Posts tagged ‘OpenVPN’

As described before, I chose to use the mini-build of dd-wrt on my Linksys WRT320N. Since I wanted OpenVPN support, I needed to add it myself.

Installing

I again used the openwrt modules, openvpn has its own package. There are, however, several dependencies:

  • libssl.so.0.9.8 and libcrypto.so.0.9.8 from libopenssl
  • liblzo2.so.2.0.0 (and symlinks) from liblzo

I already had libcrypto installed, so I only needed 713kB of free space.

Configuring

Setup was fairly straightforward. Just make sure to do all heavy calculations on your desktop computer (i.e. generating keys). I installed the CA and host certificate into /jffs/etc/ssl, and added my openvpn-specific config files into /jffs/etc/openvpn. I did rewrite the verify-cn script from perl to bash, since dd-wrt doesn’t come with perl.

Next, I wrote a very simple wanup script to get openvpn (re)started at the appropriate time:

# openvpn.wanup
if [ -e /tmp/openvpn.pid ] ; then
    kill -HUP `cat /tmp/openvpn.pid`
else
    /jffs/sbin/openvpn --cd /jffs/etc/openvpn --config server.conf --daemon --log /tmp/openvpn.log --writepid /tmp/openvpn.pid
fi

Obviously: don’t forget to add the corresponding configuration to the firewall.

As mentioned before, when switching to IPv6 (or more realistically, to dual stack) one of the things that might not work out of the box is VPNs. I decided to put some effort in it to get it to work anyway.

Continue reading ‘Configuring OpenVPN to support IPv6’ »