ANSWERED These can not be the right directions to configuring ddwert

[tittiger 0]

The directions  at  are horrible at https://airvpn.org/ddwrt/

I am trying to configure  VPN on a wrt54gl using firmware build 13064.
The file I flashed was  dd-wrt.v24_vpn_generic.bin.


Let me document the confusion in case someone wants to see if they can rewrite

the directions to be usable and clear.

1.) The step "Go to Specs page of AirVPN website and locate Air VPN DNS for the server you want to connect to, and enter it under Static DNS 1." does not link to the info that you need to input the VPN servers DNS. You first need their 10.x.x.x  network.  And how to do that is not mentioned until a link a few steps down.  (i.e. nslookup SERVER-NAME.airservers.org) Only then  after 3 hours of frustration was I able to get the correct DNS info for that step.

2.)  Now we are instructed to go to services --> VPN tab -->  and enable the OpenVPN Client
Then to enter the servers IP and port. I just gt the IP with nslookup, but i lack telepathy and d not know what port to use.

3.) Set the tunnel protocol to either  UDP or TCP. Again I have no idea. It says it depends on the server that I selected.
 
4.) Then says to set the encryption cypher to AFS-256.  Again I have no such setting.

5.)  Set HASH... no such setting.

6.) Enable advance options. No such setting.

7.) Enable NAT.  No such setting

8.) Set local IP .... no such setting.

9.) Set TLS Cipher.... no such setting

 

10.) Unzip the AIrVPN config file.... and the is no CA cert window to paste into.

11.) Copy contents into the  TLS auth key... no such window.

12.) When instructed to copy the firewall rules into the command window they say that it is important to

determine if the tun interface name is tun1 or tun0 without telling how to check this. I have no super powers or telepathy.


I am at a loss.  What am I doing wrong or are these instructions as bad as they seem?

Thanks in advance

 

[go558a83nk 362]

I can't believe mods are allowing you to post the same thing over and over again.

 

Just use 10.4.0.1 for DNS.

[tittiger 0]

Well I am glad that the mods pay more attention than you do.

One post in in a forum to get help. The other post was in a forum to alert people to

problems. I do not need a nanny go558a83nk
 

If you were referring to the post "Trouble finding DNS of the VPN servers...." that has been marked solved and this post

adds detail to many more issues encountered after that problem. That IS NOT posting the same thing twice.

 

FYI you do not (according to their directions)  use that DNS unless    one of the server interfaces  

begins with  10.4.x.x   and I can not possible know the IP until I run nslookup on it. Do all 249 servers IP

start with 10.4.x.x? If not then that is not always the correct DNS (as least according to the documentation)

 

 

 

Well I solved one issue looking that up. I now know the port I was looking for.

Thanks

[Staff 9973]

 

FYI you do not (according to their directions)  use that DNS unless    one of the server interfaces  

begins with  10.4.x.x   and I can not possible know the IP until I run nslookup on it. Do all 249 servers IP

start with 10.4.x.x? If not then that is not always the correct DNS (as least according to the documentation)

 

Hello,

 

10.4.0.1 is always accessible regardless the port you connect to and the protocol you connect with. It is the only always reachable address and it is the main address of any DNS server of each VPN server.

 

Each subnet is a /16 so your reference to "249 servers IP" makes no sense (we underline just in case this is bringing confusion).

 

However, it is recommended (and this will happen by default if you run Eddie or anyway accept the DNS push from the server) to use the same IP address for the VPN gateway and the VPN DNS server. Having these addresses match prevents an attack based on DNS hijacking described in some research papers. So, if you connect to port 80 with protocol UDP, we would recommend to set the DNS server address to 10.8.0.1 (even if 10.4.0.1 would work anyway) because the VPN gateway would be 10.8.0.1.

 

Also please see https://airvpn.org/specs to know exactly which subnet you will enter. This knowledge is not strictly necessary: if you accept DNS push, you will always have VPN gateway and DNS addresses match.

 

Kind regards