Jump to content


tls-crypt on DD-WRT: got it working!

dd-wrt tls-crypt

  • Please log in to reply
No replies to this topic

#1 JamBam



  • Members
  • Pip
  • 3 posts

Posted 16 December 2018 - 05:27 PM

General info:


- DD-WRT v3.0-r37845M kongac (11/25/18) on a Netgear R7000

- I have configured my R7000 as a Wireless Access Point (see https://wiki.dd-wrt.com/wiki/index.php/Wireless_access_point)



Step 1, generate OpenVPN configuration files


- www.airvpn.org => Client Area => Config Generator

- Activate "Advanced Mode"
- Choose your Operating System: Router
- Choose your OpenVPN version: >= 2.4
- Need IPv6?: IPv4 only
- Advanced (right part of the screen): Activate "Separate keys/certs from .ovpn file"

- Protocols: Protocol: TCP; Port: 443; Entry IP: 3; Specs: tls-crypt, tls 1.2

- Choose server

- Generate protocol

- Select ZIP


Now you have generated a ZIP file containing the following 5 files:

ca.crt; user.crt; user.key; tls-crypt.key; and a .ovpn file, for example: AirVPN_NL-Alblasserdam_Muscida_TCP-443-Entry3.ovpn.



Step 2, DD-WRT => Services => VPN => OpenVPN Client


Hash Algorithm: SHA512


ca.crt goes in "CA Cert"; user.crt goes in "Public Client Cert"; user.key goes in "Private Client Key".


The tls-crypt.key goes in "Additional Config" between <tls-crypt> and </tls-crypt>.
Furthermore I´ve put the following two settings in "Additional Config": remote-cert-tls server and auth-nocache.

The contents of "Additional Config" could, for example, look like this:


remote-cert-tls server
content of tls-crypt.key






The only dissappointing thing: https://2ip.io/privacy/ still knows I am using a VPN service:




Similar Topics Collapse

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Servers online. Online Sessions: 13683 - BW: 51946 Mbit/sYour IP: Access.