Your own OpenVPN WLAN

Discussion in 'Tutorials and Guides' started by wlanboy, May 19, 2013.

  1. wlanboy

    wlanboy Content Contributer

    2,126
    1,169
    May 16, 2013
    I do have some devices where I am not able to install an OpenVPN client. But I want to use an US IP for these devices. You might think that the only way to get an US IP is to root/patch the devices.

    The more elegant way is to have a device that is doing the OpenVPN client job.

    Therefore I bought a cheap second router (30$) and installed dd-wrt on it.

    If you log into the web interface you can go to the section:

    Services -> VPN -> OpenVPN Client

    Enter Server IP, Port, Tunnel Protocol (UDP), Tunnel Device (TUN), Encryption Cipher (Blowfish CBC), Hash Algorithm (SHA1), Use LZO Compression (enabled) and NAT (enabled).

    Afterwards you can enter (copy/paste):

    • CA Cert
    • Public Client Cert
    • Private Client Key
    On some routers you have to add following command to enable masquerading:

    Go to Administration -> Commands

    enter:


    iptables -t nat -A POSTROUTING -j MASQUERADE

    and press the "Save firewall" button.


    That's it. Restart the second router.

    Now all internet traffic of this router is forwarded through the OpenVPN tunnel.

    Every devices connected to this router (LAN  or WLAN) does not even know that it is using an OpenVPN tunnel. It is just using on US IP (depends on the localtion of your vps).

    I plugged my second router right into the network of my first router.

    This can be done through setting the connection type to "Automatic configuration - DHCP" on the submenu: Setup -> Basic Setup. This ensures that the second router is using the internet connection of the first router to establish his own OpenVPN connection.
     
  2. 365Networks

    365Networks New Member

    121
    38
    May 15, 2013
    This is great! I could for sure see myself doing something like this in the future.
     
  3. drmike

    drmike 100% Tier-1 Gogent

    8,573
    2,717
    May 13, 2013
    Seriously good how to here and it seems oh so simple.  This will help lots of people (censorship, monitoring, sensitive info, viewing Hulu, etc.)

    You have my thanks!
     
  4. wlanboy

    wlanboy Content Contributer

    2,126
    1,169
    May 16, 2013
  5. HalfEatenPie

    HalfEatenPie The Irrational One Retired Staff

    2,890
    1,386
    Mar 25, 2013
    HalfEatenPie
    Yep, I have this for my home connection.  Works perfectly.  Unfortunately for my specific model it's mutually exclusive with IPv6.  So it's either get OpenVPN working on my router side or get IPv6.  
     
  6. wlanboy

    wlanboy Content Contributer

    2,126
    1,169
    May 16, 2013
    @HalfEatenPie

    Which version of dd-wrt are you using?