Here we can see, “How to Setup a VPN Server Using a DD-WRT Router”
You’ll need your VPN if you want to beef up your home network security or connect to it remotely. Here’s how to make one using DD-WRT for free.
VPNs are divided into two categories. The first is the type you use to hide your online activity to increase your security and privacy. The other type is the one you’d use to connect to your home network from afar.
This article will show you how to set up the second type of VPN using only your router and DD-WRT.
DD-WRT is an open-source router firmware that allows you to have more control over your router than most stock routers. Setting up your VPN server isn’t simple, but it’s also not overly complicated. In a step-by-step format, here’s what you need to do.
It’s worth noting that DD-WRT isn’t required. If your router supports VPN and DDNS, that should suffice; you’ll have to adjust and approximate some of the next steps.
1. Installing DD-WRT
We’ll need to install DD-WRT on your router before we can set up the VPN. You can skip ahead if your router already has DD-WRT installed. We’ll be a little vague here because the setup varies depending on the router model you have.
- The first step is to obtain the firmware that will be required to upgrade your router. Enter the model number of your router on this page. If your router is compatible, you’ll be directed to a firmware page with instructions on how to proceed.
- Everything should be labeled clearly. Factory-to-binary.bin is the binary to upgrade from factory firmware in the screenshot above.
- The initial firmware update is performed using the built-in firmware updater on your router. Just like a firmware update, you’ll select the DD-WRT binary from your local computer. (Before loading the actual firmware, some routers may require a prep file, so double-check your instructions.)
- To set up your router, go to http://192.168.1.1 after it has rebooted. You’ll create a username and password for your router on this screen. You’ll be taken to the status page after you’ve completed these.
- Click setup and enter your newly created username and Password.
- You’ll configure your router’s basic settings on the next page, such as its name, IP address, and DHCP server. Select Automatic Configuration – DHCP from the connection drop-down menu. DHCP settings should be left alone. Also, make sure your time zone is set correctly.
- If you want to use a custom DNS service like OpenDNS or Google Public DNS, you can do so on this page. Once you’ve got everything set up the way you want it, click Apply Settings.
- After that, go to the Wireless tab and set up your wireless network according to your preferences. Make sure you don’t make any of these network setup mistakes!
After you’ve completed the basics, go to Wireless Security and enable encryption on your Network.
2. Setting Up Dynamic DNS
- Set up a DNS forwarder for your dynamic WAN IP as the next step. Unless you pay for a static IP, your ISP can change your IP whenever it wants — how often it changes up to your ISP — and you’ll need to update your VPN configuration each time it does.
- We’re going to use a dynamic DNS service to get around this. These services allow you to create a URL that points to the IP address assigned to you by your ISP. Although DD-WRT supports a variety of services, we’ll use the free afraid.org service for this tutorial.
- Unfortunately, there is no simple way to do so. Before you leave the house, check your router page and update your VPN settings to reflect the current WAN IP. Your ISP determines the frequency with which it changes. For short vacations or trips to the coffee shop, this method should suffice.
- You’ll only need a free account, which will grant you access to a subdomain from a list of options.
- Log in and go to the subdomain menu once you’ve created your account. We want to make an A record that will be used as the default. In the next field, type your preferred subdomain, then select your desired domain from the drop-down menu.
- The WAN IP of your router can be found in the upper right corner of your DD-WRT page. After that, click Save and then DDNS. Copy the Direct URL link next to your new subdomain entry on this page.
- Return to the router page once you’ve created your account and subdomain. Select the DDNS tab from the Setup menu. Select freedns.afraid.org from the drop-down menu and enter your username and Password.
- Paste the URL you copied in the previous step into the hostname field. Leave the check for an external IP address set to Yes. The Force Update Interval is set to 10 days by default, but if your IP updates more frequently, you may need to adjust it later.
3. Configuring PPTP
- For the rest of this tutorial, we’ll configure the PPTP (Point to Point Tunneling Protocol) VPN option on DD-WRT in easy mode. This may be the only option available if you have an older router with limited storage.
- Microsoft developed this VPN technology in the past. Generic Routing Encapsulation is used to create a tunnel between your device and your home network. This means that your remote web traffic is wrapped up and sent to your home router in a separate packet. Your request is then processed, and the data is returned in a particular box.
- Though we’re in easy mode here, it’s important to note that PPTP has several security flaws. Although DD-WRT allows you to use MPPE for encryption, this is a flaky protocol. You can access your local resources, but not with the same level of security as with OpenVPN.
- Click the Services tab to set up PPTP. Then, under VPN, expand the configuration by clicking the Enable Option in the PPTP Server area. Broadcast Support should be disabled, but MPPE Encryption should be enabled. Re-enter your DNS settings, but you can probably skip the WINS servers this time.
- Set the MTU and MRU to their default values. You’ll want to use the router’s address for Server IP—192.168.1.1 is the default.
- You’ll also want to set your client’s IP range. This must be written in the following format: xx.xx.xx.xx-xx. For example, if you wanted to do 10.0.25.150-10.0.25.214, you’d type 10.0.25.150-214 into the command line. The Max Associated Clients setting can be left at 64.
- CHAP-Secrets is the next section. You’ll use these usernames and passwords for each client. These are organized as follows: * Passwords * Username (note the spaces between the text and asterisks). Replace the second asterisk with the IP: you want your clients to have a specific IP when connecting to the VPN. 10.0.25.51 * Password for laptop
- After you’ve filled out all of these fields, click Apply Settings, and we’ll proceed to set up your client.
4. Configuring Your Devices
Let’s get your laptop and phone set up now that your VPN is up and running and connected to the Internet. This guide will show you how to set up PPTP on Windows, OS X, and iOS.
You’ll use the same basic information on other operating systems, but keep in mind that your router will require a username and password for each client you want to connect.
Windows 10
Select Settings from the Start Menu. Then, under Network and Internet, select VPN from the drop-down menu. Fill out the form on the Add a VPN Connection screen. Windows should be the VPN provider. For the Connection Name, you have complete freedom.
Enter your afraid.org DNS address or your router’s WAN IP address in the Server name or address field. Select PPTP from the VPN Type drop-down menu. Username and Password is the default sign-on type. Then, when prompted, enter the username and password you created when setting up your router.
When you’re not connected to your local network, you’ll use the VPN menu to connect. There will be your new VPN configuration. Click Connect after you’ve highlighted it.
OS X
Open System Preferences and select Network from the drop-down menu. You’ll need to click the lock and enter an admin password if you don’t have an admin account. Then, to add a new interface, click the plus sign. Select VPN for the interface in the pop-up. Select PPTP as the VPN type.
You can give the name whatever you want and then click Create.
You’ll enter your afraid.org DNS as the Server Address, and the account name will be the username you set up on your router. Set the encryption level you want; 128-bit encryption is the safest. After that, go to Authentication Settings and type in your Password.
Return to the Network panel and select the VPN you created when you’re not connected to your local network. Connect should be chosen.
iOS
Open the Settings app on your phone. Then go to General and scroll down to VPN. Select Add VPN Configuration from the drop-down menu. Tap type, then PTPP, and then the back arrow. Set the description to whatever you want.
Enter your afraid.org DNS address or the WAN IP of your router in the Server. The username you set up on the router is entered in the Account field. RSA SecurID should be turned off. You can either set a password or leave it blank, requiring you to enter it each time you connect.
The encryption level is set to Auto by default, but you can change it to Maximum by clicking through. This is the same level of encryption as OS X’s 40, 128-bit, or strict 128-bit encryption, but the menus are “friendlier” on iOS. Keep Send All Traffic turned on.
VPN will be added as a menu item to the main Settings screen. When you’re not on your local network, turn on the switch next to this option to connect to your VPN.
Conclusion
I hope you found this information helpful. Please fill out the form below if you have any questions or comments.
User Questions:
- Do I need DD-WRT to connect to a VPN?
Installing a VPN on your router is a great idea if you want to use the Internet with freedom, security, and anonymity. DD-WRT is required to establish a VPN on your router. This is a type of alternative firmware (software) that can be used to enhance the functionality of your router.
- Is DD-WRT free software?
It was created in Linux by the programmers behind DD-WRT. This is an open-source software program, which means that anyone can change it and share their versions with others. Because DD-WRT is freely available online, you can usually install it on your router for no cost (aside from the price of the router itself).
- Is DD-WRT a secure router?
The advantage of dd-wrt is not that it is “more secure,” but that it makes updating easier, which is where security comes from. You must, however, complete the task.
- How to set up OpenVPN on a DD-WRT router so that it only connects to specific IP addresses
[QUESTION] How to configure OpenVPN on DD-WRT router to only apply vpn connection on specific IPs from HomeNetworking
- Help with OpenVPN on DD-WRT