OpenVPN is used to build site-to-site VPNs with SSL/TLS protocol, or with pre-shared keys.
This article describes the procedure to configure your NETGEAR WGR614L as an OpenVPN server using DD-WRT firmware.
I am using the static key method to configure the server. This guide also assumes that you have OpenVPN installed on your PC.
Step 1: Generating Static Keys
At first, we generate a static key at our PC using the following method(s):
Unix:
In Unix based systems, we need to issue the following command to generate a static key:
openvpn –genkey –secret static.key
Windows:
Click on “Start > Programs > OpenVPN > Generate a static OpenVPN key”
This will create a c:\Program Files\Open VPN\config\key.txt file and you should rename it to static.key.
Step 2: Updating Startup Script On The Server Side (i.e., WGR614L)
Once the static key has been generated, you need to update the start up script on the server side accordingly.
This is done by pasting the following commands into WGR614L at “Administration > Commands > Command Shell”
openvpn --mktun --dev tap0
brctl addif br0 tap0
ifconfig tap0 0.0.0.0 promisc up
echo "
-----BEGIN OpenVPN Static key V1-----
YOUR KEY STRING WILL BE HERE
-----END OpenVPN Static key V1-----
" > /tmp/static.key
ln -s /usr/sbin/openvpn /tmp/myvpn
/tmp/myvpn --dev tap0 --secret /tmp/static.key --comp-lzo --port 1194 --proto udp --verb 3 --daemon
It has been shown in the figure below:
After completing this step, click Save Startup and it will update the startup script.
Then, we should edit the firewall settings by giving the following command in “Administration > Commands > Command Shell:"
iptables –I INPUT 1 -p udp –dport 1194 -j ACCEPT
It has been shown in the figure below:
Then click Save Firewall to save the firewall settings.
After these two steps, the start up script and the firewall should look like the figure shown below:
Step 3: Verify Your Work
Now, reboot your router. Login with ssh to see that myvpn is running.
It can be checked by giving the following command:
ps | grep vpn
You can also paste the “ps | grep vpn” command into the Administration > Command > Command shell to see if it is running correctly.
Quick Links
Can you post the firmware you used?
Thanks
Hello. Do you know of any way to use RADIUS in conjunction with this? Either with a RADIUS server running on another machine, or on the DD-WRT router?
Thank you.