Jump to content
Not connected, Your IP: 35.173.48.224

Search the Community

Showing results for tags 'DD-WRT'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • AirVPN
    • News and Announcement
    • How-To
    • Frequently asked questions
    • Databases
  • Community
    • General & Suggestions
    • Troubleshooting and Problems
    • Blocked websites warning
    • Eddie - AirVPN Client
    • Reviews
    • Other VPN competitors or features
    • Nonprofit
    • Off-Topic
  • Other Projects
    • IP Leak
    • XMPP
    • Mirrors

Product Groups

  • AirVPN Access
  • Coupons
  • Misc

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Twitter


Mastodon


AIM


MSN


ICQ


Yahoo


XMPP / Jabber


Skype


Location


Interests

Found 57 results

  1. I followed this tutorial to set up OpenVPN in my router that uses DD-WRT. Works great. For getting torrents to work (using qBittorrent), I followed the second post here: set up a forwarding port via Client Area > Forwarded ports; and then in qBittorrent chose that port as the listening port. But still, the TCP Test fails, and the torrent is "stalled." I think I'm missing something obvious, but I would appreciate some guidance! Do I need to forward a port on my router? I can supply any additional information if needed! Thank you.
  2. My hardward/firmware: Router ModelLinksys WRT 1200AC Firmware VersionDD-WRT v3.0-r28788 std (01/13/16)Kernel VersionLinux 3.18.25 #59 SMP Mon Jan 11 11:48:34 CET 2016 armv7l My goal: To open ports 8000 and 8001 on my router to allow shoutcast server to livestream from static ip 192.168.10.172 on the network. Hi, After reading https://airvpn.org/external_link/?url=https%3A%2F%2Fwww.dd-wrt.com%2Fwiki%2Findex.php%2FIptables_command%23Port_Forwarding_to_a_specific_LAN_IP and also being told that the GUI interface only forwards from WAN to LAN and not from TUN to LAN... it seems this is my last obstacle to streaming with Shoutcast. I still haven't been able to get IPTABLES to work for me yet. I tried different variations of the commands, but nothing worked for me... then I didn't know if I was putting the right information into the variables. Has anyone with this or similar dd-wrt set up successfully added open ports to your router firewall using IPTABLES? If so, can I see how your commands look? Currently, all I have for my firewall commands are, Firewall iptables -I FORWARD -i br0 -o tun0 -j ACCEPT iptables -I FORWARD -i tun0 -o br0 -j ACCEPT iptables -I INPUT -i tun0 -j REJECT iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE What else should be there to open port 8000 and 8001 to the static IP listed above? Thanks for any help and directions.
  3. Asus RT-N16: DD-WRTBroadcom BCM4716 chip rev 1Clock = 500 MHz (slightly up from factory 480) My bottleneck is at the router while utilizing the DD-WRT OpenVPN Client function. I get a 40% decrease in bandwidth as apposed to using VPN straight from the computer. This is due to limintations of the onboard processor. I use the router because I have just the one VPN account so I have all the computers in the network going through it. I tested the bandwidth with just a single computer connected to assure that it wasn't a network sharing issue. Now I believe my options are: Overclock the hell out of the router. Running some kind of local OpenVPN Server. Purchase a better router. Purchase additional separate monthly VPN accounts I would like to go with 2 because its the cheapest and less risky. Also because I am already running a local tower as SFTP file server and Ubuntu+Debian package archive mirror. Now my knowledge of OpenVPN is limited as is my knowledge of DD-wrt routing functions. Ideally I would like to prevent any and all PlainText traffic. So I think my setup would look roughly like this. Current Configuration: [Computers & Devices] --P--> [Router] --E--> [iSP] --E--> [VPN Provider] --P--> [internet] Proposed Configuration: [Computers & Devices] --P--> [Router] --P--> [Local OpenVPN Server] --E--> [Router] --E--> [iSP] --E--> [VPN Provider] --P--> [internet] P = PlainText E = Encrypted VPN Tunnel
  4. The resolv-conf-update script uses bash-specific variable substitutions so won't work on my dd-wrt router, firmware v3.0-r28112 so, having followed the Air setup guide, I've made the following changes to action the pushed dns value. - remove the static dns entry for 10.x.0.1 from the Basic setup page. I do have an OpenNIC static dns ip there too. - added the following script to the Admin,Commands,Startup to edit the resolver config file # Ensure client enabled [ `nvram get openvpncl_enable` ] || exit OVPN='/tmp/openvpncl' DNSMQ='/tmp/dnsmasq.conf' echo "#!/bin/sh # Fetch dnsmasq's 'resolv.conf' RSLV=\`sed '/resolv-file/!d ; s/.*=//' $DNSMQ\` # Edit resolver conf - (only works for single pushed dns server) case \$script_type in up) # Get pushed dns from env PDNS=\`set | sed '/foreign_option_.*dhcp-option DNS /!d ; s/.* \([0-9.]*\).*/nameserver \1/'\` sed -i \"1s/^/\$PDNS\n/\" \$RSLV echo \$PDNS >$OVPN/pdns ;; down) PDNS=\`set | cat $OVPN/pdns\` sed -i \"/\$PDNS/d\" \$RSLV ;; esac " > $OVPN/updown.sh # Hack redundant, problem rules sed -i 's/\(.*-I INPUT\)\(.*j \).*/\1 2 \2REJECT/' $OVPN/route-*.sh sed -i 's/\(.*-D INPUT\)\(.*j \).*/\1 \2REJECT/' $OVPN/route-*.sh sed -i '/FORWARD/d' $OVPN/route-*.sh chmod 600 $OVPN/* chmod 700 $OVPN/*.sh killall openvpn ; openvpn --config /tmp/openvpncl/openvpn.conf --route-up /tmp/openvpncl/route-up.sh --down-pre /tmp/openvpncl/route-down.sh --daemon ​ ​ ​ dnsmasq polls its resolver file, resolv.dnsmasq, and acts on changes, so doesn't require any explicit update instructions. ​Note: **added** openvpn restart - there's currently a timing issue (updown.sh isn't created until after the initial start of openvpn, which consequently fails) - add the following directives to the openvpn config up /tmp/openvpncl/updown.sh down /tmp/openvpncl/updown.sh - check it works by visiting ipleak.net or look at /tmp/resolv.dnsmasq on the dd-wrt
  5. Thanks for the 3-day trial, which I've run on a dd-wrt router without major problems. As a refugee from Nord the sense of community and mutual assistance here at Air is really appreciated. I'll be joining up next week because I also like - smart routing. No more struggling to understand Paypal in mysterious European languages - server switching. Wont need to decide for myself. - api. Much less hassle than scripting, authenticating and scraping web pages for monitoring usage. - stronger security. I get a warm feeling I could use OpenVPN over stunnel or ssh if I feel the need in future. I'm suspicious of providers who aren't deploying the strongest available services. Only found minor downsides. I prefer disabling OpenVPN as set up through the gui and scripting it myself. This is then unaffected by frequent gui changes, for example to the nat and firewall generation. Also had a couple of minor problems with dnsmasq. Currently using OpenNIC for queries as I haven't got dnsmasq working with yours yet.
  6. I am having trouble configuring my router to use openvpn via airvpn. i am using a linksys router and i was able to replace the firmware, but i need help configuring it. i tried the walkthrough here but i still need some direction. info from router: Router Information System Router Name: DD-WRT Router Model: Linksys WRT54G/GL/GS Firmware Version: DD-WRT v24-sp2 (10/10/09) vpn - build 13064 MAC Address: Host Name: WAN Domain Name xxxxxxx.home LAN Domain Name Current Time: Tue, 05 Jan 2016 06:37:26 Uptime: 57 min
  7. I have a dd-wrt router and I followed the instructions given on the site. The thing is, when I connect to the router I can't connect to the internet. However, if I run the OpenVPN client in my device (while connected to the router that doesn't give me internet access) then it will connect. It's like I am tunneling AirVPN (router) through AirVPN (device) to get a connection, which defeats the purpose of having VPN in the router. I'd like to run my TV and PS4 through the router as well but it is impossible with this configuration. It is doing the exact same thing on 3 devices. 2 laptops (Windows and Linux) and 1 phone (Android): none connect unless I run the OpenVPN clent in the device while connected to the router.
  8. Hi, Recently I re-used an old Netgear WNR3500 v2 I had lying around and put dd-wrt on. I followed the tutorial on here and got it all working :-) So my network at home is as followed *Cisco 867VAE-K9 as my VDSL router - connects to my ISP and offers DHCP for local devices. *Netgear WNR3500 plugged into Cisco router I use the range 192.168.0.0/24 for my home network such that :- 192.168.0.254 - ISP gateway via my CISCO - so most devices use this 192.168.0.251 - VPN tunnel gateway via Netgear - so any devices to use VPN point to this gateway and also change DNS server to be VPN DNS server etc. The Netgear's WAN port is configured to be 192.168.9.250 with its gateway pointing out to the CISCO on 192.168.0.254 My initial test is as below. Down: 17.289 Mbit/s Out, 6.271 Mbit/s In (36%), 20MB - Up: 6.585 Mbit/s Out, 3.183 Mbit/s In (48%), 20MB - Date: Sun, 13 Dec 2015 20:27:45 GMT - Buffers: 20MB/20MB - Laps: 3, Time: 178.81 secs Does this setup seem ok, I think my speed is limited by the CPU in the router or could it be I just need to try a different server etc ? CPU ModelBroadcom BCM4716 chip rev 1 CPU Clock453 MHz Thanks !!
  9. About DD-WRT DD-WRT is Linux-based firmware for wireless routers and wireless access points. It is compatible with several models of routers and access points, for example, the Linksys WRT54G series (including the WRT54GL and WRT54GS). DD-WRT is one of the third-party firmware projects, which are designed to replace the original firmware on some commercial routers. Alternative firmware may offer features and functionality sets that differ from the original firmware it is replacing. Official website: https://www.dd-wrt.com/. Prerequisite Install DD-WRT on routergo to https://www.dd-wrt.com/Select "router database", then enter you router model number. Follow the instructions as described and install the DD-WRT *vpn*.bin. StepsCreate configuration files from our Config Generator. Select the server location and port you want to connect to, tick "Advanced Mode", tick "Separate certs/keys from .ovpn file", then generate and download the configuration files.Under the router "setup tab" locate your router's local IP address. Go to Specs page of AirVPN website and locate Air VPN DNS for the server you want to connect to, and enter it under Static DNS 1. Navigate to the "Services" tab then select the "VPN" tab.Select "Enable" under OpenVPN Client.Set the Server IP/Name and Port to the Air VPN server you selected (see here to determine VPN server entry-IP address: https://airvpn.org/topic/14378-how-can-i-get-vpn-servers-entry-ip-addresses ).Set Tunnel Device to "TUN"Set Tunnel Protocol to either "UDP" or "TCP" according to the Air VPN server you selected Set Encryption Cipher to " AES-256"Set Hash Algorithm to "SHA1"Put a check mark beside "nsCertType verification"Select "Enable" Advanced OptionsSelect "Enable" LZO CompressionSelect "Enable" NATSet Local IP Address to the router's local IP address found earlier.Set TLS Cipher to "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384" or "None" Unzip the AirVPN configuration file you downloaded.Using your favorite text editor - Open up "ca.crt" and copy all of the contents into the CA Cert window. - Open up "user.crt" and copy only and including "----- BEGIN CERTIFICATE----- to the end of ----- END CERTIFICATE----- " into Public Client Cert. - Open up "user.key" and copy all of the contents into Private Client Key. - Open up "ta.key" and copy all of the contents into TLS Auth KeySelect "Save" at the bottom of the page then "Apply Setting" Select "Save" at the bottom of the page then "Apply Setting"DD-WRT firewall rules Go to "Administration" tab then select the "Commands" tab.Copy the following firewall rules into the command window (IMPORTANT: check your tun interface name and set it accordingly - some firmware builds will have tun1 and not tun0) iptables -I FORWARD -i br0 -o tun0 -j ACCEPT iptables -I FORWARD -i tun0 -o br0 -j ACCEPT iptables -I INPUT -i tun0 -j REJECT iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE Click on "Save Firewall"Verification of VPN setup Go to https://airvpn.org and at the bottom of the screen it should show you are connected. Trouble Shooting If you're not shown as connected wait a minute then refresh the web (it could take a minute to make a connection with the VPN and log in). Go to DD-WRT configuration and navigate to the "Services" tab, then "VPN" tab. Once there go to the bottom of the page and click on "Apply Settings". Once completed wait a minute and verify your connection again. If you're still not connected verify the server status you're trying to connect to. Go to Air VPN website and log in, then navigate to "Support" and select "Server Status". If server is down reconfigure DD-WRT to connect to another server. If you are still have difficulties connecting, view the OpenVPN log file in DD-WRT. You can find the log by going to DD-WRT configuration and navigating to the "Status" tab and selecting "OpenVpn". Hopefully the log will give you some indication of why you can not connect. Still having issues Contact Air VPN support, they are quick at responding back to you and very knowledgeable. Another option is to ask on the Air VPN forums.
  10. Hello folks, I have setup my Netgear R6250 with DD-WRT, and OpenVPN connecting to AirVPN. This is all well and good, but now I'd like to somehow be able to choose which traffic is inside or outside the tunnel, either by source IP/subnet, port, destination host, or some other way. A GUI to accomplish this would be wonderful, but not essential. I am open to adding additional devices to perform such functions if that's necessary. I've read many (many many) myriad forum posts and wikis offering differing, conflicting ways to accomplish this using DNSMasq, iptables, Policy based routing, Source based routing, pfSense, and apple pie (I made one of these up). I think much of this is due to the various versions of dd-wrt available, the wonderful various options available to the power user to configure the way they want it, and that there's several different approaches that may or may not work on any given hardware. What that equals for me is confusion. Its my intention to set this up, and document the process in a way that's easy to follow, and add my own experiences to those already floating on the intertubes. Ideally I'd accomplish it with just some dd-wrt trickery. So far the solutions I've found have been written with a specific setup in mind that I'm unable to adapt to my setup, or they just didn't work (or I didn't understand them). It'd be great if we can talk through it together, and rejoice together in our shared insight and accomplishment.
  11. Looking to set up my Asus RT-N16 router to use AirVPN to appear to be in the US while travelling abroad. It has v24-sp2 (mega) firmware installed. I have attempted to follow the directions here, however there are several of these intructions that I cannot follow because they are not options presented to me. Specifically, I cannot follow the directions below: There is no option to select "advanced options" or any of the other things above. Screen shots below. What am I missing?
  12. Hi, I'm new to the VPN scene and it seems I need some major help to get the most out of it. I also suspect that I'm slightly different from the majority of users here in that I'm using this for better gaming connectivity rather than security and privacy (basically, Playstation Network hates my non-vpn connection because it's NAT type 3, which is out of my control, so the VPN is to bypass that, which it has done). My connection is shared through my appartment complex and does dhcp assignment. No way to open ports on that end as management want to enable residents to just plug into the wall and go with no requirement to buy a router, so they won't slack on security. Admirable, but annoying for me. The setup: Linksys E4200 running DD-WRT v3.0-r27490 (07/06/15) mega, CAT-5 to the wall and the previously mentioned appartment complex-controlled fiber connection. 1 desktop pc connected by cable, one laptop and a playstation 4 as well as a phone on wi-fi. Speeds are the same wired or on wi-fi. My speed without connection to Air is in the 80-100 Mbps range, with Air (client or set up in the router, which is the end goal) 6-9 Mbps. I'm expecting a drop in speed, but this is a little extreme. Tried various combinations of servers and protocols, main two servers I've been switching between for testing have been Acubens (Sweden) and Aquilae (Germany), started with UDP on port 443, then TCP on the same port. Speeds were virtually identical, have cycled through both on port 80, 53 and 2018 as well. All setup done following the guide from AirVPN, no extra rules or setup done since I wouldn't have an idea where to start. I've seen suggestions in other threads to increase the buffer sizes for people using the Air client, is this possible in DD-WRT, and if so how would I do it? I've tried with and without QoS enabled, didn't seem to make a difference, but open to suggestions on tweaks there. UPnP is on, which seems to help with getting connected to Playstation Network, but have tried disabling it too. Any general suggestions to optimize for speed? The safety of firewall rules dropping connection if the cpn connection goes etc are nice, but I am willing to give them up for a fast, efficient way to connect to what I want to connect to. Because of the playstation, using the Air client and ICS isn't an option, I'm not moving the computer into the living room. So I really need to make it work on the router. I'm not sure what info people will need to be able to help me with this, but to start with, here's the latest opvenvpn log from the router. Anything else you need, just ask and I'll get it to you. lient: CONNECTED SUCCESS Local Address: 10.7.0.63 Remote Address: 10.7.0.63 Status VPN Client Stats TUN/TAP read bytes 37625622 TUN/TAP write bytes 63862092 TCP/UDP read bytes 67544747 TCP/UDP write bytes 40866705 Auth read bytes 63862604 pre-compress bytes 0 post-compress bytes 0 pre-decompress bytes 0 post-decompress bytes 0 LogClientlog: 19700101 01:00:18 I OpenVPN 2.3.7 mipsel-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Jul 6 2015 19700101 01:00:18 I library versions: OpenSSL 1.0.2c 12 Jun 2015 LZO 2.09 19700101 01:00:18 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16 19700101 01:00:18 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 19700101 01:00:18 W WARNING: file '/tmp/openvpncl/client.key' is group or others accessible 19700101 01:00:18 W WARNING: file '/tmp/openvpncl/ta.key' is group or others accessible 19700101 01:00:18 I Control Channel Authentication: using '/tmp/openvpncl/ta.key' as a OpenVPN static key file 19700101 01:00:18 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 19700101 01:00:18 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 19700101 01:00:18 Socket Buffers: R=[87380->131072] S=[16384->131072] 19700101 01:00:18 I Attempting to establish TCP connection with [AF_INET]62.102.148.131:80 [nonblock] 19700101 01:00:19 I TCP connection established with [AF_INET]62.102.148.131:80 19700101 01:00:19 I TCPv4_CLIENT link local: [undef] 19700101 01:00:19 I TCPv4_CLIENT link remote: [AF_INET]62.102.148.131:80 20150729 20:15:39 TLS: Initial packet from [AF_INET]62.102.148.131:80 sid=b7316a64 4cbb8a61 20150729 20:15:39 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20150729 20:15:39 N TLS Error: TLS handshake failed 20150729 20:15:39 N Fatal TLS error (check_tls_errors_co) restarting 20150729 20:15:39 I SIGUSR1[soft tls-error] received process restarting 20150729 20:15:39 Restart pause 5 second(s) 20150729 20:15:44 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20150729 20:15:44 Socket Buffers: R=[87380->131072] S=[16384->131072] 20150729 20:15:44 I Attempting to establish TCP connection with [AF_INET]62.102.148.131:80 [nonblock] 20150729 20:15:45 I TCP connection established with [AF_INET]62.102.148.131:80 20150729 20:15:45 I TCPv4_CLIENT link local: [undef] 20150729 20:15:45 I TCPv4_CLIENT link remote: [AF_INET]62.102.148.131:80 20150729 20:15:45 TLS: Initial packet from [AF_INET]62.102.148.131:80 sid=49a2673c 32b3df6a 20150729 20:15:45 VERIFY OK: depth=1 C=IT ST=IT L=Perugia O=airvpn.org CN=airvpn.org CA emailAddress=info@airvpn.org 20150729 20:15:45 VERIFY OK: nsCertType=SERVER 20150729 20:15:45 NOTE: --mute triggered... 20150729 20:15:59 6 variation(s) on previous 3 message(s) suppressed by --mute 20150729 20:15:59 I [server] Peer Connection Initiated with [AF_INET]62.102.148.131:80 20150729 20:16:01 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) 20150729 20:16:01 PUSH: Received control message: 'PUSH_REPLY redirect-gateway def1 bypass-dhcp dhcp-option DNS 10.7.0.1 comp-lzo no route-gateway 10.7.0.1 topology subnet ping 10 ping-restart 60 ifconfig 10.7.0.63 255.255.0.0' 20150729 20:16:01 OPTIONS IMPORT: timers and/or timeouts modified 20150729 20:16:01 NOTE: --mute triggered... 20150729 20:16:01 5 variation(s) on previous 3 message(s) suppressed by --mute 20150729 20:16:01 I TUN/TAP device tun1 opened 20150729 20:16:01 TUN/TAP TX queue length set to 100 20150729 20:16:01 I do_ifconfig tt->ipv6=1 tt->did_ifconfig_ipv6_setup=0 20150729 20:16:01 I /sbin/ifconfig tun1 10.7.0.63 netmask 255.255.0.0 mtu 1500 broadcast 10.7.255.255 20150729 20:16:01 /sbin/route add -net 62.102.148.131 netmask 255.255.255.255 gw 10.44.11.1 20150729 20:16:01 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.7.0.1 20150729 20:16:02 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.7.0.1 20150729 20:16:02 I Initialization Sequence Completed 20150729 21:15:59 TLS: soft reset sec=0 bytes=108182994/0 pkts=132933/0 20150729 21:15:59 VERIFY OK: depth=1 C=IT ST=IT L=Perugia O=airvpn.org CN=airvpn.org CA emailAddress=info@airvpn.org 20150729 21:16:00 VERIFY OK: nsCertType=SERVER 20150729 21:16:00 NOTE: --mute triggered... 20150729 21:16:13 1 variation(s) on previous 3 message(s) suppressed by --mute 20150729 21:16:13 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20150729 21:16:13 D MANAGEMENT: CMD 'state' 20150729 21:16:13 MANAGEMENT: Client disconnected 20150729 21:16:13 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20150729 21:16:13 D MANAGEMENT: CMD 'state' 20150729 21:16:13 MANAGEMENT: Client disconnected 20150729 21:16:13 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20150729 21:16:13 D MANAGEMENT: CMD 'state' 20150729 21:16:13 MANAGEMENT: Client disconnected 20150729 21:16:14 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20150729 21:16:14 D MANAGEMENT: CMD 'status 2' 20150729 21:16:14 MANAGEMENT: Client disconnected 20150729 21:16:14 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20150729 21:16:14 D MANAGEMENT: CMD 'log 500' 19700101 01:00:00 ca /tmp/openvpncl/ca.crt cert /tmp/openvpncl/client.crt key /tmp/openvpncl/client.key management 127.0.0.1 16 management-log-cache 100 verb 3 mute 3 syslog writepid /var/run/openvpncl.pid client resolv-retry infinite nobind persist-key persist-tun script-security 2 dev tun1 proto tcp-client cipher aes-256-cbc auth sha1 remote 62.102.148.131 80 comp-lzo yes tls-client tun-mtu 1500 mtu-disc yes ns-cert-type server tun-ipv6 tls-auth /tmp/openvpncl/ta.key 1 tls-cipher TLS-DHE-RSA-WITH-AES-128-CBC-SHA passtos
  13. I have a fibre (xDSL) modem (192.168.1.254), supplied by my ISP which has only a few settings available through the GUI - can't even change the IP address! Sitting behind this modem/router, and on a different subnet, is a DD-WRT router (192.168.0.1) which I use to connect to the AirVPN servers. I am having a problem with DNS settings - there are so many on the DD-WRT router and a few on the modem/router, and I don't really understand how it works! Just now the AirVPN website shows me as being connected, but a DNS leak test shows my ISP's DNS servers! For the last few weeks I have been getting around this problem by using the AirVPN client software to connect to the internet which works as it should. Can anyone advise me on whether I just need to change some DNS settings to get it to work properly or do I need to add some admin commands in DD-WRT? Maybe this would be worth putting in the tutorials section if it is resolved as more ISPs seem to be giving out routers with minimal settings? Attached are screenshots of the DD-WRT Router [192.168.0.1] settings If any more info is needed just let me know. Thanks in advance. :-)
  14. Hey all I need some help. I am using a DD-WRT based router. I followed all the instruction on the setup page. I still am having problems changing my DNS from Germany to USA or any other country. I have tried to put different Static DNS IP's on the Router and still it is giving me a DSN of being in Germany. (By the way I am living in Germany it anyone is confused.) Is there some that i am missing and or not doing on the commands and or the Static DNS Ip's? Thank you for your time Jim
  15. I am using DD-WRT v24-sp2 (01/04/15) big on a Linksys E1200v2. I wanted to connect to Acrux server in Netherlands (37.48.81.12) by UDP on 443. I followed the instruction provided here: https://airvpn.org/ddwrt/ but I have an error in my OpenVPN log. Clientlog: 20150108 22:47:39 N TLS_ERROR: BIO read tls_read_plaintext error: error:140830B5:lib(20):func(131):reason(181) 20150108 22:47:39 N TLS Error: TLS object -> incoming plaintext read error 20150108 22:47:39 N TLS Error: TLS handshake failed 20150108 22:47:39 I SIGUSR1[soft tls-error] received process restarting 20150108 22:47:39 Restart pause 2 second(s) 20150108 22:47:41 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts [...] ca /tmp/openvpncl/ca.crt cert /tmp/openvpncl/client.crt key /tmp/openvpncl/client.key management 127.0.0.1 16 management-log-cache 100 verb 3 mute 3 syslog writepid /var/run/openvpncl.pid client resolv-retry infinite nobind persist-key persist-tun script-security 2 dev tun1 proto udp cipher aes-256-cbc auth sha1 remote 37.48.81.12 443 comp-lzo yes tls-client tun-mtu 1500 mtu-disc yes ns-cert-type server fast-io tun-ipv6 tls-auth /tmp/openvpncl/ta.key 1 tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 Am I doing some mistake or do you have any idea? Thanks.
  16. I have AirVPN connected via router running DD-WRT . I want to port forward a service running in a Virtualbox NAT virtual machine. Currently I'm forwarding the port in the Airvpn client area, on the router using iptables to the host machines local IP and finally in Virtualbox NAT port forwarding. Checking via http://canyouseeme.org/ shows the port cannot be seen. I know the IPtables rules are correct as other port forwarded services are reachable on the host machine. Is this because the service is behind two NAT's i.e double NAT? Any suggestions would be helpful.
  17. Hi, Basically I have trouble connecting to AirVPN. Im using a fairly new build if that does matter (DD-WRT v24-sp2 (10/06/14) kongac - build 25015M-SP1) AirVPN works with viscosity in windows with the same basic settings (some openvpn configuration)The router worked with PrivateInternetAccess VPN service, so it the problem SHOULD not be the client on the dd wrt routerWhat I tryed: Different TLS Cipers (None, TLS-DHE-RSA-WITH-AES-128-CBC-SHA, TLS-DHE-RSA-WITH-AES-256-CBC-SHA256, TLS-RSA-WITH-AES-128-CBC-SHA)Keeping the TSL Auth Key emptyAdding or leaving additional config: resolv-retry infinite persist-key persist-tun remote-cert-tls server explicit-exit-notify 5 VPN Log Client: WAIT Local Address: Remote Address: Clientlog: 20141020 19:04:16 I OpenVPN 2.3.4 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Oct 6 2014 20141020 19:04:16 I library versions: OpenSSL 1.0.1i 6 Aug 2014 LZO 2.08 20141020 19:04:16 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16 20141020 19:04:16 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:04:16 W WARNING: file '/tmp/openvpncl/client.key' is group or others accessible 20141020 19:04:16 W WARNING: file '/tmp/openvpncl/ta.key' is group or others accessible 20141020 19:04:16 I Control Channel Authentication: using '/tmp/openvpncl/ta.key' as a OpenVPN static key file 20141020 19:04:16 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 20141020 19:04:16 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 20141020 19:04:16 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:04:16 I UDPv4 link local: [undef] 20141020 19:04:16 I UDPv4 link remote: [AF_INET]109.201.154.189:443 20141020 19:04:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:04:53 D MANAGEMENT: CMD 'state' 20141020 19:04:53 MANAGEMENT: Client disconnected 20141020 19:04:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:04:53 D MANAGEMENT: CMD 'state' 20141020 19:04:53 MANAGEMENT: Client disconnected 20141020 19:04:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:04:53 D MANAGEMENT: CMD 'state' 20141020 19:04:53 MANAGEMENT: Client disconnected 20141020 19:04:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:04:53 D MANAGEMENT: CMD 'status 2' 20141020 19:04:53 MANAGEMENT: Client disconnected 20141020 19:04:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:04:53 D MANAGEMENT: CMD 'log 500' 20141020 19:04:53 MANAGEMENT: Client disconnected 20141020 19:05:16 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:05:16 N TLS Error: TLS handshake failed 20141020 19:05:16 I SIGUSR1[soft tls-error] received process restarting 20141020 19:05:16 Restart pause 2 second(s) 20141020 19:05:18 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:05:18 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:05:18 I UDPv4 link local: [undef] 20141020 19:05:18 I UDPv4 link remote: [AF_INET]46.166.186.216:443 20141020 19:06:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:06:11 D MANAGEMENT: CMD 'state' 20141020 19:06:11 MANAGEMENT: Client disconnected 20141020 19:06:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:06:11 D MANAGEMENT: CMD 'state' 20141020 19:06:11 MANAGEMENT: Client disconnected 20141020 19:06:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:06:11 D MANAGEMENT: CMD 'state' 20141020 19:06:11 MANAGEMENT: Client disconnected 20141020 19:06:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:06:11 D MANAGEMENT: CMD 'status 2' 20141020 19:06:11 MANAGEMENT: Client disconnected 20141020 19:06:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:06:11 D MANAGEMENT: CMD 'log 500' 20141020 19:06:18 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:06:18 N TLS Error: TLS handshake failed 20141020 19:06:18 I SIGUSR1[soft tls-error] received process restarting 20141020 19:06:18 Restart pause 2 second(s) 20141020 19:06:20 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:06:20 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:06:20 I UDPv4 link local: [undef] 20141020 19:06:20 I UDPv4 link remote: [AF_INET]109.201.154.189:443 20141020 19:07:20 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:07:20 N TLS Error: TLS handshake failed 20141020 19:07:20 I SIGUSR1[soft tls-error] received process restarting 20141020 19:07:20 Restart pause 2 second(s) 20141020 19:07:22 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:07:22 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:07:22 I UDPv4 link local: [undef] 20141020 19:07:22 I UDPv4 link remote: [AF_INET]109.201.152.238:443 20141020 19:08:22 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:08:22 N TLS Error: TLS handshake failed 20141020 19:08:22 I SIGUSR1[soft tls-error] received process restarting 20141020 19:08:22 Restart pause 2 second(s) 20141020 19:08:24 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:08:24 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:08:24 I UDPv4 link local: [undef] 20141020 19:08:24 I UDPv4 link remote: [AF_INET]109.201.154.189:443 20141020 19:09:24 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:09:24 N TLS Error: TLS handshake failed 20141020 19:09:24 I SIGUSR1[soft tls-error] received process restarting 20141020 19:09:24 Restart pause 2 second(s) 20141020 19:09:26 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:09:26 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:09:26 I UDPv4 link local: [undef] 20141020 19:09:26 I UDPv4 link remote: [AF_INET]46.166.186.216:443 20141020 19:10:27 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:10:27 N TLS Error: TLS handshake failed 20141020 19:10:27 I SIGUSR1[soft tls-error] received process restarting 20141020 19:10:27 Restart pause 2 second(s) 20141020 19:10:29 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:10:29 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:10:29 I UDPv4 link local: [undef] 20141020 19:10:29 I UDPv4 link remote: [AF_INET]109.201.154.162:443 20141020 19:11:29 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:11:29 N TLS Error: TLS handshake failed 20141020 19:11:29 I SIGUSR1[soft tls-error] received process restarting 20141020 19:11:29 Restart pause 2 second(s) 20141020 19:11:31 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:11:31 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:11:31 I UDPv4 link local: [undef] 20141020 19:11:31 I UDPv4 link remote: [AF_INET]109.201.135.220:443 20141020 19:12:31 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:12:31 N TLS Error: TLS handshake failed 20141020 19:12:31 I SIGUSR1[soft tls-error] received process restarting 20141020 19:12:31 Restart pause 2 second(s) 20141020 19:12:33 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:12:33 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:12:33 I UDPv4 link local: [undef] 20141020 19:12:33 I UDPv4 link remote: [AF_INET]46.166.188.198:443 20141020 19:13:33 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:13:33 N TLS Error: TLS handshake failed 20141020 19:13:33 I SIGUSR1[soft tls-error] received process restarting 20141020 19:13:33 Restart pause 2 second(s) 20141020 19:13:35 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:13:35 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:13:35 I UDPv4 link local: [undef] 20141020 19:13:35 I UDPv4 link remote: [AF_INET]109.201.135.220:443 20141020 19:13:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:13:48 D MANAGEMENT: CMD 'state' 20141020 19:13:48 MANAGEMENT: Client disconnected 20141020 19:13:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:13:48 D MANAGEMENT: CMD 'state' 20141020 19:13:48 MANAGEMENT: Client disconnected 20141020 19:13:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:13:48 D MANAGEMENT: CMD 'state' 20141020 19:13:48 MANAGEMENT: Client disconnected 20141020 19:13:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:13:48 D MANAGEMENT: CMD 'status 2' 20141020 19:13:48 MANAGEMENT: Client disconnected 20141020 19:13:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:13:48 D MANAGEMENT: CMD 'log 500' 19700101 01:00:00 ca /tmp/openvpncl/ca.crt cert /tmp/openvpncl/client.crt key /tmp/openvpncl/client.key management 127.0.0.1 16 management-log-cache 100 verb 3 mute 3 syslog writepid /var/run/openvpncl.pid client resolv-retry infinite nobind persist-key persist-tun script-security 2 dev tun1 proto udp cipher aes-256-cbc auth sha1 remote nl.privateinternetaccess.com 443 comp-lzo yes tun-mtu 1500 mtu-disc yes ns-cert-type server fast-io tun-ipv6 tls-auth /tmp/openvpncl/ta.key 1 DD WRT Configurations
  18. Well the things in THIS (https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=2353&limit=6&limitstart=6&Itemid=142) posting did not work as far as I can tell. So I did some more work and: FIRST THIS APPLIES to an OpenVPN client on a DD_WRT router NOT to the client on a PC. It is helpful to be able to telnet to the router and issue commands in this way. The notes below are done by telnet. EDIT: Please note if you use the last entry above in the firewall (iptables -I OUTPUT -o br0 ! --dst a.b.c.d -j DROP) you will lose access to the router. Thus if the tunnel goes down ...well you know. So you may want to leave this entry off the GUI and if/when you are set up properly and then run it from the telnet prompt. That way if you need router access you can reboot and be OK. First determine the router interface(s). the command is netstat -r On the far right of the output interfaces are listed. In my case I was using iptables for the tun0 interface .... the interface on the router is tun1 .. !! so the firewall commands needed to look like this: iptables -I FORWARD -i br0 -o tun1 -j ACCEPT iptables -I FORWARD -i tun1 -o br0 -j ACCEPT iptables -I INPUT -i tun1 -j REJECT iptables -t nat -A POSTROUTING -o tun1 -j MASQUERADE iptables -I OUTPUT -o br0 ! --dst a.b.c.d -j DROP # if destination for outgoing packet on eth+ is NOT a.b.c.d, drop the packet, so that nothing leaks if VPN disconnects # the above line can be duplicated for as many Air servers as you wish to connect to, just insert the appropriate Air server entry-IP Fill a.b.c.d with the remote server ip in your air.ovpn file After running these (you may want to run iptables -F first to flush previous) with YOUR interfaces determined from above, save the firewall and REBOOT. Then after reboot telnet again and run the command ps This will tell if Openvpn started .. in my case the start is unreliable. If OpenVPN is not running try this command (sleep 30 && (ps | grep openvpn | grep -v grep || openvpn --config /tmp/openvpncl/openvpn.conf --route-up /tmp/openvpncl/route-up.sh --down /tmp/openvpncl/route-down.sh --daemon))& This will check if it is running and if not will start the client. Now you can use the ps command to check and after then check your connection to AirVPN. You can also check the iptables with the command netstat -vnL. Hope this is helpful to some and saves some work/head scratching. Comments on the above very welcome, Cheers EDIT: Please note if you use the last entry above in the firewall (iptables -I OUTPUT -o br0 ! --dst a.b.c.d -j DROP) you will lose access to the router. Thus if the tunnel goes down ...well you know. So you may want to leave this entry off the GUI and if/when you are set up properly and then run it from the telnet prompt. That way if you need router access you can reboot and be OK. Also this start-up command (enter in Admin>Command window and save start-up) seems to insure the client runs .. sleep 60 (sleep 30 && (ps | grep openvpn | grep -v grep || openvpn --config /tmp/openvpncl/openvpn.conf --route-up /tmp/openvpncl/route-up.sh --down /tmp/openvpncl/route-down.sh --daemon))& It takes longer to connect but seems to do so each time correctly.
  19. Hi, I am using a router with dd-wrt and openvpn over SSL or SSH and each time I was downloading something it would be really slow. For example, downloading the latest ubuntu 14.04 which is around 1Gb would take -- 4 hours if I double connect, meaning my router is connected to 1 airvpn router and my computer to another one -- 2 hours if I only connect to airvpn IPs through my router I fixed this by going to the dd-wrt interface, tab NAT/QoS, sub-tab QoS and select "start QoS": enable, Services priority : select "ssh", click "add" and then select "maximum" And then whatever mode of connection I would choose, my download speed for the same 1Gb file would be "13 minutes"!!! Look at the image I enclose. If this is not a good idea in terms of security, let me know, because I am not an expert on network settings, thanks.
  20. hi guys, i can't use airvpn with my router. (tp-link wdr3600 with v24-sp2 (02/19/14) std) does anyone have a suggestion? openvpn log: Log Serverlog Clientlog 20140223 03:55:53 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400) 20140223 03:55:53 Socket Buffers: R=[172032->131072] S=[172032->131072] 20140223 03:55:53 I UDPv4 link local: [undef] 20140223 03:55:53 I UDPv4 link remote: [AF_INET]62.212.85.65:443 20140223 03:55:53 N TLS_ERROR: BIO read tls_read_plaintext error: error:140830B5:lib(20):func(131):reason(181) 20140223 03:55:53 N TLS Error: TLS object -> incoming plaintext read error 20140223 03:55:53 N TLS Error: TLS handshake failed 20140223 03:55:53 I SIGUSR1[soft tls-error] received process restarting 20140223 03:55:53 Restart pause 2 second(s) 20140223 03:55:55 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20140223 03:55:55 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400) 20140223 03:55:55 Socket Buffers: R=[172032->131072] S=[172032->131072] 20140223 03:55:55 I UDPv4 link local: [undef] 20140223 03:55:55 I UDPv4 link remote: [AF_INET]62.212.85.65:443 20140223 03:55:55 N TLS_ERROR: BIO read tls_read_plaintext error: error:140830B5:lib(20):func(131):reason(181) 20140223 03:55:55 N TLS Error: TLS object -> incoming plaintext read error 20140223 03:55:55 N TLS Error: TLS handshake failed 20140223 03:55:55 I SIGUSR1[soft tls-error] received process restarting 20140223 03:55:55 Restart pause 2 second(s) 20140223 03:55:57 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20140223 03:55:57 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400) 20140223 03:55:57 Socket Buffers: R=[172032->131072] S=[172032->131072] 20140223 03:55:57 I UDPv4 link local: [undef] 20140223 03:55:57 I UDPv4 link remote: [AF_INET]62.212.85.65:443 20140223 03:55:57 N TLS_ERROR: BIO read tls_read_plaintext error: error:140830B5:lib(20):func(131):reason(181) 20140223 03:55:57 N TLS Error: TLS object -> incoming plaintext read error 20140223 03:55:57 N TLS Error: TLS handshake failed 20140223 03:55:57 I SIGUSR1[soft tls-error] received process restarting 20140223 03:55:57 Restart pause 2 second(s) 20140223 03:55:59 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20140223 03:55:59 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400) 20140223 03:55:59 Socket Buffers: R=[172032->131072] S=[172032->131072] 20140223 03:55:59 I UDPv4 link local: [undef] 20140223 03:55:59 I UDPv4 link remote: [AF_INET]62.212.85.65:443 20140223 03:55:59 N TLS_ERROR: BIO read tls_read_plaintext error: error:140830B5:lib(20):func(131):reason(181) 20140223 03:55:59 N TLS Error: TLS object -> incoming plaintext read error 20140223 03:55:59 N TLS Error: TLS handshake failed 20140223 03:55:59 I SIGUSR1[soft tls-error] received process restarting 20140223 03:55:59 Restart pause 2 second(s) 20140223 03:56:01 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20140223 03:56:01 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400) 20140223 03:56:01 Socket Buffers: R=[172032->131072] S=[172032->131072] 20140223 03:56:01 I UDPv4 link local: [undef] 20140223 03:56:01 I UDPv4 link remote: [AF_INET]62.212.85.65:443 20140223 03:56:01 N TLS_ERROR: BIO read tls_read_plaintext error: error:140830B5:lib(20):func(131):reason(181) 20140223 03:56:01 N TLS Error: TLS object -> incoming plaintext read error 20140223 03:56:01 N TLS Error: TLS handshake failed 20140223 03:56:01 I SIGUSR1[soft tls-error] received process restarting 20140223 03:56:01 Restart pause 2 second(s) 20140223 03:56:03 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20140223 03:56:03 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400) 20140223 03:56:03 Socket Buffers: R=[172032->131072] S=[172032->131072] 20140223 03:56:03 I UDPv4 link local: [undef] 20140223 03:56:03 I UDPv4 link remote: [AF_INET]62.212.85.65:443 20140223 03:56:03 N TLS_ERROR: BIO read tls_read_plaintext error: error:140830B5:lib(20):func(131):reason(181) 20140223 03:56:03 N TLS Error: TLS object -> incoming plaintext read error 20140223 03:56:03 N TLS Error: TLS handshake failed 20140223 03:56:03 I SIGUSR1[soft tls-error] received process restarting 20140223 03:56:03 Restart pause 2 second(s) 20140223 03:56:05 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20140223 03:56:05 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400) 20140223 03:56:05 Socket Buffers: R=[172032->131072] S=[172032->131072] 20140223 03:56:05 I UDPv4 link local: [undef] 20140223 03:56:05 I UDPv4 link remote: [AF_INET]62.212.85.65:443 20140223 03:56:05 N TLS_ERROR: BIO read tls_read_plaintext error: error:140830B5:lib(20):func(131):reason(181) 20140223 03:56:05 N TLS Error: TLS object -> incoming plaintext read error 20140223 03:56:05 N TLS Error: TLS handshake failed 20140223 03:56:05 I SIGUSR1[soft tls-error] received process restarting 20140223 03:56:05 Restart pause 2 second(s) 20140223 03:56:07 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20140223 03:56:07 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400) 20140223 03:56:07 Socket Buffers: R=[172032->131072] S=[172032->131072] 20140223 03:56:07 I UDPv4 link local: [undef] 20140223 03:56:07 I UDPv4 link remote: [AF_INET]62.212.85.65:443 20140223 03:56:07 N TLS_ERROR: BIO read tls_read_plaintext error: error:140830B5:lib(20):func(131):reason(181) 20140223 03:56:07 N TLS Error: TLS object -> incoming plaintext read error 20140223 03:56:07 N TLS Error: TLS handshake failed 20140223 03:56:07 I SIGUSR1[soft tls-error] received process restarting 20140223 03:56:07 Restart pause 2 second(s) 20140223 03:56:09 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20140223 03:56:09 W WARNING: normally if you use --mssfix and/or --fragment you should also set --tun-mtu 1500 (currently it is 1400) 20140223 03:56:09 Socket Buffers: R=[172032->131072] S=[172032->131072] 20140223 03:56:09 I UDPv4 link local: [undef] 20140223 03:56:09 I UDPv4 link remote: [AF_INET]62.212.85.65:443 20140223 03:56:09 N TLS_ERROR: BIO read tls_read_plaintext error: error:140830B5:lib(20):func(131):reason(181) 20140223 03:56:09 N TLS Error: TLS object -> incoming plaintext read error 20140223 03:56:09 N TLS Error: TLS handshake failed 20140223 03:56:09 I SIGUSR1[soft tls-error] received process restarting 20140223 03:56:09 Restart pause 2 second(s) 20140223 03:56:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20140223 03:56:11 D MANAGEMENT: CMD 'state' 20140223 03:56:11 MANAGEMENT: Client disconnected 20140223 03:56:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20140223 03:56:11 D MANAGEMENT: CMD 'state' 20140223 03:56:11 MANAGEMENT: Client disconnected 20140223 03:56:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20140223 03:56:11 D MANAGEMENT: CMD 'state' 20140223 03:56:11 MANAGEMENT: Client disconnected 20140223 03:56:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20140223 03:56:11 D MANAGEMENT: CMD 'log 500' 19700101 00:00:00 My config:
  21. Hey @all, I'm running AirVPN on my dd-wrt router through server x in location y, and want to change locations/servers for certain websites by running openvpn on windows with a different server/location. I can establish a connection, but the final server/connection remains the one I set on dd-wrt. Any suggestions? Thanks in advance Kind regards
  22. I am succesfully connected to airvpn via my Netgear R7000, running DD-WRT r24710M. All my LAN devices (Wired and Wireless) connects Internet via VPN. I am pretty satisfied and I will buy a 1 year subscription for sure. Here the firewall settings: iptables -I FORWARD -i br0 -o tun1 -j ACCEPT iptables -I FORWARD -i tun1 -o br0 -j ACCEPT iptables -I INPUT -i tun1 -j REJECT iptables -t nat -A POSTROUTING -o tun1 -j MASQUERADE I also set up all the port forwardings, really easy and effective. Now I would like to setup another Wireless AP, with interface wl0.1, assigning it to a new bridge "br1" staying in a different subnet than "br0". I will also setup a second DHCP. I successfully created that, it works but the traffic is forced to VPN. Looking at the client dialog box, I see this messages: 0140729 19:25:55 I [server] Peer Connection Initiated with [AF_INET]95.xxx.xxx.xxx:443 20140729 19:25:58 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) 20140729 19:25:58 PUSH: Received control message: 'PUSH_REPLY redirect-gateway def1 dhcp-option DNS 10.4.0.1 comp-lzo no route 10.4.0.1 topology net30 ping 10 ping-restart 60 ifconfig 10.4.xxx.xxx 10.4.xxx.xxx' 20140729 19:25:58 OPTIONS IMPORT: timers and/or timeouts modified 20140729 19:25:58 NOTE: --mute triggered... Does it mean I cannot be able to avoid VPN with setting a new interface, since the Server pushes the redirect-gateway command? Thanks for help, I am pretty noob with VPN.
  23. Hi, As some of you may know, DD-WRT requires at least 8mb of memory (or 4mb if it's a Broadcom chipset) in order to use OpenVPN. However, this is not the end of the world. I use a D-Link DIR-615 which is unsupported by DD-WRT for OpenVPN, but I am able to get it running. Things to know before hand: 1. My router's processor is only 400mhz, and combined with the lack of memory, it means that the maximum speed I am getting is around 6mbps 8mbps. On a normal machine, I get a lot more. This is due to the processor limitations and not due to the implementation. 2. Most problems I have had are to do with permissions. Make sure your uploaded files are all 777 or 755 permissions. 3. This should work on most MIPS routers. I can guarantee that it is working on the DIR-615 and TL941N routers. 4. The OpenVPN package I am using is from November 2011, so it is relatively outdated. I believe it is version 2.2, whereas the current release is 2.3.2. If someone is willing to repackage it and upload the latest version, it may provide better performance. Updated to March 2014! REQUIREMENTS: 1. You need a server. Maybe AirVPN can help in this regard if they would be willing to host the files? On this server, you will host a package called openvpn_pack.tar.gz containing the openvpn config and libraries for ssl and lzo.You will also host a script and your ovpn files. WHY IS THIS THE CASE? My router only has 64kb of NVRAM. This means that I can only store a small amount of data on there before the memory is consumed. The best way to conserve the NVRAM is to wget the needed scripts from a remote server rather than store them on the router itself. If you use all of your NVRAM, you can brick your router.2. You need your .ovpn file generated through the "Enter" section of AirVPN. And we begin: 1. The first step required is to upload the files to your server. Here is a temporary link to download openvpn_pack.tar.gz (855kb). This is not a host for you to use in your script, and is only staying up temporarily for public access. You must download this package and upload it to your own host, unless AirVPN is willing to host it.The following script must be saved as "executeScript.sh" and uploaded to your server: #!/bin/sh cd /tmp/openvpn export LD_LIBRARY_PATH=/lib:/usr/lib:/jffs/lib:/jffs/usr/lib:/jffs/usr/local/lib:/mmc/lib:/mmc/usr/lib:/opt/lib:/opt/usr/lib:/tmp/openvpn/lib cd /tmp/openvpn killall -9 openvpn sleep 2 insmod /tmp/openvpn/lib/tun echo tun.ko bridged killall -9 openvpn /tmp/openvpn/bin/openvpn --config /tmp/openvpn/client/airvpn.ovpn --daemon echo Started the daemon echo Starting loop to update the routing tunup=0 while [ $tunup ] do sleep 1 if ifconfig tun0 then iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE tunup=1 echo Set the routing tables to use the vpn break fi done You must go through this section of AirVPN and generate your ovpn file. NOTE: You can also add the following lines to the end of your ovpn file if you want to debug any errors: status /tmp/var/log/openvpn-status_tap.log log-append /tmp/var/log/openvpn_tap.log mute 20 The first two lines will make logs of the connection in case you need to troubleshoot, and the third line will limit logging repeating problems to conserve memory. You can use notepad to edit the files. Also, in the script I have called this file AirVPN.ovpn. Your filename will be different. You can either change the script to your filename or you can rename your file to AirVPN.ovpn. 2. The second part is to log into your router at 192.168.1.1, or whatever your router's IP address is. 3. Click the "Administration" tab, and then click on the "Commands" tab. 4. Here you will need to input the start up script. The start up script will fetch the required OpenVPN package from your server, extract it, and begin to execute the scripts. This will be run every time the router turns on. You will need to put the following in the Command Shell textbox and click the "Save Startup" button at the bottom. Please note that you must edit the URLs with your own: #!/bin/sh echo "#!/bin/sh rm -f /tmp/openvpn/client/foobar.ovpn echo Removed foobar file while ! ps | grep -q \"udhcpc\"; do sleep 1 done while ! ls /tmp/openvpn/client | grep -q \"foobar\"; do killall -9 wget killall -9 gzip killall -9 tar echo finished kill sequence cd /tmp rm -f ./openvpn_pack.tar.gz rm -f ./openvpn_pack.tar rm -r -f ./openvpn echo Removed the old files wget http://www.yourhost.com/openvpn_pack.tar.gz sleep 10 chmod +x /tmp/openvpn/openvpn_pack.tar.gz sleep 2 gzip -d ./openvpn_pack.tar.gz tar -xf ./openvpn_pack.tar rm ./openvpn_pack.tar echo Finished unpacking the TAR ball wget http://www.yourhost.com/AirVPN.ovpn -O /tmp/openvpn/client/foobar.ovpn #echo \"foobar\" > /tmp/openvpn/client/foobar.ovpn echo Finished with the OVPN files wget http://www.yourhost.com/executeScript.sh -O /tmp/openvpn/runit.sh chmod +x /tmp/openvpn/runit.sh if ls /tmp/openvpn/client | grep -q \"foobar\"; then echo starting the runit script /tmp/openvpn/runit.sh > /tmp/var/log/runit.log & fi done echo done with getting the stuff " > /tmp/get_openvpn.sh chmod +x /tmp/get_openvpn.sh /tmp/get_openvpn.sh > /tmp/var/log/openvpn_script.log & 5. You should now be able to connect to OpenVPN on your router. However, we are not finished. If you go http://www.dnsleaktest.com, you will see that your DNS is leaking. In order to seal the leaks, you must go to the Setup tab on your DD-WRT homepage, and in Basic Setup there will be a section titled "Network Address Server Settings (DHCP)." Here you must set your first DNS as the following: Static DNS 1: 10.4.0.1 Static DNS 2: 10.5.0.1 Static DNS 3: 50.116.23.211 The first two DNS are AirVPN's DNS. The third DNS is one that I have chosen from the OpenNIC project (see here). This is because I have had trouble connecting to AirVPN DNS when I am not connected to the VPN, but before we are able to connect to the VPN we must be able to download the files we uploaded from our server. As a resulted, we need a trusted DNS with reliable up-time for the initial connection. For added security, do not add the third DNS, and instead use one of AirVPN's (ie 10.6.0.1). This will also provide DNS leak protection when browsing as AirVPN's DNS can only be accessed when connected to the VPN. 6. Reboot your router, and wait a minute or so. Then go to http://www.dnsleaktest.com to check that you are completely behind the IP and DNS you want to be behind. And that's pretty much it. There is no GUI and no further details to add. If you followed the procedure correctly, your router should be connected to AirVPN with no DNS leaks. Enjoy. If this tutorial helped you out, and you would like to show your gratitude, then contact AirVPN and tell them you would like to donate for me an extra month (or more?) of VPN access edit: Updated with the latest packages (March 17 2014) for OpenSSL and OpenVPN. You should experience a 20% bandwidth increase with the latest packages.
  24. Hi guys, I'm new to VPN and would like your advice before I buy something I shouldn't. I live in Europe and I got AirVPN mainly to access content from my native country and the US. Currently I can access both server locations using my laptop and I don't have any problems. Now, I want to expand my connectivity to any devices that uses Wi-fi in my place, for example Roku, Xbox and my Google Nexus. I understand I need to use a DD-WRT router for that. Now my questions: 1. I have a very bad modem/router, which I intend to replace. For me to get AirVPN in all my devices, do I need to by 2 routers? One for internet connection and one for the DDWRT? 2. Is Asus RT-N16 the best option for my DDWRT router? Anything cheaper you would recommend that would be easy to config for AirVPN? 3. What would be the best modem/router for my internet connection? I will be streaming netflix and other online TV. 4. I understand that once I set up a DDWRT router, I need to choose a Server Location, which most likely will be a US one. Now, what about when I want to switch to the Portuguese Server Location to see online TV, at anytime I want? 5. Last question, if I want to go back to my original IP address, how can I do it? thanks
  25. I've been looking at pre-configured DD-WRT dual band routers on flashrouters[dot]com. They set up OpenVPN on a list of VPN services, but AirVPN isn't listed. They also offer to install/configure for other OpenVPN providers if there's a install manual provided by the VPN provider. Will there be any problem with sharing the install information to them? Is it against the rules to run connections from 2 computers through the router to your service?
×
×
  • Create New...