Search the Community
Showing results for tags 'mips'.
Found 1 result
Hi, As some of you may know, DD-WRT requires at least 8mb of memory (or 4mb if it's a Broadcom chipset) in order to use OpenVPN. However, this is not the end of the world. I use a D-Link DIR-615 which is unsupported by DD-WRT for OpenVPN, but I am able to get it running. Things to know before hand: 1. My router's processor is only 400mhz, and combined with the lack of memory, it means that the maximum speed I am getting is around 6mbps 8mbps. On a normal machine, I get a lot more. This is due to the processor limitations and not due to the implementation. 2. Most problems I have had are to do with permissions. Make sure your uploaded files are all 777 or 755 permissions. 3. This should work on most MIPS routers. I can guarantee that it is working on the DIR-615 and TL941N routers. 4. The OpenVPN package I am using is from November 2011, so it is relatively outdated. I believe it is version 2.2, whereas the current release is 2.3.2. If someone is willing to repackage it and upload the latest version, it may provide better performance. Updated to March 2014! REQUIREMENTS: 1. You need a server. Maybe AirVPN can help in this regard if they would be willing to host the files? On this server, you will host a package called openvpn_pack.tar.gz containing the openvpn config and libraries for ssl and lzo.You will also host a script and your ovpn files. WHY IS THIS THE CASE? My router only has 64kb of NVRAM. This means that I can only store a small amount of data on there before the memory is consumed. The best way to conserve the NVRAM is to wget the needed scripts from a remote server rather than store them on the router itself. If you use all of your NVRAM, you can brick your router.2. You need your .ovpn file generated through the "Enter" section of AirVPN. And we begin: 1. The first step required is to upload the files to your server. Here is a temporary link to download openvpn_pack.tar.gz (855kb). This is not a host for you to use in your script, and is only staying up temporarily for public access. You must download this package and upload it to your own host, unless AirVPN is willing to host it.The following script must be saved as "executeScript.sh" and uploaded to your server: #!/bin/sh cd /tmp/openvpn export LD_LIBRARY_PATH=/lib:/usr/lib:/jffs/lib:/jffs/usr/lib:/jffs/usr/local/lib:/mmc/lib:/mmc/usr/lib:/opt/lib:/opt/usr/lib:/tmp/openvpn/lib cd /tmp/openvpn killall -9 openvpn sleep 2 insmod /tmp/openvpn/lib/tun echo tun.ko bridged killall -9 openvpn /tmp/openvpn/bin/openvpn --config /tmp/openvpn/client/airvpn.ovpn --daemon echo Started the daemon echo Starting loop to update the routing tunup=0 while [ $tunup ] do sleep 1 if ifconfig tun0 then iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE tunup=1 echo Set the routing tables to use the vpn break fi done You must go through this section of AirVPN and generate your ovpn file. NOTE: You can also add the following lines to the end of your ovpn file if you want to debug any errors: status /tmp/var/log/openvpn-status_tap.log log-append /tmp/var/log/openvpn_tap.log mute 20 The first two lines will make logs of the connection in case you need to troubleshoot, and the third line will limit logging repeating problems to conserve memory. You can use notepad to edit the files. Also, in the script I have called this file AirVPN.ovpn. Your filename will be different. You can either change the script to your filename or you can rename your file to AirVPN.ovpn. 2. The second part is to log into your router at 192.168.1.1, or whatever your router's IP address is. 3. Click the "Administration" tab, and then click on the "Commands" tab. 4. Here you will need to input the start up script. The start up script will fetch the required OpenVPN package from your server, extract it, and begin to execute the scripts. This will be run every time the router turns on. You will need to put the following in the Command Shell textbox and click the "Save Startup" button at the bottom. Please note that you must edit the URLs with your own: #!/bin/sh echo "#!/bin/sh rm -f /tmp/openvpn/client/foobar.ovpn echo Removed foobar file while ! ps | grep -q \"udhcpc\"; do sleep 1 done while ! ls /tmp/openvpn/client | grep -q \"foobar\"; do killall -9 wget killall -9 gzip killall -9 tar echo finished kill sequence cd /tmp rm -f ./openvpn_pack.tar.gz rm -f ./openvpn_pack.tar rm -r -f ./openvpn echo Removed the old files wget http://www.yourhost.com/openvpn_pack.tar.gz sleep 10 chmod +x /tmp/openvpn/openvpn_pack.tar.gz sleep 2 gzip -d ./openvpn_pack.tar.gz tar -xf ./openvpn_pack.tar rm ./openvpn_pack.tar echo Finished unpacking the TAR ball wget http://www.yourhost.com/AirVPN.ovpn -O /tmp/openvpn/client/foobar.ovpn #echo \"foobar\" > /tmp/openvpn/client/foobar.ovpn echo Finished with the OVPN files wget http://www.yourhost.com/executeScript.sh -O /tmp/openvpn/runit.sh chmod +x /tmp/openvpn/runit.sh if ls /tmp/openvpn/client | grep -q \"foobar\"; then echo starting the runit script /tmp/openvpn/runit.sh > /tmp/var/log/runit.log & fi done echo done with getting the stuff " > /tmp/get_openvpn.sh chmod +x /tmp/get_openvpn.sh /tmp/get_openvpn.sh > /tmp/var/log/openvpn_script.log & 5. You should now be able to connect to OpenVPN on your router. However, we are not finished. If you go http://www.dnsleaktest.com, you will see that your DNS is leaking. In order to seal the leaks, you must go to the Setup tab on your DD-WRT homepage, and in Basic Setup there will be a section titled "Network Address Server Settings (DHCP)." Here you must set your first DNS as the following: Static DNS 1: 10.4.0.1 Static DNS 2: 10.5.0.1 Static DNS 3: 184.108.40.206 The first two DNS are AirVPN's DNS. The third DNS is one that I have chosen from the OpenNIC project (see here). This is because I have had trouble connecting to AirVPN DNS when I am not connected to the VPN, but before we are able to connect to the VPN we must be able to download the files we uploaded from our server. As a resulted, we need a trusted DNS with reliable up-time for the initial connection. For added security, do not add the third DNS, and instead use one of AirVPN's (ie 10.6.0.1). This will also provide DNS leak protection when browsing as AirVPN's DNS can only be accessed when connected to the VPN. 6. Reboot your router, and wait a minute or so. Then go to http://www.dnsleaktest.com to check that you are completely behind the IP and DNS you want to be behind. And that's pretty much it. There is no GUI and no further details to add. If you followed the procedure correctly, your router should be connected to AirVPN with no DNS leaks. Enjoy. If this tutorial helped you out, and you would like to show your gratitude, then contact AirVPN and tell them you would like to donate for me an extra month (or more?) of VPN access edit: Updated with the latest packages (March 17 2014) for OpenSSL and OpenVPN. You should experience a 20% bandwidth increase with the latest packages.