OpenVPN Setup On DD-WRT Rounter

We want free Internet access, but some Governments don’t like it. Fortunately, we can setup our own VPN if you use any router with DD-WRT:

  1. Login to your router, navigate to Service > VPN
  2. Under “OpenVPN Server/Daemon” section, set the following:

    OpenVPN: Enable
    Start Type: WAN Up
    Config as: Server
    Server mode: Router (TUN)
    Network: (VPN network address you would like to use. Must different from your LAN!)
    Port: 443
    Tunnel Protocol: TCP (Use TCP port 443 as it is used for https in common and GWF seems impossible to block!)
    Encryption Cipher: AES-128-CBC
    Hash Algorithm: SHA1
    Advanced Options: Enable
    TLS Cipher: None
    LZO Compression: Disabled
    Redirect default Gateway: Enable
    Allow Client to Client: Enable
    Allow duplicate cn: Enable
    Tunnel MTU setting: 1500

  3. Set the following in “Additional Config”:

    dev tun0
    keepalive 10 120
    push “dhcp-option DNS”
    push “route” (add this if you want to access other machine in your LAN)
    verb 3
    max-clients 5

  4. We also need Public Server Cert, CA Cert, Private Server Key and DH PEM to make it works. You may refer to this guide to generate yours:

  5. Firewall need to be reconfigure for allowing VPN connection and traffic from VPN client to Internet. Navigate to Administration > Commands, and fill in:

    iptables -I INPUT 1 -p tcp –dport 443 -j ACCEPT
    iptables -I FORWARD 1 –source -j ACCEPT
    iptables -I FORWARD -i br0 -o tun0 -jACCEPT
    iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
    iptables -t nat -A POSTROUTING -s -j MASQUERADE

    Remember to click on “Save Firewall” after this.

  6. And we need client-side OpenVPN config file for connection OpenVPN. You may refer to this sample. Copy, amend and save it as something.ovpn.
  7. If you are a Mac user, Tunnelblick is a good choice of a OpenVPN client, just drop the ovpn file into it and click connect for connecting your VPN.
OpenVPN Setup On DD-WRT Rounter
Tagged on: