Jump to content
Not connected, Your IP:

tls-crypt on DD-WRT: got it working!

Recommended Posts

General info:


- DD-WRT v3.0-r37845M kongac (11/25/18) on a Netgear R7000

- I have configured my R7000 as a Wireless Access Point (see https://wiki.dd-wrt.com/wiki/index.php/Wireless_access_point)



Step 1, generate OpenVPN configuration files


- www.airvpn.org => Client Area => Config Generator

- Activate "Advanced Mode"
- Choose your Operating System: Router
- Choose your OpenVPN version: >= 2.4
- Need IPv6?: IPv4 only
- Advanced (right part of the screen): Activate "Separate keys/certs from .ovpn file"

- Protocols: Protocol: TCP; Port: 443; Entry IP: 3; Specs: tls-crypt, tls 1.2

- Choose server

- Generate protocol

- Select ZIP


Now you have generated a ZIP file containing the following 5 files:

ca.crt; user.crt; user.key; tls-crypt.key; and a .ovpn file, for example: AirVPN_NL-Alblasserdam_Muscida_TCP-443-Entry3.ovpn.



Step 2, DD-WRT => Services => VPN => OpenVPN Client


Hash Algorithm: SHA512


ca.crt goes in "CA Cert"; user.crt goes in "Public Client Cert"; user.key goes in "Private Client Key".


The tls-crypt.key goes in "Additional Config" between <tls-crypt> and </tls-crypt>.
Furthermore I´ve put the following two settings in "Additional Config": remote-cert-tls server and auth-nocache.

The contents of "Additional Config" could, for example, look like this:


remote-cert-tls server
content of tls-crypt.key





The only dissappointing thing: https://2ip.io/privacy/ still knows I am using a VPN service:



Share this post

Link to post
On 12/16/2018 at 9:27 AM, JamBam said:

The tls-crypt.key goes in "Additional Config" between <tls-crypt> and </tls-crypt>.


Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Security Check
    Play CAPTCHA Audio
    Refresh Image

  • Create New...