Follow Us:

Questions? Contact us

OpenVPN Configuration Setup on DD-WRT Router

DNSFLEX > VPN Setup  > Router  > OpenVPN Configuration Setup on DD-WRT Router
ddwrt-logo

OpenVPN Configuration Setup on DD-WRT Router

DD-WRT is an open source router software build that can run on a wide range of commercial routers.  It offers OpenVPN, L2TP and PPTP protocol support and can be customised and tuned for ultimate flexibility.   You can check if your router supports DD-WRT firmware here.  Support for DD-WRT installation and how-to guides can be found here

 

 

Step 1 – Add VPN Username or SOCKS Authorised IP’s

 

Log into the DNSFLEX members area dashboard here.  If you are using the VPN service – create a VPN username and password, if you are using the SOCKS Proxies – enter your authorised IP’s.   If you plan to use both VPN and SOCKS then configure both VPN username and SOCKS Proxies Authorised IP.

 

setup-1

 

 

Step 2 – Choose your IP Type

 

This section allows you to choose what type of IP you want your VPN endpoint to connect to.    Please read the pop up article “which to choose” to fully understand the different use cases in order to make the correct choice.

 

setup-2

 

 

 

Step 3 – Download OpenVPN Configuration Files

 

The next step, you must download the VPN server configuration files necessary so that the OpenVPN Software knows where to connect to.   Download the lone configuration file in the members are dashboard.  This will be the only config file required to connect to all your IP endpoints.

 

To connect to SOCKS Proxies, copy the SOCKS endpoint host name and port and enter it into your proxy software.

 

setup-3-1

 

 

 

 

Step 4 – Configure DNS for Route Leak Protection

 

  • Log into your Router Administrative interface.  Enter the router IP into into your web browser.  This is typically –  http://192.168.1.1 or http://192.168.0.1

 

  • In the DD-WRT Administrative interface, navigate to Setup -> Basic Setup

 

basic-setup-1

 

  • Under the Section labelled “DHCP” Enter the DNSFlex DNS Server IP’s in the fields “Static DNS 1” and “Static DNS 2“.  If you need help locating the closest DNS servers in your Region, please refer to the DNS server map here

 

  • Select the following check boxes – “Use DNSMasq for DHCP” , “Use DNSMasq for DNS” , “DHCP-Authoritative”

 

dns-leak-1

 

  • Click “Save” and “Apply Settings” to save your changes.

 

 

Step 5 – Disable IPv6

 

Dual stack computers tend to prefer IPv6 stack over IPv4, as a result, your internet traffic may leak and divert traffic from the VPN connection.  Disable IPv6 for best practise to ensure all your network traffic is being routed through the VPN connection.

 

  • Navigate to Setup -> IPv6.  Select IPv6 “Disable“.  Click Save and Apply.

 

disable-ipv6

 

 

 

Step 6 – Configure OpenVPN

 

  • Navigate to Services -> VPN.  Under the OpenVPN Client settings and find “Start OpenVPN Client” and select “Enable

 

dd-wrt-1

 

  • Open the .ovpn file you downloaded in the previous step with a text editor of your choice and use these values to fill out the fields.  For illustration purposes, we chose a US VPN Server “vpn-udp-us1.dnsflex.com”

 

server-address-3

 

Server IP/Name = vpn-udp-us1.dnsflex.com
Port = 1194
Tunnel Device = TUN
Tunnel Protocol = UDP
Encryption Cipher = AES-256-CBC
Hash Algorithm = SHA1
User Pass Authentication = Enable
Username = DNSFlex VPN Username
Password = DNSFlex VPN Password
Advanced Options = Enable (this will enable additional options)
TLS Cipher = None
LZO Compression = Yes
NAT = Enable
Note: If the options are not mentioned in this guide, it is assumed to use the default values provided by DD-WRT.

 

Note:  If you are running an older version of DD-WRT firmware, the username and password fields may not appear.   Navigate to Administration -> Commands.  Enter this code and replace “Username/Password” with your DNSFlex VPN Username and Password.

 

echo “USERNAME PASSWORD” > /tmp/openvpncl/user.conf
/usr/bin/killall openvpn
/usr/sbin/openvpn –config /tmp/openvpncl/openvpn.conf –route-up /tmp/openvpncl/route-up.sh –down-pre /tmp/openvpncl/route-down.sh –daemon

 

  • In  the “Additional Config” box, enter the following commands:

 

remote-cert-tls server
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping-timer-rem
reneg-sec 0
#Delete “#” in the line below if your router does not have credentials fields as such in the previous step:
#auth-user-pass /tmp/openvpncl/user.conf

 

  • Using your favorite text editor, open the DNSFlex .ovpn configuration file you downloaded prior to Step 3 in this tutorial.   Copy the contents of the CA Certificate and paste it in the box named “Ca Cert“. Ensure all parts are copied including “—–BEGIN CERTIFICATE—– and —–END CERTIFICATE—–”  lines

 

ca-5

 

 

  • Once more, open the DNSFlex .ovpn configuration file.   Copy the contents of the TLS Key and paste it in the box named “TLS Auth Key“. Ensure all contents of the key are copied including – “—–BEGIN OpenVPN Static key V1—–” and “—–END OpenVPN Static key V1—–” lines.

 

tls-auth-4

 

 

  • Once all the data is entered, click on “Save” and “Apply“.   Your settings should look like this:

 

dd-wrt-setup2

 

  • To verify your router is connected to the VPN server, navigate to Status -> OpenVPN.  You should see a status message -“CONNECTED SUCCESS”.

 

connected

GD
No Comments

Post a Comment