Jump to content
Not connected, Your IP: 35.172.100.232
Sign in to follow this  
JamBam

tls-crypt on DD-WRT: got it working!

Recommended Posts

General info:

 

- DD-WRT v3.0-r37845M kongac (11/25/18) on a Netgear R7000

- I have configured my R7000 as a Wireless Access Point (see https://wiki.dd-wrt.com/wiki/index.php/Wireless_access_point)

 

 

Step 1, generate OpenVPN configuration files

 

- www.airvpn.org => Client Area => Config Generator

- Activate "Advanced Mode"
- Choose your Operating System: Router
- Choose your OpenVPN version: >= 2.4
- Need IPv6?: IPv4 only
- Advanced (right part of the screen): Activate "Separate keys/certs from .ovpn file"

- Protocols: Protocol: TCP; Port: 443; Entry IP: 3; Specs: tls-crypt, tls 1.2

- Choose server

- Generate protocol

- Select ZIP

 

Now you have generated a ZIP file containing the following 5 files:

ca.crt; user.crt; user.key; tls-crypt.key; and a .ovpn file, for example: AirVPN_NL-Alblasserdam_Muscida_TCP-443-Entry3.ovpn.

 

 

Step 2, DD-WRT => Services => VPN => OpenVPN Client

 

Hash Algorithm: SHA512

 

ca.crt goes in "CA Cert"; user.crt goes in "Public Client Cert"; user.key goes in "Private Client Key".

 

The tls-crypt.key goes in "Additional Config" between <tls-crypt> and </tls-crypt>.
Furthermore I´ve put the following two settings in "Additional Config": remote-cert-tls server and auth-nocache.

The contents of "Additional Config" could, for example, look like this:

 

remote-cert-tls server
auth-nocache
<tls-crypt>
content of tls-crypt.key
</tls-crypt>

 

 

 

 

The only dissappointing thing: https://2ip.io/privacy/ still knows I am using a VPN service:

 

 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...