Jump to content


Photo

Using AirVPN with OpenWRT

OpenWRT linux router how

  • Please log in to reply
16 replies to this topic

#1 urbanconcrete

urbanconcrete

    Advanced Member

  • Members
  • PipPipPip
  • 49 posts

Posted 03 October 2015 - 08:52 AM

Using AirVPN with OpenWRT
 
This guide is for users who want to set up a OpenWRT (Chaos Calmer) router and have it already up and running without modification.
This guide will work with a router that has more than one network interface and at least 8 MB flash (because of the dependencies).
Please backup your router first!!!
 
1. Set up the wan interface as a dhcp client, that way you can use your router at most of the isp boxes.
 
2. Set up a wireless network with the name and password of you choise, a dhcp server. (Please note that you should use WPA2-PSK). 
 
3. Connect to your new wireless network.
 
4. Unbridge the LAN interface(s). Go to "Physical Settings" of the LAN interface(s) and uncheck the "creates a bridge over specified interface(s). Check the interface button of your new wireless network.
 
5. Connect to your router via SSH.
 
6. Install dependencies for the openvpn setup. First update the packages, than install openvpn and nano
Spoiler
 
7. Backup the openvpn files
Spoiler
 
8. Create a new interface called airvpn
Spoiler

 
9. Use the "Config Generator" of Airvpn to create the openvpn files. Please select the "Advanced Mode" and check "Separate keys/certs from .ovpn file" and
"Resolved hosts in .ovpn file". Save the files on your machine.
 
10. On the router move into the openvpn folder
Spoiler
 
11. Use nano to create all the required files on your router.
Copy and paste the following files "AirVPN_**************.ovpn, ta.key, ca.crt, user.crt, user.key".
Rename the "AirVPN_**************.ovpn" into airvpn.conf for usability.
Spoiler
 
The air.conf should look like this 
Spoiler
 
12. Create a firewall zone for the vpn.
Spoiler
 
13. Reboot router
 
14. Test openvpn configuration
Spoiler
At the end it should show "Initialization Sequence Completed"
Stop openvpn with "Ctrl-C".
 
15. Use the Airvpn DNS (here Port 443 - Protocol UDP) and reboot. Please change if you use different port (https://airvpn.org/specs/)
Spoiler

 

16. Secure against IP Leak, backup old firewall and create new firewall rules

Spoiler

 

Spoiler

 
TEST WITH ipleak.net...

It worked that way with my router, i would be happy if someone else could verify my setup.

 

 



#2 ionik

ionik

    Newbie

  • New Members
  • Pip
  • 2 posts

Posted 02 November 2015 - 09:37 PM

Thanks urbanconcrete, Your Setup instructions are working fine. Unfortunately my router hardware is too undersized for a good overall bandwidth performance. It would be awesome if instructions for making airvpn only available for a guest wlan could be added. Best, ionik

#3 redindian

redindian

    Newbie

  • New Members
  • Pip
  • 3 posts

Posted 21 November 2015 - 03:13 PM

Thanks a lot for this! This really helped me!

 

Couldn't find any easy OpenVPN client instructions and this one is great and it's for AirVPN. Maybe the admins should like to this one in the How To's.

 

Although with my router with a clean OpenWRT CC 15.05 I had to skip the LAN unbridge in step 4. Otherwise I could not connect to my router in any way. Even when I still had the wifi checked. Tried 3 times, no luck. In the end all my traffic is still running over the VPN and ipleak shows no leaking.

 

Thank again!



#4 john222

john222

    Newbie

  • New Members
  • Pip
  • 1 posts

Posted 05 January 2016 - 11:17 PM

I had the problem described on this post. Could you tell me how did you recover the router after you couldn't reconnect?

Thanks

Thanks a lot for this! This really helped me!

 

Couldn't find any easy OpenVPN client instructions and this one is great and it's for AirVPN. Maybe the admins should like to this one in the How To's.

 

Although with my router with a clean OpenWRT CC 15.05 I had to skip the LAN unbridge in step 4. Otherwise I could not connect to my router in any way. Even when I still had the wifi checked. Tried 3 times, no luck. In the end all my traffic is still running over the VPN and ipleak shows no leaking.

 

Thank again!



#5 securvark

securvark

    Advanced Member

  • Members
  • PipPipPip
  • 72 posts

Posted 24 January 2016 - 05:49 PM

nvm ...



#6 urbanconcrete

urbanconcrete

    Advanced Member

  • Members
  • PipPipPip
  • 49 posts

Posted 06 February 2016 - 10:59 AM

Hey there, great that i could help :)

 

 

 

 

It would be awesome if instructions for making airvpn only available for a guest wlan could be added. Best, ioni 

 

Im quite busy at the moment and bricked my device  :whistle: (not by using my guide...), so won't make the guest wlan setup soon. 



#7 johndoe_01

johndoe_01

    Newbie

  • Members
  • Pip
  • 8 posts

Posted 25 February 2016 - 01:14 PM

No internet and router not accesible. Don't know what I did wrong. Is there another solution wit AirVPN ? Tried this serval times but with the same results. Need to reset router to gain access. (TP-LINK wrt1043nd - v2 - OpenWRT).



#8 johndoe_01

johndoe_01

    Newbie

  • Members
  • Pip
  • 8 posts

Posted 26 February 2016 - 03:12 PM

I found the problem. In the AirVPN_Europe_UDP-443.ovpn I had to change the line explicit-exit-notify 5 to # explicit-exit-notify 5 (disable). Working like a charm. Thanks ! 



#9 b3wii

b3wii

    Newbie

  • New Members
  • Pip
  • 4 posts

Posted 29 August 2016 - 11:28 AM

Hi i get this error after testing vpn connection with "openvpn --cd /etc/openvpn --config /etc/openvpn/airvpn.conf":

 

Mon Aug 29 11:26:50 2016 OpenVPN 2.3.6 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jan 31 2016
Mon Aug 29 11:26:50 2016 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Mon Aug 29 11:26:50 2016 WARNING: file 'user.key' is group or others accessible
Mon Aug 29 11:26:50 2016 Cannot load CA certificate file ca.crt (no entries were read) (OpenSSL)
Mon Aug 29 11:26:50 2016 Exiting due to fatal error
root@OpenWrt:/etc/openvpn#


#10 Staff

Staff

    Advanced Member

  • Staff
  • PipPipPip
  • 7566 posts

Posted 29 August 2016 - 12:11 PM

Mon Aug 29 11:26:50 2016 Cannot load CA certificate file ca.crt (no entries were read) (OpenSSL)

 

Hello,

 

try to specify the full path to ca.crt in airvpn.conf file.

 

Kind regards



#11 b3wii

b3wii

    Newbie

  • New Members
  • Pip
  • 4 posts

Posted 29 August 2016 - 05:37 PM

.



#12 Staff

Staff

    Advanced Member

  • Staff
  • PipPipPip
  • 7566 posts

Posted 30 August 2016 - 11:00 AM

Mon Aug 29 17:31:23 2016 RESOLVE: Cannot resolve host address: nl.vpn.airdns.org: Name or service not known

 

Your router can't resolve that, the message is quite self-explanatory. Check DNS or use only IP addresses to make names resolution unnecessary when not in the VPN.

 

Kind regards



#13 b3wii

b3wii

    Newbie

  • New Members
  • Pip
  • 4 posts

Posted 30 August 2016 - 03:33 PM

.



#14 b3wii

b3wii

    Newbie

  • New Members
  • Pip
  • 4 posts

Posted 30 August 2016 - 05:28 PM

@Staff

 

Please remove my previous posts in this thread and just edit this post to:

 

If you get this error: "Cannot load CA certificate file ca.crt (no entries were read) (OpenSSL)"

 

 => Inserting a line break after -----BEGIN CERTIFICATE----- and before -----END CERTIFICATE-----.

 

IF you get this error: RESOLVE: Cannot resolve host address: *.vpn.airdns.org: Name or service not known

 

 => ping *.vpn.airdns.org and replace the line

 

    remote *.vpn.airdns.org with

    remote <IP ADDRESS>

 

in file /etc/openvpn/airvpn.conf



#15 ulmwind

ulmwind

    Member

  • Members
  • PipPip
  • 24 posts

Posted 05 January 2017 - 11:48 AM

You can see my manual https://airvpn.org/topic/20303-airvpn-configuration-on-openwrt-preventing-traffic-leakage-outside-tunnel/



#16 TnIzP^wx*X7ikL6zo6T

TnIzP^wx*X7ikL6zo6T

    Newbie

  • New Members
  • Pip
  • 2 posts

Posted 25 September 2017 - 08:31 PM

urbanconcrete your a life saver.... There is no way I couldve set up openwrt  on my linksys router without your tutorial.    Thanks a million.  :good:

#17 Moat

Moat

    Member

  • Members
  • PipPip
  • 16 posts

Posted 14 August 2018 - 09:00 PM

Does anyone care to creare a guide configuring airvpn on openwrt LUCI? I'm totally lost with seamingly too few options in the simple and way too many options in the advanced gui. Thanks!


_____________________________________

A moat does not protect against pigeons!






Similar Topics Collapse


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Servers online. Online Sessions: 13123 - BW: 40255 Mbit/sYour IP: 54.162.133.222Guest Access.