OpenVPN setup for DD-WRT


http://wp.me/ph3BR-12G

machine : ASUS RT-N13U B1

DD-WRT, latest version, download here
http://www.dd-wrt.com/site/support/router-database

.

.

SSH setup for login
ref: http://www.dd-wrt.com/wiki/index.php/SSH#Using_Telnet

1) download puttygen.exe, to generate public key and private key,
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

2) run puttygen.exe
copy the public key content, and paste to clipbroad

nEO_IMG_putty key generated_something_like_this

3) go to DD-WRT web interface, click [系統管理], [遠端管理], [SSH 管理], [啟用], [port 22], [儲存重啟]

4) go to DD-WRT web interface, click [伺服器], [信任授權機制(Secure Shell)], [授權金鑰], paste the public key, [儲存重啟]

5) disable telnet now, and use SSH for router login from now onward.

6) test and screen shot of SSH login, done
user name : root
password : your own password
nEO_IMG_DD-WRT_SHH_login
.
.
.
.

DDNS and bug

this verison of dd-wrt has been confirmed DDNS has problem with update dynamic IP to those free DNS service, unless power on reset, and some webpages about solution of how to write own script or to use cron to achive such free DDNS update ontime. My own solution and seems working well, the free DNS no-ip.org is not working, and I am using http://freedns.afraid.org.

goto http://freedns.afraid.org/subdomain/, register and login, setup a free DNS service and your preferred host name.

goto [Dynamic DNS], http://freedns.afraid.org/dynamic/
under this page, looking for and click [ quick cron example], then a web page will be generated with your very own sub-domian and setup things, example followings,

###############################################################################
# This is a crontab example for xiaolaba.mooo.com - (uid: xiao_test)
# Generated 2013-11-01 21:40:33 PST @ http://freedns.afraid.org/
################################################################################
# NOTES:
# * Works on Mac/Linux/*BSD/*NIX type systems
# * Updates automatically each 5 minutes
#
# INSTRUCTIONS:
# 1) To install, goto a system console, then type: 'crontab -e' (without
#      apostrophe's) then paste the bottom last line/entry from this file (all
#      on 1 line) and then save
# 2) To list installed crontabs (verifying installation), type: 'crontab -l'
# 3) To verify updates are occuring, wait 5 minutes, then 'cat /tmp/freedns_xiaolaba_mooo_com.log'
# 4) To read more about how crontab works, check out 'man -a crontab' or search
#      the web for 'installing a crontab' or 'cron' (same thing)
#
# SOME THOUGHTS:
# - This example is for simplicity, and ultra compatibility
# - I urge you to make updates only when a IP change occurs if you know how
#      (such as on ifup), or by polling your router status/snmp device first.
#      I wrote a client/daemon 'lastip2.phps' listed on the clients page that
#      can pull a router status page - however it requires some skill and
#      knowledge of your particular network to set it up properly
# - This below generated example avoids updates when seconds is between :55
#      and :05 to prevent a thundering herd of updates at the minute
# - PATH line may optional, or not! Depends on your system, you may need it
#      somewhere (at the top) of your cron entry if you don't have one already
#      defined, include in your path where 'wget' and 'sleep' commands live on
#      your system
# - You can also run this @reboot, which is great for cloud image / instances,
#      (no 'sleep' needed if @reboot)
# - 'fetch', 'wget' or 'curl' all basically do the same thing, and should
#      interchangeably work - you may prefer or use one of those.  There is also
#      'lynx -dump', or 'w3m -dump' - I am sure there are many more!
#
# Have a better method, or directions? Send it to me!

################################################################################
# Things to check if if doesn't work...:
################################################################################
# Do you need to install wget?  As root, try:
# pkg_add -r wget; apt-get install wget; yum install wget
#
# Run a manual freedns dynamic update right from your console to check for
# errors, here's some examples (you can use/modify any update line that works
# within your cron):
#
# Example #1:
# wget -O - http://freedns.afraid.org/dynamic/update.php?NWphNWxQeEtHdENIS3hveTZib3BZZ1RjOjEwNTAxMzY4
#
# Example #2:
# curl http://freedns.afraid.org/dynamic/update.php?NWphNWxQeEtHdENIS3hveTZib3BZZ1RjOjEwNTAxMzY4
#
# Example #3:
# fetch -o - http://freedns.afraid.org/dynamic/update.php?NWphNWxQeEtHdENIS3hveTZib3BZZ1RjOjEwNTAxMzY4

# You might need to include this path line in crontab, (or specify full paths)
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin

1,6,11,16,21,26,31,36,41,46,51,56 * * * * sleep 6 ; wget -O - http://freedns.afraid.org/dynamic/update.php?NWphNWxQeEtHdENIS3hveTZib3BZZ1RjOjEwNTAxMzY4 >> /tmp/freedns_xiao_test_com.log 2>&1 &

.
.
.
.

and the last line should be looks like following,

1,6,11,16,21,26,31,36,41,46,51,56 * * * * sleep 6 ; wget -O - http://freedns.afraid.org/dynamic/update.php?NWphNWxQeEtHdENIS3hveTZib3BZZ1RjOjEwNTAxMzY4 >> /tmp/freedns_xiao_test_com.log 2>&1 &

.
.
.

and then I change this to following, paste to [系統管理], [新增 Cron Jobs]

*/5 * * * * wget -O - http://freedns.afraid.org/dynamic/update.php?NWphNWxQeEtHdENIS3hveTZib3BZZ1RjOjEwNTAxMzY4 >> /tmp/freedns_xiao_test_com.log 2>&1 &

.
.
.

OpenVPN setup

Download (openvpn-2.1.4-install.exe) and install OpenVPN & easy-rsa in PC, to run and to generate certificate CA required,
http://openvpn.net/index.php/open-source/documentation/howto.html
https://github.com/OpenVPN/easy-rsa, download ZIP, upzip and copy easy-rsa windows version to C:\Program Files\OpenVPN\easy-rsa (no need this if openvpn-2.1.4)

run in windows start menu (as adminstrator), Generate a static OpenVPN key
C:\Program Files\OpenVPN\config\key.txt will be generated, (no need this if openvpn-2.1.4)

goto to C:\Program Files (x86)\OpenVPN\easy-rsa (openvpn-2.1.4)
edit vars.bat.sample as following,

win7 64 bit,


@echo off
rem Edit this variable to point to
rem the openssl.cnf file included
rem with easy-rsa.

rem the line following is only for WIN7 64 bit
set HOME=%ProgramFiles(x86)%\OpenVPN\easy-rsa\
set KEY_CONFIG=openssl.cnf

rem Edit this variable to point to
rem your soon-to-be-created key
rem directory.
rem
rem WARNING: clean-all will do
rem a rm -rf on this directory
rem so make sure you define
rem it correctly!
set KEY_DIR=keys

rem Increase this to 2048 if you
rem are paranoid.  This will slow
rem down TLS negotiation performance
rem as well as the one-time DH parms
rem generation process.
rem set KEY_SIZE=1024
rem set KEY_SIZE=2048

rem These are the default values for fields
rem which will be placed in the certificate.
rem Change these to reflect your site.
rem Don't leave any of these parms blank.

rem my config file for CA build
set KEY_COUNTRY=TW
set KEY_PROVINCE=TPE
set KEY_CITY=KHH
set KEY_ORG=OpenVPN_1234
set KEY_EMAIL=xiaolabacn@yahoo.com.tw

Enter following command line,
C:\Program Files (x86)\OpenVPN\easy-rsa\keys\ca.crt and ca.key will be build

 

</pre>
init-config
vars
clean-all
build-ca
<pre>

ref : http://www.dd-wrt.com/wiki/index.php/VPN_(the_easy_way)_v24%2B#The_Server_Config_File
.

.

ref

ref : http://bbs.chdbits.org/forum.php?mod=viewthread&tid=553995
ref : http://brontosaurusrexng.wordpress.com/2009/06/10/afraid-org-and-wget-on-windows/
ref : http://freedns.afraid.org/dynamic/

http://www.dd-wrt.com/wiki/index.php/Jffs_sharing_in_a_Linux_server

ref : http://bbs.chanki.net/forum.php?mod=viewthread&tid=184

ref : http://freemanv1.blogspot.tw/2012/05/dd-wrt-openvpn.html

廣告

發表迴響

在下方填入你的資料或按右方圖示以社群網站登入:

WordPress.com Logo

您的留言將使用 WordPress.com 帳號。 登出 / 變更 )

Twitter picture

您的留言將使用 Twitter 帳號。 登出 / 變更 )

Facebook照片

您的留言將使用 Facebook 帳號。 登出 / 變更 )

Google+ photo

您的留言將使用 Google+ 帳號。 登出 / 變更 )

連結到 %s