт 1723, а также IP-протокол 47 (GRE) для пересылки на него. Предполагая, что ваш ISP-маршрутизатор обрабатывает переадресацию портов, вы не сможете запустить PPTP-сервер через него без перенаправления портов на него.

Я не верю, что существуют какие-либо решения для VPN-серверов, которые будут работать без перенаправления соответствующих портов.

Могут быть и другие программные решения, имитирующие аналогичный интерфейс, но у меня нет рекомендаций по этому поводу, и рекомендации по программному обеспечению находятся за пределами компетенции этого сайта. Лучше всего было бы искать что-то вроде VPN server without port forwarding .

Существует аналогичная тема здесь , хотя это не относится к VPN, в зависимости от ваших требований , он все еще может быть полезным.

Я заметил, что проблема заключается в DD-WRT. Если вы хотите использовать службу VPN в микропрограмме DD-WRT, и в то же время, если ваш маршрутизатор находится за NAT и хочет установить другое VPN-клиентское подключение к сторонней службе VPN, DD-WRT почему-то не ‘ не отвечает правильно (наверное, из-за какой-то ошибки в прошивке DD-WRT).

Конечно, я не заинтересован в исправлении ошибок.

Я сделал обходной путь, который прекрасно работает. Я добавил дополнительный маршрутизатор DD-WRT.

ИНТЕРНЕТ Интернет-провайдер DD WRT DD-WRT

Давайте назовем их так: A B C D

Я настроил «C» так, чтобы это был сам VPN-клиент и соединения с третьим лицом vpn (PureVPN в моем случае) со статическим IP-адресом (например, 123.123.123.123). Затем я установил для этого DMZ, которая направляет все пакеты в «D».

Тогда «D» теперь по умолчанию является общедоступным, поскольку при выполнении команды ping или любых типов подключения к 123.123.123.123 просто будет идти «D». Я настроил VPN-сервис на “D” и бинго! Работает как шарм!

Для тех из вас, кто пытается сделать то же самое, просто чтобы дать вам голову. Первоначально у меня это работало, но каким-то образом, когда я пытаюсь установить VPN-соединение из внешнего мира, в мой VPN-сервис в «D», оно немедленно сбрасывает соединение.

Причина этого заключалась в том, что в: Безопасность> VPN Passthrough я включил все 3 сквозных перехода, которые, даже до сих пор, я думал, что имеет больше смысла: – IPSec Passthrough – PPTP Passthrough – L2TP Passthrough

Но в действительности вы должны отключить IPSec Passthrough и L2TP Passthrough, чтобы не дать VPN-серверу разорвать внешнее соединение.

Все еще не уверены, почему. Может быть, кто-то может объяснить? Но это не важно в рамках этого вопроса.

Why use VPN on just a handful of devices?

One of the major reasons probably why you might be using a VPN is to keep your online identity safe and secure. Using a VPN is easy. All you need to do is download the VPN client on your laptop/computer, connect to the VPN server and you are good to go. If you are using the internet on your iPhone or Android, the process is pretty simple too.

Most VPN providers like NordVPN provide you with an app for each of these platforms. You need to establish a connection via these apps, and that’s it. To know more about the supported devices, you can read this review.

But the problem arises when you want to connect your additional devices like an Apple TV to a VPN, and cannot figure out a convenient way to do so.

Further, what if you have 8 devices at home, all of which need to be connected to a VPN?

The ideal solution here is to connect your home router to a VPN, and you can then access the internet securely on each of your devices.

If you are using a DD-WRT router, here is an ultimate guide on how you can configure up the VPN on this router. The process isn’t trivial, but it is not overly complex either.

Let’s have a look.

Install DD-WRT

We’re assuming that your router doesn’t have DD-WRT. If that’s not the case, you can freely skip this step.

For the ones who do not have DD-WRT, follow the following steps (here) or perform the steps below.

1. Visit and enter the model number of your router. If your router supports DD-WRT, you will be provided with all the details regarding firmware requirements that you need to download.
2. Update your firmware, and reboot your router.
3. Next, visit to set up your router. In here, you will be asked to provide a username and password.
4. You will be then redirected to the next page. Click on Setup and provide the username and password you just created.
5. The next page will provide you with all the basic details of the router including its name, IP address and DHCP settings.
6. In the next dropdown, choose Automatic Configuration – DHCP. Choose DHCP
7. Do not touch the DHCP settings and leave them to default. Change the time settings according to your zone.
8. Once this is done, click on the Wireless tab and configure your Wireless network.

Go to the Wireless Tab

Set Up Dynamic DNS

Now, you need to set up a DNS redirector for your dynamic WAN IP. The thing is that your ISP keeps on changing your IP address, until and unless you have paid it for a static IP.

This creates problems, as you will need to update your VPN settings every time your IP address gets changed.

Do not worry. There is a way out here. You can use a dynamic DNS service that creates a URL that reflects the updated IP provided by your ISP. Here are the steps you need to follow:

1. Create a free account with afraid.org and go to subdomain menu. Go to Subdomains
2. In the next field, create a subdomain of your liking and then choose a domain from the dropdown. Create the Subdomain
3. Next, enter your router’s WAN IP in the destination field. You can get the WAN IP from the DD-WRT page. Enter your WAN IP
4. Next, click Save and then click on DDNS. Saving DDNS
5. Now copy the URL provided to you on the next page next to the subdomain entry.
6. Now, go back to your router page, and below Setup, click on DDNS tab.
7. From the dropdown menu, select freedns.afraid.org and provide the required username and password.
   
8. Provide the URL copied above in the hostname field, and enable the external IP check as Yes.
   
9. In the Force Update Interval field, enter 10.

PPTP Configuration

1. On your router page, click on Services > VPN.
   
2. Enable the PPTP Server. Disable the Broadcast Support, and enable the MPPE Encryption.
   
3. Provide your DNS configuration.
   
4. WINS servers can be skipped.
5. MTU and MRU settings should be left as it is.
   
6. Use your router’s IP as the server IP.

Device Configuration

Next, go ahead, and set up your VPN on the device, and you are done! Here is how you can configure a Windows laptop.

1. Start > Settings > Network and Internet > VPN
2. Click on Add a VPN connection
3. Under the VPN Provider, write Windows. Enter afraid.org DNS address in the Server name field. Or, you can enter your router’s WAN IP. Select PPTP in the VPN type dropdown.
   
4. Type of sign-in info should be Username and Password.
5. Next, provide the username and password.
6. Click connect.

Wrapping Up

This brings us to the end of this tutorial. If you have any questions, let us know in the comments below.

You can set up your own VPN server at home or small office. Use it to securely connect to your network when you are outside.

• What is Virtual Private Server (VPS)?
• Is the private game server legal?

Network administration – Virtual private networks, Virtual Private Network, are not just for corporate networks. You can set up your own VPN server at home or small office . Use it to securely connect to your network when you’re outside, gaining access to shared folders and network computers. You can also see its usefulness in public networks or Wi-Fi hotspots, securing your traffic in front of snoopers.

One way to set up a VPN server is to simply load DD-WRT into your router, if it’s compatible. DD-WRT is a software replacement. It replaces the router’s brain, giving it a new control panel with more features, such as a VPN server. You can check the compatibility with your router here.

In this article, we will show you the DD-WRT Point-to-Point Tunneling Protocol (PPTP) feature. Although PPTP has many of the same vulnerabilities as other protocols, sometimes we can still accept some level of risk. In addition to easy configuration and management, PPTP is also supported in Windows.

However, there is one problem to keep in mind first, if you have to work with customer data or highly sensitive information then you definitely need to consider a safer VPN solution. Maybe after this tutorial we will show you how to set up OpenVPN in DD-WRT, this is a safe solution but the installation will be much more complicated. In addition, users must download and configure the client utility to connect.

Router

Start with Router Database. Type in the carrier or model number and hope it will provide you with a list of compatible software versions as well as variants. Not arbitrarily, please carefully follow all the installation instructions.

The most stable release of DD-WRT at the time of publication of this article is v24 SP1 (Build 10020), which is what we will use in this tutorial. These directions also work with v24 SP2 because we tested with Beta 13064 build.

Note that, you do not have to use the VPN variant if you just want to use PPTP VPN server or client; they are available in all variants except Mini. Special VPN variants allow you to get more secure OpenVPN servers and clients, so use it if you plan to try it later.

Enable PPTP VPN Server

To start, log in to the web control panel. Type the IP address 192.168.1.1 into the web browser. The first time you access the router, you will be prompted to create a username and password.

Click the Services tab and select the PPTP sub tab. In the PPTP Server area, select Enable . Then enter the IP address of the router (192.168.1.1) for Server IP.

For IP clients, enter an address if you only have one user. If there are multiple users, you can specify the address range. Should choose an address or range that does not conflict with the router’s IP and client IPs (192.168.1.100 – 192.168.1.149). An acceptable range might be 192.168.1.2-99 (192.168.1.2 – 192.168.1.99) or even 192.168.1.200-249 (192.168.1.200 – 192.168.1.249). Need to specify ranges with a shorter format; Do not group all addresses for an IP.

The CHAP-Secrets text box is where you specify usernames and passwords. Need to enter them in a special format: username, space, asterisk, password, space and asterisk. Here is an example:

joe * joespassword *
jane * janespassword *

If you are running a RADIUS / AAA server, you can verify the VPN user for it by enabling RADIUS and entering server details.

When all is done, click Apply Settings , then your changes will be saved and applied.

Kiểm TRA

Now we will test the VPN server on the local network:

In Windows XP, click Start> Connect to> Show all connections . Then on the window that appears, double-click New Connection Wizard . On the wizard, click Next . Click Connect to the network at my workplace and click Next . Select the Virtual Private Network connection and click Next . Type in a name for Company Name and click Next . Enter the internal IP of the router (192.168.1.1), click Next , and then click Finish . The login dialog box will appear, this is where you can enter the username and password you created on the server. Then click Connect and it will work.

In Windows 7, call Network and Sharing Center and click Set up a new connection or network . On the Wizard, select Connect to a workplace and click Next. Click Use my Internet connection (VPN) . On the next page, enter the router’s internal IP address (192.168.1.1), type in the destination name, and then click Next. You will be prompted for username and password. Enter the username and password you set before you configure the server and click Connect. Wait a minute, if successful, it will say that You are connected .

Create a Hostname for dynamic IP

If the DD-WRT router is connected to the Internet that has a changed IP address (also known as a dynamic address), then you will definitely want to set up a hostname (sub-domain). This allows you to get an Internet address (for example, myhomenet.getmyip.com ) that always points to the router’s current IP. Allows you to connect to the VPN server when out and about without having to worry about changing the IP. Conversely, if it has changed, someone must have physically checked the router and given you a new IP.

No-IP and Afraid.org are two free dynamic DNS services that you might consider now. When registering the service, you will have a host name, account name, and password. Launch the DD-WRT control panel, click Setup> DDNS and enter the required information. Then your router will always update the service and hostname with your current IP.

Don’t forget to use your hostname instead of Internet IP when configuring VPN client settings.

Configure remote access

To connect to your VPN server from the Internet when away, Windows must be configured to your Internet IP address (or hostname if you have created it), not a local IP address (192.168.1.1). If you follow the directions above and have created a connection from within the local network, then you can change the IP:

In Windows XP, click Start> Connect to> Show all connections . Then right-click on the VPN connection and select Properties .

In Windows 7, click the network icon, right-click the VPN connection from the list and select Properties .

Start connecting

Now everything is ready for you to go. The next time you need to access the network while you’re out and secure your traffic on a public network, you can use your VPN server. However, just remember that the remote router and the network must also allow VPN connections, which usually does not cause problems.

Step 1

Connect to VPN router using either an ethernet cable, or by joining the wireless network “dd-wrt”. Open a web browser, and load the following address:

The changes you must make to this initial page are as follows:

1. Router Password, sub-option Router Username – set to root
2. Router Password, sub-option Router Password – set to an easy to remember password of your choice
3. Router Password, sub-option Re-enter to confirm – set to the same password

Click “Change Password” to finish this step.

Step 2

Navigate to the Services tab, and select sub-tab Services.

The changes you must make here are as follows:

1. DNSMasq, sub-option DNSMasq – set to Disable
2. Telnet, sub-option Telnet – set to Disable
3. Wan Traffic Counter, sub-option ttraff Daemon – set to Disable

Click “Save Changes” to finish this step.

Step 3

Navigate to the Services tab, and select sub-tab Services.

The changes you must make here are as follows:

1. UPnP Configuration, sub-option UPnP Service – set to Eanble
2. UPnP Configuration, sub-option Clean port forwards at startup – set to Disable

Click “Save Changes” to finish this step.

Step 4

Navigate to the Basic, and select sub-tab Basic Setup.

The changes you must make here are as follows

1. WAN Connection Type, sub-option Connection Type – set to PPTP (it will take a few moments for the rest of the options to load after selecting)
2. WAN Connection Type, sub-option Use DHCP – set to Yes
3. WAN Connection Type, sub-option Gateway (PPTP Server) – set to your StrongVPN server address (NOT the address in the example!)
4. WAN Connection Type, sub-option User Name – set to your StrongVPN user name (NOT the user name in the example!)
5. WAN Connection Type, sub-option Password – set to your StrongVPN password (NOT the password in the example!)
6. WAN Connection Type, sub-option Disable Packet Reordering – set to Disable
7. Optional Settings, sub-option Router Name – set to StrongVPN
8. Router IP, sub-option Local IP Address – set to 192.168.9.1
9. Network Address Server Settings, sub-option Static DNS 1 – set to 8.8.8.8
10. Network Address Server Settings, sub-option Static DNS 2 – set to 8.8.4.4
11. Network Address Server Settings, sub-option Use DNSMasq for DHCP – set to Unchecked
12. Network Address Server Settings, sub-option Use DNSMasq for DNS – set to Unchecked

Click “Save Changes” to finish this step.

Step 5

Navigate to the Administration tab, and select sub-tab Managment (it should already be selected).

There are no changes to be made on this page – you must only scroll down and click ‘Reboot’ to finish this step.

Step 6

Within about 60 seconds, the DD-WRT router will complete rebooting and will now be accessible from a new address:

Load this new address, and re-enter your login details. Navigate to the Status tab, and select sub-tab WAN.

If all has gone correctly, the Login Status will be set to Connected.

TIP: You can use this page to connect and disconnect the VPN on demand, and to check the status of the VPN!

Ниже приведена инструкция по настройке Open VPN для DD-WRT Routers for Smart DNS Proxy VPN & SmartVPN networks.

Перед началом установки мы предполагаем следующие конфигурации;

1. Вы уже протестировали OpenVPN на вашем ПК, чтобы убедиться, что ваша сетевая конфигурация и провайдер допускают OpenVPN соединения.
2. Вы уже прошили маршрутизатор новейшей прошивкой DD-WRT v24-sp2. При подготовке данного руководства использовалась сборка DD-WRT v24-sp2 (12/22/14). Предыдущие или другие сборки могут содержать ошибки, предотвращающие OpenVPN соединения.
3. Вы уже выполнили жесткий сброс или восстановление заводских настроек через административное меню.
4. Маршрутизатор DD-WRT подключается к первому маршрутизатору через Wi-Fi или ethernet.
5. При подключении к маршрутизатору DD-WRT через wi-fi или ethernet с компьютера можно получить доступ в Интернет.
6. Локальный IP-адрес маршрутизатора DD-WRT – 192.168.1.1.
7. Ваш первый маршрутизатор имеет другую подсеть локальной сети. 192.168.0.1

Начните процесс настройки со следующими инструкциями;

1. Подключитесь к маршрутизатору DD-WRT либо с помощью Ethernet-кабеля, либо путем подключения к беспроводной сети “dd-wrt”. Откройте веб-браузер и загрузите следующий адрес: Обратите внимание, что при подключении к маршрутизатору через Ethernet настройте сетевое подключение на автоматическое получение IP-адреса.

Проверьте прошивку DD-WRT. Версия программного обеспечения, которая была протестирована на работу на серверах VPN, представляет собой более новую сборку DD-WRT. Сборки или версии, отличные от v24-sp2 (12/22/14), могут иметь ошибки, предотвращающие OpenVPN соединения.

2. Перейдите в раздел “Настройка” и выберите “Базовая настройка”.

3. Снимите все три флажка “Use DNSMasq for DHCP”, “Use DNSMasq for DNS” и “DHCP-Authoritative” и введите 208.67.222.222 и 208.67.220.220, 8.8.8.8 и 8.8.4.4 в текстовое поле “Static DNS 1” , “Static DNS 2”, “Static DNS 3”, “Static DNS 4”, как показано на снимке экрана. Установите флажок “DHCP сервер”.

4. Применить настройки.

5. Нажмите кнопку “Безопасность”, затем “Брандмауэр” и установите для “Брандмауэра SPI” значение “Отключить” и нажмите кнопку “Применить настройки” для сохранения.

6. Перейдите в “Службы” и выберите “VPN”.

7. Установите “Запустить клиент OpenVPN” в положение “Включить”.
– Введите адрес VPN сервера в IP/Имя сервера.
– Введите номер порта. Для протокола TCP/UDP можно ввести один из следующих номеров портов: 53, 80, 443 или 1194.
– Установите устройство “Туннель” на TUN.
– Установите Протокол тоннеля на TCP или UDP. (Мы предлагаем вам использовать UDP для лучшей скорости)
– Установите шифрование в положение Blowfish CBC.
– Установите алгоритм Хэша на SHA1.
– Установите nsCertType на галочку.
– Установите для параметра “Дополнительные параметры” значение “Включить”.
– Установите шифр TLS в положение Нет.
– Установите LZO-сжатие на Адаптивный сайт.
– Установите Nat на Включить.

• Загрузите файл ЦС здесь и откройте его в Wordpad для Windows или TextEdit для Mac, затем COPY и PASTE

8. Перейдите на “Администрирование” и перезагрузите маршрутизатор.

После перезагрузки он должен автоматически подключиться к VPN. Пожалуйста, подождите до 1 минуты, чтобы установить OpenVPN соединение. Вы можете проверить состояние соединения, перейдя на вкладку “Статус” и “OpenVPN”. На вкладке “Клиент”: ПОДКЛЮЧЕНИЕ: СУКЦЕСС”.

ВАЖНОЕ ОБНОВЛЕНИЕ:

Для того, чтобы заставить его работать на новом клиенте OpenVPN на вашем маршрутизаторе DD-WRT, необходимо внести следующие коррективы:

torguard fastest serversCheck user testimonialsvpn router meo ycud here.PrivateVPN If you prefer a simpler service that can get the job done just as well as a fancy VPN, PrivateVPN is your guy.VyprVPN VyprVPN sports a set of impressive security features – most notably, their Chameleon technology that’s designed specifically to bypass DPI (Deep Packet Inspection) and the Great Firewall of China.vpn.ht firestickIt’s also armored with numerous security features, such as Double VPN to overcome restrictions in China, and it keeps zerovpn router meo ycud logs.If you are outside Poland, you have probably noticed that you can’t watch a lot of the content on streaming sites like ipla.Use their 30-day money-back guarantee and decide for yourself.radmin vpn trusted

vpn gratis yang bisa untuk netflixCheck user testimonialsvpn router meo ycud here.View PureVPN Deals 4.We recommend CyberGhost for a Polish IP address, but you’ll find several more great choices below.vpn i macIt’s important to keep in mind that they have had some privacy issues in the past, but if you’re just trying to access the BBC from China, this probably won’t pose a problem.View ExpressVPN Deals 3.Get 70% OFF NordVPN Now!ucl vpn cisco

softether mac clientPureVPN PureVPN boasts a network of 750+ servers in over 140 countries, including China and Hong Kong.ExpressVPN ExpressVPN is the fastest VPN around and is very popular among users for streaming content online even in challenging countries like China, thanks to its unbeatable encryption levels.It has a massive network of fast servers in 62 countries, including 500+ servers in the UK alone.vpn for mac miniThey also offer a special China VPN service, which can bypass the Great Firewall of China.NordVPN If you’re trying to unblock BBC in China, NordVPN is the perfect solution.This feature-packed, log-free VPN has an impressive network of 2000+ ultra-fast servers in over 90 countries with six servervpn router meo ycud locations in the UK.free vpn unlimited vpnify

SPONSORS

Sierra Madre Playhouse | 87 W Sierra Madre Blvd | Sierra Madre, California 91024 | (626) 355-4318

• Audition
• |
• Volunteer
• |
• Rentals
• |
• Videos & Photos
• |
• Press
• |
• Contact
• | Newsletter

Ранее мы рассмотрели, как настроить PPTP VPN-сервер с помощью Debian Linux здесь, на сайте yadmin Geek, однако, если вы уже используете маршрутизатор на основе прошивки DD-WRT в своей сети, вы можете

Содержание:

• Конфигурация DD-WRT
• Подключение к PPTP VPN серверу

Ранее мы рассмотрели, как настроить PPTP VPN-сервер с помощью Debian Linux здесь, на сайте Sysadmin Geek, однако, если вы уже используете маршрутизатор на основе прошивки DD-WRT в своей сети, вы можете легко настроить свой маршрутизатор для работы в качестве PPTP-сервера VPN. .

Конфигурация DD-WRT

Перед настройкой VPN-сервера вы должны сначала убедиться, что установленная вами сборка DD-WRT включает функции PPTP VPN. В списке функций DD-WRT это отображается как «Клиент PPTP / PPTP» на диаграмме. Сравните версию, установленную на вашем маршрутизаторе (которую вы можете увидеть в правом верхнем углу на страницах конфигурации), по таблице. Если эта функция не включена в вашу сборку, вам нужно будет прошить маршрутизатор версией DD-WRT, которая включает «PPTP / PPTP Client».

Чтобы включить PPTP-сервер VPN, перейдите на вкладку «Службы», а затем во вложенную вкладку «VPN» и выберите параметр для включения PPTP-сервера.

После включения появятся несколько ранее скрытых параметров. Настройте их следующим образом:

• IP-адрес сервера: общедоступный IP-адрес маршрутизатора.
• Клиентские IP-адреса: список локальных IP-адресов (соответствующих сети VPN) для использования при назначении IP-адресов клиентам, подключающимся через VPN. В нашем примере мы выделяем 5 IP-адресов (192.168.16.5, .6, .7, .8, .9) для использования клиентами VPN.
• CHAP-Secrets: имя пользователя и пароли для аутентификации VPN. Формат: «пользователь * пароль *» (пользователь [пробел] * [пробел] пароль [пробел] *), где каждая запись находится в отдельной строке. В нашем примере есть только одно допустимое имя пользователя (jfaulkner) и пароль (SecretPassword1).

Вы можете просмотреть подробную документацию по всем этим параметрам, щелкнув ссылку «Help more…» на этой странице справа от конфигурации DD-WRT.

По завершении нажмите кнопку «Применить настройки», чтобы передать конфигурацию на маршрутизатор DD-WRT, и все готово.

Подключение к PPTP VPN серверу

После того, как вы настроили маршрутизатор DD-WRT, все, что осталось – просто подключить клиентские компьютеры к VPN. В нашем примере мы покажем, как это делается с помощью Windows 7 Professional.

В Центре управления сетями и общим доступом на панели управления щелкните параметр, чтобы настроить новое сетевое подключение.

Выберите вариант подключения к VPN на рабочем месте.

Если у вас есть существующие подключения, они будут отображаться здесь. В нашем примере мы хотим создать новое соединение.

Выберите вариант использования подключения к Интернету для подключения к VPN.

Введите домен или IP-адрес своего VPN-сервера (публичный IP-адрес маршрутизатора DD-WRT, настроенный выше) и дайте название VPN-соединению.

Введите учетные данные для входа в VPN, который был настроен в настройках маршрутизатора DD-WRT. Щелкните Подключить.

Через несколько секунд, если все настроено правильно, вы должны подключиться к PPTP VPN серверу на маршрутизаторе DD-WRT.

Запуск «ipconfig» на локальном компьютере должен показать, что вы подключены как к VPN, так и к существующему интернет-соединению.

После подключения вы можете получить доступ ко всем ресурсам VPN, как если бы вы были подключены к сети локально.

для пользователей KeepSolid VPN Unlimited

Защитите свой маршрутизатор с прошивкой DD-WRT, используя первоклассный VPN-сервис!

DD-WRT – это проект прошивки с открытым исходным кодом, созданный, чтобы улучшить возможности маршрутизаторов. Эта альтернативная прошивка снимает ограничения стандартной прошивки маршрутизатора, предоставляя пользователям расширенные возможности по управлению сетью.

Хотите настроить первоклассную VPN-защиту на вашем роутере? В нашем руководстве вы узнаете, как настроить OpenVPN® на маршрутизаторе с прошивкой DD-WRT. Больше информации о функциях и технических характеристиках OpenVPN® вы можете найти в статье Что такое протокол OpenVPN®.

Примечание: Если на вашем маршрутизаторе нет прошивки DD-WRT, вы можете посетить страницу Там вы найдете все необходимые инструкции о том, как прошить роутер, какие маршрутизаторы поддерживаются и другую информацию.

I. Сгенерируйте конфигурации для настройки OpenVPN на DD-WRT

Первым шагом в настройке KeepSolid VPN Unlimited на роутере с прошивкой DD-WRT является создание файлов конфигурации в Личном кабинете. Для этого, выполните несколько простых шагов, указанных в данной инструкции.

Поскольку вы собираетесь настраивать OpenVPN® на своем маршрутизаторе DD-WRT, в поле Protocol выберите OpenVPN®. Будет сгенерирован нужный .ovpn файл, а также доменное имя выбранного VPN-сервера.

II. Настройте OpenVPN® клиент на роутере с DD-WRT

Если на вашем роутере уже заданы сетевые настройки вашего интернет-провайдера и настроен доступ к интернету, вы можете начать настройку OpenVPN® клиента. Выполните всего несколько простых шагов ниже:

1. Войдите в панель управления вашего роутера с DD-WRT. Если вы не знаете, как это сделать, ознакомьтесь с нашей подробной инструкцией о том, как зайти в настройки роутера.

2. Перейдите в раздел Services > VPN как показано ниже:

3. Здесь вам необходимо включить опцию OpenVPN® Client и заполнить поля следующим образом:

• Server IP or DNS Name: Введите имя сервера, которое вы найдете в поле Domain name при создании конфигураций в Личном кабинете.
• Port and Protocol: Выберите 1194 udp (используется для OpenVPN® по умолчанию)
• Tunnel device: Выберите TUN
• Encryption Cipher: AES-256-CBC
• Hash Algorithm: SHA512
• Advanced Options: Enabled
• TLS Cipher: TLS-DHE-RSA-WITH-AES-128-CBC-SHA или выше
• LZO Compression: No
• NAT: Enabled
• Firewall Protection: Disable
• Tunnel UDP MSS-Fix: Disable
• Additional Config section: Введите данные ниже:

4. Откройте ранее загруженный файл .ovpn в предпочитаемом текстовом редакторе и заполните поля следующим образом:

• CA cert – в файле конфигурации скопируйте раздел между и , включая строки ——BEGIN CERTIFICATE—— и ——END CERTIFICATE——, и вставьте его в это поле.
• Public Client cert – в файле конфигурации скопируйте раздел между и , включая строки ——BEGIN CERTIFICATE—— и ——END CERTIFICATE——, и вставьте его в это поле.
• Public Client key – в файле конфигурации скопируйте раздел между и , включая строки ——BEGIN PRIVATE KEY—— и ——END PRIVATE KEY———, и вставьте его в это поле.

5. Затем, нажмите Apply Settings в нижней части панели управления вашего роутера с DD-WRT. Это активирует VPN-соединение на вашем роутере. В случае возникновения проблем с DNS перейдите в Setup > Basic Setup > Network Setup > Static DNS1 and 2, и установите значения 8.8.8.8 и 8.8.4.4 соответственно.

Готово! Вы завершили настройку OpenVPN® на роутере с DD-WRT и активировали VPN-соединение. Наш VPN для DD-WRT теперь шифрует трафик всех устройств, подключенных к вашему маршрутизатору, позволяя вам наслаждаться анонимностью и безопасностью в сети.

Нужно настроить VPN на других устройствах? Посетите страницу Инструкции, чтобы найти нужное руководство или обратитесь в нашу службу поддержки. Мы будем рады помочь!

«OpenVPN» является зарегистрированным товарным знаком OpenVPN Inc.

Самое время попробовать VPN Unlimited!

Выберите подписку VPN Unlimited прямо сейчас, защитите ваш роутер и наслаждайтесь неограниченным доступом в сеть.

DD-WRT OpenVPN Manual Setup Guide

Navigate to the home page of your router – By default 192.168.1.1 .

Click on the Services tab. You may be asked to enter your router username and password.

Click on the VPN tab and then click on the Start OpenVPN Client button.

Enter the following configuration (as also shown in the screen shot below):

• Server IP/Name: Enter a server name from the server status page e.g. ch.gw.ivpn.net
• Port: 2049
• Tunnel Device: TUN
• Tunnel Protocol: UDP

Encryption cipher: AES-256 CBC

Hash Algorithm: SHA1

User Pass Authentication: Enable (If this option does not exist you will need to follow the steps in the appendix).
Enter your account ID that begins with letters ‘ivpnXXXXXXXX’ or ‘i-XXXX-XXXX-XXXX’ and any password.

Advanced options: Enable

TLS cipher: None

LZO Compression: No

NAT: Enable

Firewall Protection: Enable

Tls Auth Key: Download and paste the contents of the TLS-auth file.

Additional Config:

CA Cert: Download and paste the contents of the CA cert file.

Click the Save button, then click the Apply Settings button.

Navigate to Setup > Basic Setup .

Specify one of the following DNS servers in the Static DNS 1 field:

• 10.0.254.1 = redular DNS with no blocking
• 10.0.254.2 = standard AntiTracker to block advertising and malware domains
• 10.0.254.3 = AntiTracker Hardcore Mode to also block Google and Facebook

..and 198.245.51.147 in the Static DNS 2 field.

Click Save & Apply Settings .

Final steps

Reboot your router and wait for a minute or two for everything to settle, then reboot your computer system and check the status of the OpenVPN client in the Status > OpenVPN area.

Check the assigned public IP address on our website and run a leak test at from one of the devices connected to your DD-WRT router.

Please note: If you plan to use a Multi-hop setup please see this guide and replace the port number in Step 4 with the chosen Exit-hop server Multi-hop port.

Appendix

If you do not have the User Pass Authentication field in your DD-WRT version please follow the steps below:

Add the following line to your Additional Config field:

Save your configuration by clicking on the save button.

Click on the Adminstration tab and then the Commands tab. Enter the text shown in the box below replacing the username and password in quotes with your account ID (‘ivpnXXXXXXXX’ or ‘i-XXXX-XXXX-XXXX’) and any password. Click on Save startup to continue.

If the previous command worked correctly you should now see the contents above in a new section on the same page called Startup .

We have previously covered how to set up a PPTP VPN Server using Debian Linux here on Sysadmin Geek, however if you are already utilizing a DD-WRT firmware based router in your network then you can easily configure your router to act as the PPTP VPN Server.

DD-WRT Configuration

Before setting up the VPN Server, you must first make sure your installed build of DD-WRT includes the PPTP VPN features. The DD-WRT feature list shows this as “PPTP / PPTP Client” on their chart. Check the installed version on your router (which you can see in the upper right corner on the configuration pages) against the chart. If the feature is not included in your build, you will need to flash your router with a DD-WRT version which does include the “PPTP / PPTP Client”.

To turn on the PPTP VPN Server, navigate to the Services tab and then the VPN sub-tab and select the option to enable the PPTP Server.

Once enabled, several previously hidden options will appear. Configure them as follows:

• Server IP: Public IP address of the router
• Client IP(s): List of local IP’s (respective to the VPN network) to use when assigning IP addresses to clients connecting through the VPN. In our example, we are setting aside 5 IP addresses (192.168.16.5, .6, .7, .8, .9) for use by the VPN clients.
• CHAP-Secrets: User name and passwords for VPN authentication. The format is “user * password *” (user[space]*[space]password[space]*), with each entry on its own line. In our example, there is just a single accepted user name (jfaulkner) and password (SecretPassword1).

You can view detailed documentation on all of these options by clicking the “Help more…” link on this page on the right side of the DD-WRT configuration.

Once you are finished, click the Apply Settings button to push the configuration through to your DD-WRT router and you are finished.

Connect to a VPN the Easy Way With StrongVPN

Instead of setting up a complicated VPN at home, why not use a blazing fast VPN with easy-to-use clients for all your devices?

StrongVPN is not just blazing fast — fast enough to watch streaming video — but they have extremely strong security (hence the name). You can choose the level of encryption on the fly depending on whether you need top level security or the fastest connection for your videos.

And it’s all very inexpensive, as low as $5.83 per month. Plus, you can try it out for free. What’s there to lose?

Get StrongVPN and Secure Your Internet Today

Connecting to the PPTP VPN Server

Once you have your DD-WRT router configured, all that is left is to simply connect your client computers to the VPN. For our example, we will be showing how this is done using Windows 7 Professional.

In the Network and Sharing Center of the Control Panel, click the option to set up a new network connection.

Select the option to connect to a workplace VPN.

If you have existing connections, they will be displayed here. For our example, we want to create a new connection.

Select the option to use your Internet connection to connect to the VPN.

Enter the domain or IP address of your VPN Server (the public IP address of the DD-WRT router configured above) and give a title to the VPN connection.

Enter the credentials for your VPN login which was configured in the DD-WRT router settings. Click Connect.

After a few moments, if everything is configured correctly, you should be connected to the PPTP VPN Server on the DD-WRT router.

Running ‘ipconfig’ on the local machine should show you are connected to both the VPN and your existing internet connection.

Once connected, you can now access all the resources on the VPN as though you were connected to the network locally.

DD-WRT Build Features Diagram

More stories

Use Paint.NET to Remove Red Eye From Flash Photography

Paint.NET has a simple tool for doing this called the “Color Replacement Tool,” illustrated here. Shortcut key will give it to you.

How To Make the Mac OS X Finder Suck Less

The Finder is the most complained about application on the Mac, and rightly so—it’s just not very powerful, and often behaves in unexpected ways. Today, we’ll be taking a look at several tweaks that will make the Finder suck less.

Awesome Vintage-Style Star Wars Travel Posters [Images]

Steve Thomas has created an awesome set of eight Star Wars inspired travel posters using the vintage style from the early 20th century. If you are a Star Wars fan, then these will be a lot of fun for you to look at.

App Developers Caught Selling Facebook User Info to a Data Broker

Over the weekend Facebook revealed that a data broker was caught purchasing identifying user information from some of the platform’s app developers. This incident combined with the previous revelation that many popular .

Use Evernote Offline on Your iPhone or iPod Touch for Free

Would you like to use Evernote anywhere without having to upgrade to a Premium account? Premium Evernote subscribers can sync whole notebooks offline on iPhone, but here’s how you can get your most important notes anytime on any Evernote account.

BitTorrent for Beginners: Share Large Files Using Your Own Private Tracker

Want to share some large files with a few friends, but worried about how you’ll keep the file transfer private? Here’s how to use uTorrent as a simple tracker and share files privately with your friends.

Turn Your WordPress Blog Into a Tumblr-style Tumblog

Would you like to be able to make more unique link, quote, and image posts on your blog? Here’s how you can turn your WordPress site into a Tumblr-style blog for free.

Month in Geek: October 2010 Edition

Now that October is over and the trick-or-treating is finished, it is time to take a look back at our ten top articles for this past month.

The How-To Geek Guide to Learning Photoshop, Part 3: Layers

Your layer panel is one of the most important within Photoshop. Whenever you use Photoshop, you’ll work spend a lot of time working in it.

Week in Geek: Java Becomes New No. 1 Attack Target Edition

This week we learned how to secure a Linux PC by encrypting the hard drive, become familiar with the toolbox in Photoshop, improve battery life in Windows 7 with the built-in power troubleshooter, become familiar with the panels in Photoshop, print files from anywhere via any device with Dropbox,

PPTP VPN Setup for DD-WRT

If you don’t have a DD-WRT flashed router and would like to purchase one preconfigured with the EarthVPN DD-WRT application, our parther FlashRouters can help you. They provide a hassle free alternative to the somewhat technical process of selecting a compatible router and flashing DD-WRT on it yourself. Check out our Flashrouter Information Page for more information and special promotions!

PPTP can NOT be used concurrently with PPPoE or Static IP if you want to use DD-WRT flashed router as your main router. We recommend you to use DD-WRT flashed router as the second one.

We presume the following configurations:

• You have already tested PPTP VPN on your PC/Mac to ensure that your network configuration and ISP allows PPTP connections.
• You have already flashed your router with DD-WRT firmware v24.Builds newer than 15962 may have pptp client broken so be sure to upgrade or downgrade to a working one.Build 14896 have been used while preparing this tutorial.
• You have already hard reset(30/30/30 method) or restore the factory defaults via administration menu.
• Your DD-WRT router is connected to your first router via wifi or ethernet.
• When you connect to DD-WRT router via wi-fi or ethernet from your PC/MAC ,you can access internet.
• Your DD-WRT router local IP address is 192.168.1.1
• Your first router has different LAN subnet for ex. 192.168.0.1

Step:1 Connect to the dd-wrt router using either an Ethernet cable, or by joining the wireless network ‘dd-wrt’. Open a web browser, and load the following address: Note, set your network connection to obtain IP address automatically if you connect to your router via Ethernet.

Check your dd-wrt firmware.Minimum software version for VPN setup is v24.Builds newer than 15962 may have pptp client broken so be sure to upgrade or downgrade to a working one.Build 14896 have been used while preparing this tutorial.

Step:2 Go to Setup then select Basic Setup.

Step:3 Under WAN Connection Type select PPTP

Step:4 Under Use DHCP select Yes

Step:5 Under Gateway (PPTP Server)enter the EarthVPN server address you want to connect.Under User Name enter your VPN username. Under Password enter your VPN password.

Step:6 Enable PPTP or MPPE Encryption.

***You can try disabling/enabling Packet reordering for speed optimization***

Step:7 Disable STP.

***You can try entering “mppe required” without quotes into additonal pptp options textbox if your computer is able to connect via pptp protocol but your dd-wrt router is not connecting via pptp protocol***

• Enter an IP address for the DD-WRT wireless access point.Note, we presume this is the second router,Your first router has different LAN subnet for ex. 192.168.0.1

Step:9 Enable DHCP Server and uncheck all three checkboxes for ‘Use DNSMasq for DNCP’, ‘Use DNSMasq for DNS’ and ‘DHCP-Authoritative’

Step:10 Apply Settings

Step:11 Click on Security then Firewall and set SPI Firewall to Disable and click apply settings button to save.

Step:12 Click on VPN Passthrough and enable PPTP Passthrough

Step:13 Click Apply Settings.

Step:14 Click on Administration Tab scroll down and click on Reboot Router

After the router will reboot it should connect to the VPN automatically, now you can check the connection status by going to Status -> WAN tab If Login Status say Connected then it’s OK, if not click to connect wait for abut 30 seconds .

To check if your IP has been changed visit on your PC/MAC.

If you don’t have a DD-WRT flashed router and would like to purchase one preconfigured with the EarthVPN DD-WRT application, our partner FlashRouters can help you. They provide a hassle free alternative to the somewhat technical process of selecting a compatible router and flashing DD-WRT on it yourself. Check out our Flashrouter Information Page for more information and special promotions!

Before following this guide, you will need to install DD-WRT on your router. To do this, you will need to go to DD-WRT’s router database and search for your router’s model number to see if your router is compatible or find a beta build for your router. This guide uses KONG’s beta build of DD-WRT v3.0-r42335 on a Netgear R6700.

IMPORTANT NOTE: Certain beta builds may not work with OpenVPN. Please read the feedback in the build forum before installing a beta build. Also note, regardless of what model router you have or version of DD-WRT you are installing, there is a chance of bricking your router (i.e. rendering the router completely useless) if the process of putting DD-WRT on the router does not complete properly. Please thoroughly read and follow the related documentation regarding the updating procedure for your router to minimize the risk of bricking your router.

Initial DD-WRT Setup and Important Notes
Please check and consider the following before setting up your VPN connection in DD-WRT:

• If you are running a router-behind-router configuration, you will want to make sure your DD-WRT router is on a different subnet than any other router/modem on your network. This can be done by going to Setup/Basic Setup tab and changing your Local IP address to ‘192.168.8.1’ without quotes
• If you are running PPPoE on the router, you will not be able to make a VPN connection
• We suggest adding the following static DNS addresses: 198.18.0.1 and 8.8.8.8, on the basic setup tab
• Please check to ensure the NTP client is enabled and set to the correct time zone, which can be found at the bottom of the basic setup tab

Enable Syslogd so you can get logs if you run into any trouble with your setup. You can do this by going to Services tab and scrolling down to System Log, then Enable Syslogd.

Configuring the VPN Connection
To setup the VPN connection on your router, go to the Services/VPN tab, enable the OpenVPN Client, and set the connection up using the following settings:

• Server IP/Name: Choose a server from our server list and enter the address in this field
• Port: use 1194 or 443
• Tunnel Device: TUN
• Tunnel Protocol: UDP
• Encryption Cipher: AES-256-CBC
• Hash Algorithm: SHA256
• User Pass Authentication: Enable
• Username: YourPrivadoUsername
• Password: YourPrivadoPassword
• Advanced Options: Enable
• TLS Cipher: None
• Compression: Disabled
• NAT: Enable
• Copy and paste the following into your Additional Config:

persist-key
persist-tun
persist-remote-ip
keysize 256
remote-cert-tls server

• CA Cert: Copy and paste the following into the CA Cert box. The ca.crt is also attached HERE and at the very bottom of this guide if you are having difficulty copying this text.

—–BEGIN CERTIFICATE—–
MIIFKDCCAxCgAwIBAgIJAMtrmqZxIV/OMA0GCSqGSIb3DQEBDQUAMBIxEDAOBgNV
BAMMB1ByaXZhZG8wHhcNMjAwMTA4MjEyODQ1WhcNMzUwMTA5MjEyODQ1WjASMRAw
DgYDVQQDDAdQcml2YWRvMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
xPwOgiwNJzZTnKIXwAB0TSu/Lu2qt2U2I8obtQjwhi/7OrfmbmYykSdro70al2XP
hnwAGGdCxW6LDnp0UN/IOhD11mgBPo14f5CLkBQjSJ6VN5miPbvK746LsNZl9H8r
QGvDuPo4CG9BfPZMiDRGlsMxij/jztzgT1gmuxQ7WHfFRcNzBas1dHa9hV/d3TU6
/t47x4SE/ljdcCtJiu7Zn6ODKQoys3mB7Luz2ngqUJWvkqsg+E4+3eJ0M8Hlbn5T
PaRJBID7DAdYo6Vs6xGCYr981ThFcmoIQ10js10yANrrfGAzd03b3TnLAgko0uQM
HjliMZL6L8sWOPHxyxJI0us88SFh4UgcFyRHKHPKux7w24SxAlZUYoUcTHp9VjG5
XvDKYxzgV2RdM4ulBGbQRQ3y3/CyddsyQYMvA55Ets0LfPaBvDIcct70iXijGsdv
lX1du3ArGpG7Vaje/RU4nbbGT6HYRdt5YyZfof288ukMOSj20nVcmS+c/4tqsxSe
rRb1aq5LOi1IemSkTMeC5gCbexk+L1vl7NT/58sxjGmu5bXwnvev/lIItfi2AlIT
rfUSEv19iDMKkeshwn/+sFJBMWYyluP+yJ56yR+MWoXvLlSWphLDTqq19yx3BZn0
P1tgbXoR0g8PTdJFcz8z3RIb7myVLYulV1oGG/3rka0CAwEAAaOBgDB+MB0GA1Ud
DgQWBBTFtJkZCVDuDAD6k5bJzefjJdO3DTBCBgNVHSMEOzA5gBTFtJkZCVDuDAD6
k5bJzefjJdO3DaEWpBQwEjEQMA4GA1UEAwwHUHJpdmFkb4IJAMtrmqZxIV/OMAwG
A1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBDQUAA4ICAQB7MUSX
MeBb9wlSv4sUaT1JHEwE26nlBw+TKmezfuPU5pBlY0LYr6qQZY95DHqsRJ7ByUzG
UrGo17dNGXlcuNc6TAaQQEDRPo6y+LVh2TWMk15TUMI+MkqryJtCret7xGvDigKY
MJgBy58HN3RAVr1B7cL9youwzLgc2Y/NcFKvnQJKeiIYAJ7g0CcnJiQvgZTS7xdw
kEBXfsngmUCIG320DLPEL+Ze0HiUrxwWljMRya6i40AeH3Zu2i532xX1wV5+cjA4
RJWIKg6ri/Q54iFGtZrA9/nc6y9uoQHkmz8cGyVUmJxFzMrrIICVqUtVRxLhkTMe
4UzwRWTBeGgtW4tS0yq1QonAKfOyjgRw/CeY55D2UGvnAFZdTadtYXS4Alu2P9zd
woEk3fzHiVmDjqfJVr5wz9383aABUFrPI3nz6ed/Z6LZflKh1k+DUDEp8NxU4klU
ULWsSOKoa5zGX51G8cdHxwQLImXvtGuN5eSR8jCTgxFZhdps/xes4KkyfIz9FMYG
748M+uOTgKITf4zdJ9BAyiQaOufVQZ8WjhWzWk9YHec9VqPkzpWNGkVjiRI5ewuX
wZzZ164tMv2hikBXSuUCnFz37/ZNwGlDi0oBdDszCk2GxccdFHHaCSmpjU5MrdJ+
5IhtTKGeTx+US2hTIVHQFIO99DmacxSYvLNcSQ==
—–END CERTIFICATE—–

Save and Apply the settings, then go to the Administration tab and click Reboot at the bottom of the page.

Check the VPN Connection
Once your router has finished booting up, verify you are connected by going to the Status/OpenVPN and/or checking your external IP address online.

Руководства по установке прошивки DD-WRT, список поддерживаемых устройств и т.п. доступны на официальном веб-сайте, вики и форуме.

Используйте прошивку с “openvpn” в имени. Рекомендуется использовать самую свежую прошивку.

Данное руководство составлено при использовании роутера ASUS RT-N12C1 и прошивки dd-wrt.v24-18777_NEWD-2_K2.6_openvpn_small.bin

И откройте его в текстовом редакторе.

Перейдите в Administration → Commands

Скопируйте следующий код в поле Commands, а затем нажмите Save Startup.

Перейдите в Services → Services. В разделе DNSMasq отключите No DNS Rebind.

Внизу страницы нажмите Save, а затем Reboot Router. Подождите 1-2 минуты до полной перезагрузки роутера.

Указанные выше шаги необходимы для установки внутренних DNS VPN-сервера, исключения утечки DNS, а также прозрачной поддержки доступа к .onion ресурсам.

Вы можете пропустить эти шаги и, перейдя в Setup → Basic Setup, в разделе Network Setup → Network Address Server Settings (DHCP) в поле Static DNS 1 прописать любые нужные вам DNS (например 8.8.8.8).

Перейдите в Services → VPN. В разделе OpenVPN Client включите Start OpenVPN Client.

Заполните необходимые поля в соответствии с указанными ниже рекомендациями:

Server IP/Name: используйте имя хоста или IP-адрес указанный в начале файла конфигурации со строкой remote
Port: 443
Tunnel Device: TUN Tunnel Protocol: TCP / UDP
Encryption Cipher: AES-256
Hash algorithm: SHA1
Advanced options: Enable
LZO compression: Adaptive
NAT: Enable

1. TLS Auth key: содержимое в файле конфигурации
2. CA Cert: содержимое в файле конфигурации
3. Public Client Cert: содержимое в файле конфигурации
4. Private Client Key: содержимое в файле конфигурации

Additional Config:

Также можно добавить адреса других VPN-серверов в поле Additional Config (при недоступности 1-го сервера будет осуществлено подключение к следующему серверу в списке). Рекомендуется добавить как имя хоста, так и IP-адрес сервера (указанные в файле конфигурации). Пример:

tcp-client – для подключения по протоколу TCP
udp – для подключения по протоколу UDP

Сохраните настройки нажав Save, а затем – Apply Settings. Будет осуществлено подключение к VPN-серверу (это может занять 1-15 секунд).

Посмотреть статус подключения вы можете в Status → OpenVPN:

Разрешение доступа в сеть через роутер только при подключенном VPN (kill switch)

Перейдите в Administration → Commands

Введите следующую команду для разрешения пропуска трафика только через сетевой интерфейс VPN для адресов из диапазона 192.168.1.0/24 (диапазон IP-адресов пользователей по умолчанию; посмотреть текущий диапазон можно в Setup → Basic Setup разделе Network Setup):

Показать альтернативный список команд

или можете использовать следующий список команд, если предыдущая команда не подошла:

Сохраните конфигурацию нажав Save Firewall. Возможно потребуется перезагрузка роутера.

Теперь доступ в Интернет будет возможен только когда роутер будет подключен к VPN.

Important! By setting up a L2TP VPN connection on a DD-WRT router your IP will be changed but your traffic will NOT be encrypted. That happens because the connection does not use IPSec.

In order to setup L2TP VPN on your DD-WRT router you have to flash your router with DD-WRT firmware and set router local IP address as 192.168.1.1. Also please check if you can connect to Internet via Wi-Ffi from this router. We also recommend to check VPN on your PC/Mac to ensure that your network configuration and ISP allow L2TP/IPsec connections.

Important: L2TP can NOT be used concurrently with PPPoE or Static IP if you use DD-WRT flashed router as main router. We recommend you to use DD-WRT flashed router as the second one.

Connect to your router. For that you have to put in your browser the following address:

Also you have to set your network connection to obtain IP address automatically if you connect to your router via Ethernet.

Configure your DD-WRT router to share your regular internet connection.

1. Go to “Setup” tab and then select “Basic Setup” (1).
   Select L2TP (2) from the “Connection Type” drop down menu.
   In the “Gateway (PPTP server)” (3) type IP address or hostname of the TorGuard VPN server you want to connect to. You can find all the available servers in the package details in the Client area .
   In the “Username” (4) and “Passwords” (5) fields enter your VPN username and password. Make sure you use your VPN username and password and NOT the client area credentials.
   Select “Yes” (6) next to “Use DHCP”.
   In the “Optional Settings” zone change MTU to “Manual” (7) and type the value 1460 (8) in the field and set “STP” (9) as “Disabled”.
   In the “Network setup” enter the IP address for the DD-WRT access point (10). Important, if this is the second router then you must set a different Local IP address then your main router.
   Select “DHCP Server” next to “DHCP Type” (11).
   “Enable” DHCP server (12).
   Make sure all other settings looks like in our screenshot.
   Click on “Apply settings” (13).
   
2. Now go to the “Security” tab (14) and select “Firewall” (15). Here, set “SPI Firewall” to “Disable” (16).
   
3. Go to “VPN Passthrough” (17) and select “Enabled” next to “L2TP Passthrough” (18). Click on “Apply settings” (19).
   
4. Go to “Administration” tab (20). Scroll down and click on “Reboot router” button (21). This will reboot your router.
   

After the reboot VPN is set up. You can check the connection going to “Status” tab and select “WAN” from there. Login status should be “Connected”. If it says “Disconnected” click on “Connect” button and wait for about 1 minute. After that the connection should be established. You can check if you are connected to a VPN server by going to Whats My IP and see if your IP is changed.

Related Articles

STEP 1) Type the router’s local IP address into your web browser’s URL bar and login into your.

Setting up an OpenVPN connection manually on a DDWRT Router with TorGuard is very easy and can be.

Setting up an OpenVPN connection manually on a DD-WRT Router with TorGuard is very easy and can.

TorGuard’s anonymous VPN service will pretty much work on any device that supports an OpenVPN.

Wireguard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art.

If you have read my previous article on VPNs you already know the advantages of using a VPN and the risks of not using one and hopefully you are using one now. If you haven’t subscribed to a VPN yet I leave you a link here for a great discount.
Many VPN providers, such as NordVPN, which is the one I’ve been using for years and recommend, provide apps for iPhone, Android and other systems to access their VPN servers. However, there are devices, such as an AppleTV, that do not have an app or other direct way to connect to a VPN server.
For this type of cases, having your home router connected to a VPN is the best solution. Furthermore, it’s much easier to have your home router connected to a VPN than to install a VPN application on each of the devices that connect to the Internet in your household.
Not all routers have the same way of connecting to a VPN or supporting the same protocols. Here’s how to set up a VPN on a DD-WRT router using the OpenVPN protocol. If you want to know more about DD-WRT or how to install it on a Linksys WRT1900ACS I recommend you to read this other post.

Choose a VPN server

Before starting to configure the router we must choose the VPN server to which it will connect. NordVPN does this very easily with its ‘Recommended Server’ tool. Here we can select the country we want to connect to, the type of server (in case we need a special requirement, such as P2P, Double VPN or Onion Over VPN) and the security protocol (OpenVPN UDP in our case). And we write down the name of the recommended server (eg. nl173.nordvpn.com).

Download the server certificate

Now is the time to download the certificate of the chosen VPN server. You can download all NordVPN server certificates from If you are using a different VPN provider, you should ask where to download the certificate from.

When you uncompress the NordVPN server certificate zip file you will find a huge list of files (9524 items at the time of writing this article) grouped in pairs of .crt and .key files. We will only need the pair of files that correspond to the chosen server (eg. nl173_nordvpn_com_ca.crt, nl173_nordvpn_com_tls.key).

Backup Configuration

This step is optional but my recommendation is to back up your current router configuration in case something goes wrong. Access the router interface (by default is 192.168.1.1.1), navigate to ‘Administration > Backup’ and click on the ‘Backup’ button.

Change DNS addresses

You’ve probably already made this change, but let’s double check just in case.
Navigate to ‘Setup > Basic Setup’ and under the ‘WAN Setup > WAN Connection Type’ section set the Static DNS servers to the DNS server addresses you trust. They could be from your VPN provider or another external service like the one I’ve chosen in this case, Cloudflare (1.1.1.1, 1.0.0.1).

Then, click on ‘Save’ and ‘Apply Settings’ buttons.

Disable IPv6

To prevent IPv6 leaks we’ll disable IPv6 on the router. Navigate to ‘Setup > IPV6’, set the ‘IPv6’ option to ‘Disable’ and then click on ‘Save’ and ‘Apply Settings’ buttons.

Set up OpenVPN Client

This is the core part of the configuration process. Navigate to ‘Services > VPN’ and under the ‘OpenVPN Client’ section set the ‘Start OpenVPN Client’ option to ‘Enable’ and then set the following options (if nothing is specified keep the default values):

Server IP/Name: the server we chose previously (nl173.nordvpn.com in out case)
Port: 1194
Tunnel Device: TUN
Tunnel Protocol: UDP
Encryption Cipher: AES-256-CBC
Hash Algorithm: SHA-512 (it could be SHA-1 on older servers)
User Pass Authentication: Enable
Username: the username of your VPN provider account
Password = the password of your VPN provider account
Advanced Options: Enable
TLS Cipher = None
LZO Compression = Yes
NAT = Enable

TLS Auth Key: here you should copy the content of the .key file you downloaded previously (in our case, nl173_nordvpn_com_tls.key)

Additional Config: copy the following commands into this text box

CA Cert: here you should copy the content of the .crt file you downloaded previously (in our case, nl173_nordvpn_com_ca.crt)

After entering all this data, click on ‘Save’ and ‘Apply Settings’ buttons.

Verify VPN

To verify that the VPN is working navigate to ‘Status > OpenVPN’ and under the ‘State’ section you should see the message: ‘Client: CONNECTED SUCCESS’.

After that you can go to an IP location web service, such as ip2location.com, to check your current IP address and location.

Create a kill-switch

To prevent the router from exposing us to an insecure connection if the connection to the VPN server is lost, we will create a kill-switch. This means that if for any reason the router cannot establish a connection to the VPN server, we will not have Internet connection until we fix the issue.
Navigate to ‘Administration > Commands’ and enter these commands into the ‘Commands’ text box:

Then click on ‘Save Firewall’ button.

Lastly, navigate to ‘Administration > Management’ and click on ‘Reboot router’ button.

This tutorial will show you how to set up PPTP VPN on DD-WRT Routers using the SmartyDNS VPN services. If you don’t have a SmartyDNS account, you can try our services for free for 3 days.

Here are the steps you should follow:

To setup PPTP VPN on DD-WRT router you will have to flash your router with DD-WRT firmware and set router local IP address as 192.168.1.1. Also, verify if you are able to connect to Internet via Wi-Fi from your DD-WRT router. Also, we recommend to check if your network configuration and ISP allow PPTP VPN connections on on your PC or Mac.

Connect to your router. To do that you have to enter the following address in your browser: Also, if you are connected to your router via Ethernet, set your network connection to obtain the IP address automatically.

There are two options to set up PPTP VPN on a DD-WRT router. Please select which option you prefer to use:

1. Go to “Setup” tab and and choose “Basic Setup” (1).Then fill the fields and check the radio buttons with the following settings:

“Connection Type” (2): choose “PPTP”.

“Gateway (PPTP server)” (3): type the IP address of the SmartyDNS server you want to connect to.

You can find the entire list of all available servers in your account on our website, by going to your package from “Packages”. If you don’t have a SmartyDNS account, you can try our services for free for 3 days.

In the “Username” (4) and “Password” (5) fields type your VPN username and password.

To find your VPN username and password, sign in to your account on our website, go to “Setup” -> “VPN Username & Password“. If you don’t have a SmartyDNS account, you can try our services for free for 3 days.
“Use DHCP” (6): choose “Yes”.

“MPPE Encryption” (7): choose “Enable”.

“Packet Reordering” (8): choose “Enable”. Note: If your version of DD-WRT has the “PPTP encryption” option set to “Enable” as well.

“Dual-Access mode” (9): set to “No”.

“Receive IPTV” (10): chose “No”.

“Optional Settings” compartment:

“MTU”: change it to “Manual” (11) and type the value 1460 (12) in the next field.

“STP”: set it to “Disable” (13).

“Network setup” zone:

“Local IP Address” – enter the IP address for the DD-WRT access point (14). Note: if this is the second router then you have to set a different Local IP address then your main router.

“Network Address Server Settings (DHCP) zone:

“DHCP Type”: choose “DHCP Server” (15).

“DHCP Server”: choose “Enable” (16).

Verify all the settings and make sure that everything looks exactly like in our screenshot.

Click on “Apply settings” button (17).

Go to the “Security” tab (17) and choose “Firewall” (18). Then, set “SPI Firewall” to “Disable” (19).

Now go to “VPN Passthrough” (20) and choose “Enabled” (21) next to “PPTP Passthrough”. Then click on “Apply settings” button (22).

Then go to “Administration” tab (23) and scroll all the way down, then click on “Reboot router” button (24). This will reboot your router.

1. Go to “Setup” tab and and choose “Basic Setup” (1).

In the “Network Address Server Settings (DHCP)” (2):“DHCP server”: choose “Enable” (3).

“Static DNS 1” (4): change to 8.8.8.8

“Static DNS 2” (5): change to 8.8.4.4

“Use DNSMasq for DNS” (6): make sure to untick the checkbox.

Now go to “Security” tab (7), then click on “Firewall” (8) and set the “SPI Firewall to “Disable” (9).

After that click on “VPN Passthrough” tab (10), then choose “Enable” for “PPTP Passthrough” (11), then click on “Apply settings” button (12).