Advertisements

Set up an encrypted VPN using DD-WRT

DD-WRT is feature-rich alternative firmware for a large number of home router models. It adds a wonderful array of new features, VPN being one of them. This walkthrough will show you how to quickly and easily configure a PPTP VPN server on your DD-WRT-powered router, so you can connect to your home network from afar, create a secure tunnel so you can safely use a public Wifi point with your laptop, or secure your iOS or Android device.

Setting up the VPN Server

So here’s how to get started. First, you’ll need a build of DD-WRT supported by your router which includes the VPN software. If you’re doing this on an Internet connection which has an IP address that changes periodically (i.e. residential), you’ll likely want a Free DynDNS hostname to point to your IP address. You’ll also need a basic familiarity of networking.

For the remainder of this guide, I will assume your router’s internal (LAN) IP address is 192.168.1.1.

Start by going to http://192.168.1.1 and login to your router’s administration panel.

Go to Services > VPN and set PPTP Server to enable. After doing that, a few new options will appear. The only ones you need to set are Server IP, Client IP(s), and CHAP Secrets. Set them as follows:

Server IP: You can set this to your router’s LAN IP, i.e. 192.168.1.1

Client IPs: Set this to an IP range OUTSIDE your DHCP range (See Setup > Basic Setup to figure your DHCP range) A good example value would be 192.168.1.200-250 for clients to receive addresses within that range.

CHAP Secrets: This is the username/password combinations for your VPN clients. Format is:
username*password*
Example:
myname * mypassword *

Neither the username nor password can contain spaces, and must be all-lowercase.

You’re done with this page; Click Apply Settings.

Now go to Security > VPN Passthrough and make sure PPTP is set to Enabled. Click Apply Settings if you had to change the setting.

You should now be able to connect to your VPN using your Windows, Mac, or Linux computer by setting up a PPTP connection to your public (WAN) IP or hostname.

Troubleshooting

Can’t get connected? First, try setting up your connection to the router itself, using the LAN IP (192.168.1.1). If that works, then the VPN server is set up correctly; the problem is likely on the WAN side. Keep reading for suggestions. If you weren’t able to get connected, go back to the top and double-check your settings.

iOS-Specific changes

You may need to make the following settings adjustment if you are having trouble connecting specifically from your iOS device running iOS 4.3 or above. Go to Administration > Commands and paste the following in the box. Click Save Startup.

#!/bin/sh
echo "nopcomp" >> /tmp/pptpd/options.pptpd
echo "noaccomp" >> /tmp/pptpd/options.pptpd
kill `ps | grep pptp | cut -d ' ' -f 1`
pptpd -c /tmp/pptpd/pptpd.conf -o /tmp/pptpd/options.pptpd

(Source: DD-WRT Wiki)

If you can connect from the LAN side, but are still having trouble connecting from the WAN side, it’s likely your ISP or your gateway device (modem) is blocking the needed GRE protocol or the needed PPTP port or traffic. Contact your ISP for further assistance.

Do you have any experience or tips to share regarding VPN connections to a DD-WRT-powered router, or any suggestions in addition to the above? Please feel free to share them in the comments below. Thank you!

Advertisements

, , , , , , , , , ,