Wednesday, January 4, 2017

Enable OpenVPN Tunnel on OpenWrt

Enable OpenVPN Tunnel on OpenWrt


This post is about how to enable OpenVPN on OpenWrt Barrier Breaker.
First we need to install openvpn-openssl
opkg update
opkg install openvpn-openssl
Next we will be using the provided ovpn file instead of OpenWRT config.
It is actually the same thing because OpenWrt converts the config file to a file readable by openvpn but using a vendor provided config is more convenient and less error prone.

In this example we have 3 files
  1. The ovpn file provided by your VPN Provider (Netherlands.ovpn)
  2. Password File (Password.txt)
  3. Certificate File (TrustedRoot.pem)
 Lets take a look at the ovpn file
client
dev tun
proto udp
remote XX.XXX.XX XXXX
cipher AES-128-CBC
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ca TrustedRoot.pem
verb 3
auth-user-pass Password.txt
reneg-sec 0

Note that ca refers to the certificate file indicated by TrustedRoot.pem
And auth-user-pass refer to the password file.
If your VPN provider uses TLS you need to provide cert and key.
cert my-server.crt
key my-server.key
For this example it is just username and password
The password file looks like this:
username
password
Thats it.

So we upload all 3 files to /etc/openvpn

To start OpenVPN type the below and enter
openvpn --cd /etc/openvpn --daemon --config /etc/openvpn/Netherlands.conf
You should see this in syslog
Sun Sep  7 17:41:35 2014 daemon.notice openvpn[2284]: Initialization Sequence Completed
Next in LuCI

Add a new Interface in this example I call it "hide"
Available link for download

Posted by at
Labels: , , , ,