7a)  If you are working on the VPN client WRT skip to step 7b.  On the VPN server WRT copy the following script and paste on the command line. (Check the scipt for comments on the few items than need to be updated to match your environment.) 

------------------- Copy starting below this line. -------------------

 nvram set rc_firewall='

#!/bin/sh

##

##

##


#copy openvpn binary to myvpn.  Otherwise, something will kill the process
cp /usr/sbin/openvpn /tmp/myvpn

#needed to allow incoming connections
iptables -I INPUT 2 -p udp --dport 1194 -j ACCEPT

/tmp/myvpn --mktun --dev tun0
ifconfig tun0 10.0.100.1 netmask 255.255.255.252 promisc up

## Change 192.168.2.0 to the network of the remote network.  (The network on the Client VPN WRT)

route add -net 192.168.2.0 netmask 255.255.255.0 gw 10.0.100.2
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT

/tmp/myvpn --dev tun0 --secret /jffs/static.key --comp-lzo --port 1194 --proto udp --verb 3 --daemon  --ping 30 --ping-restart 120

' 

--------------- Stop here when selecting text to copy -------------------------- 

7b) On the VPN clien WRT ctopy the following script and paste on the command line. (Check the scipt for comments on the few items than need to be updated to match your environment.)

------------------- Copy starting below this line. -------------------

nvram set rc_firewall=' 

#!/bin/sh

##
##
##


#copy openvpn binary to myvpn.  Otherwise, something will kill the process
cp /usr/sbin/openvpn /tmp/myvpn

#needed to allow incoming connections
iptables -I INPUT 2 -p udp --dport 1194 -j ACCEPT

/tmp/myvpn --mktun --dev tun0

ifconfig tun0 10.0.100.2 netmask 255.255.255.252 promisc up

## Change 192.168.1.0 to the network of the remote network.  (The network on the Server VPN WRT)

route add -net 192.168.1.0 netmask 255.255.255.0 gw 10.0.100.1

iptables -I FORWARD -i br0 -o tun0 -j ACCEPT

iptables -I FORWARD -i tun0 -o br0 -j ACCEPT

## Change the VPNSERVER.dnsalias.com portion to the DNS name of the VPN server WRT or its IP address.

/tmp/myvpn --dev tun0 --secret /jffs/static.key --comp-lzo --port 1194 --proto udp --verb 3 --daemon --remote VPNSERVER.dnsalias.com --ping 30 --ping-restart 120

'

--------------- Stop here when selecting text to copy --------------------------

 8) Type nvram commit  and hit <enter>

 9) Now reboot you routers and attempt to ping hosts accross the VPN tunnel.  (You will not be able to ping the WRTs addresses.  You have to ping a host on the network other than the WRT.)  

That should be it and good luck! 

Comments

Written by shortymorty on 2006-04-23 11:41:30 Hello,  Great article! Unfortunately it is still over my head. Do you offer any consulting services to implement this kind of solution? If so, do you also have references available?    Thanks for your help!

Written by admin on 2006-04-24 19:41:32 I do a considerable amount of consulting as well work in a full-time position in Information Technology. I would be glad to supply references and consult.    Thanks    Kevan

Bridged VPN Written by This email address is being protected from spam bots, you need Javascript enabled to view it on 2006-09-10 11:20:30 IF I can get this to work it would be a great solution for me. I have setup two wrt54gsv4's with DD-WRT SP1 vpn 5/16/06 when I tried with a earlyer RC I got memory error's whe executing telnet commands. I havn't had a chance to try it yet my other location is two hours away. However all telnet  commands seem to execute properly with 5/16/06 SP1vpn.  I also may be interested in consuting services if I can't  get it working.    Thank's for the guide!!

Written by Spiken on 2007-04-01 11:50:06 I ve got the same probleme with a wrt54g v2 (4MB of flash, 32MB of ram) and DD-WRT (v23 SP2 vpn).    Message :    ~ # openvpn --genkey --secret /jffs/static.key  Sun Apr 1 20:42:11 2007 Cannot open shared secret file '/jffs/static.key' for write: No space left on device (errno=2  Sun Apr 1 20:42:11 2007 Exiting  ~ #    Free space disk :    ~ # df -h  Filesystem Size Used Available Use% Mounted on  /dev/root 2.8M 2.8M 0 100% /  /dev/mtdblock/4 320.0k 320.0k 0 100% /jffs  ~ #    Don't understand why all partition are 100% full (4MB - 2.8MB - 0.320MB = 1.68 MB free)

Only registered users can write comments.
Please login or register.

Powered by AkoComment!