Jump to content
Not connected, Your IP: 18.227.49.73
Annonnymous

Need Help with changing code to install OpenVPN on a AVM router (Fritzbox) WITHOUT custom firmware

Recommended Posts

Hey guys I ran across this article: http://www.sephi.de/wp/2013/11/04/fritzbox-7390-mit-fritzos-6-0-und-openvpn-ohne-custom-firmware/

 

as I was looking for a way to make my life easier by convincing my Fritzbox to accept OpenVPN connections. Now we do have an excellent tutorial already if freetz (the custom firmware for avm devices) is an option for your box. However that is not an option for my very new 3390 since the only supported firmware so far is pretty buggy and damaged. I didn't want to make a trade off between security risks or beeing lazy which is why I searched for another way and I believe I found it. Also some ISP check the status of their boxes/routers which is why it is impossible for some people to use freetz.

 

Now I am not a genius with linux which is why I do not know how to change the login procedure but I think that someone with a little more knowledge could change that code in to something we all will be able to benefit from. As far as I understood it the only nescessary change would be to change the login procedure as airvpn doesn't use certificates rather than username and password.

 

I am well aware that German is not as wide spread language :-D which is why I translated the German (Red Colour) in to English. (It is not perfect but for the purpose of this work it'll do. Once the script works I will create a real How to with proper instructions)

 

Vorab sei noch gesagt, dass der exakte Pfad des USB-Sticks ggf. je nach USB-Stick den man verwendet variieren kann. Passt dazu einfach alle Pfade an.

Before we get started it is important to mention that the exact path of the USB Stick may vary and therefore all paths may have to be changed accordingly.

Hier gibts die OpenVPN-Binary: Download: openvpn_2.3.2-mips-openssl-static.gz 568.6 KB

There is the OpenVPN Binary

Man entpackt diese auf den USB-Stick in einen Unterordner 'openvpn' und benennt sie in 'openvpn' um.

Just extract this binary on to an USB stick in a subfolder "openvpn" and call it "openvpn"

Dazu kommt folgendes Startscript als 'runme.sh':

Add the following starter script as "runme.sh"

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
#!/bin/sh
# Skript startet den VPN Dienst.
 
# wir warten und pruefen, bis Internetverbindung steht:
echo warten auf bestehende Internetverbindung
# hier wird jeweils so lange versucht,
# einen Ping erfolgreich an 8.8.8.8 (Google DNS Server)
# zu schicken und bei Misserfolg gewartet - kann natürlich gerne
# gegen den eigenen VPN-Server ausgetauscht werden
while !(ping -c 1 8.8.8.8); do
sleep 5
done
 
# tun-Device anlegen, falls noch nicht vorhanden
echo das TUN Device wird erzeugt
mknod /var/tmp/tun c 10 200
 
# wir geben eine Info raus, dass der VPN Dienst gestartet wird:
echo OpenVPN wird gestartet
# Wir gehen in das Verzeichnis auf dem USB Device:
cd /var/media/ftp/Generic-FlashDisk-01/openvpn
# Aufruf des OpenVPN Binary mit dem Konfigurationsnamen, wird als daemon gestartet
/var/media/ftp/Generic-FlashDisk-01/openvpn/openvpn --client --config openvpn.conf --daemon

Dazu als 'openvpn.conf' die vorbereitete OpenVPN-Konfiguration und die Zertifikatsdateien - hier ein Beispiel:

Additionally the prepared OpenVPN-config and the certificate data - as exampled: 

(I believe this is the point where we will have to change something since airvpn does work with passwort and username bit I do not know enough of coding language to do it myself)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
client
dev tun
dev-node /var/tmp/tun
proto tcp
remote <server> 1194
resolv-retry infinite
nobind
persist-key
ca ca.crt
key fritzbox-client.key
cert fritzbox-client.crt
cipher AES-128-CBC
verb 1
mute 20
comp-lzo

Jetzt müssen wir die angelegte 'runme.sh' nur noch in den Autostart eintragen - das machen wir ganz einfach über einen Eintrag in der 'debug.cfg' im Verzeichnis /var/flash/ direkt auf der Fritz!Box - falls nötig legen wir die Datei einfach mit folgendem Inhalt an:

Now we only have to create an autostart entry for "runme.sh" This can be accomplished through an entry in "debug.cfg" in the path /var/flash on the Fritzbox. If nescessary just create the file with the content.

1
/var/media/ftp/Generic-FlashDisk-01/openvpn/runme.sh

Zum Test kann der eingetragene Befehl auch manuell auf der Telnet-Konsole ausgeführt werden. Verbinden kann man mit der Fritz!Box einfach per Telnet auf Port 23 mit dem Administrator-Kennwort der Box. Hierfür geht nahezu jeder beliebige Client - zum Beispiel PuTTy (auf Telnet umstellen nicht vergessen!).

To test it the command may also be executed manually through Telnet-console. Connecting to the FritzBox can be achieved through Telnet on port 23 and the administrator password. In order to do so every Client such as PuTTy can be used for that.

 

 

Allright guys. Once we figured it out how to change it, I am going to write a real how to so that every one can use it. If you have an idea how to approach it, but do not have an AVM router, I will provide mine as guinea pig.

 

Allright happy coding :-)

 

Share this post


Link to post

You may have set up OpenVPN but you need to set up iptables, too, otherwise there won't be any traffic from and to the internet. Applies to my 7141.

 

Regarding the config file: Just replace it with the one from the config generator. Maybe you have to add dev-node /var/tmp/tun to it manually. I personally didn't need that.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...