Anybody interested in how to turn a cheap DIR-615d router (as supplied by VM and available on a certain auction site for as little as £5 incl p+p) into an OpenVPN compatible router ?
OpenVPN router !
- Thread starter nozzer
- Start date
- Joined
- Oct 29, 2005
- Messages
- 1,416
- Reaction score
- 410
Can you supply details. Thanks
Sounds interesting, count me in. 
I would....and also, what the advantages of an openvpn router?
Last edited:
Its all very experimental at the moment and really only done to prove a point !
The standard builds of dd-wrt available for this router only include PPTP/L2TP vpn functionality which is ok for most people but tends not to work so well (or at least not easily) when cascaded through a primary router. OpenVPN is a far more flexible protocol (and theoretically more secure) in that it works quite nicely with NAT redirection and will thus work easily with cascaded routers.
So, as dd-wrt doesn't supply OpenVPN functionality as standard we have do one of 2 things.
1/ Replace the 4Meg flash chip in the router with an 8Meg one which will allow us add OpenVPN as an addon module. This is possible but not particularly easy. If you want to try it then it does have the benefit of you ending up with a very nice user interface !!!
2/ Use the alternative Open-wrt firmwares. This is somewhat easier but the disadvantage is the user interface is pretty crappy. Still, once set up it works fine so who cares about the user interface
Ok, so I chose option2 (I actually did both but we'll stick with option2 for the purposes of this thread).
Open-wrt is completely open-source and offers a relatively simple build interface that allows you to make custom firmwares with lots of different functionality available ranging from built in web servers, ftp servers, mail servers right through to, would you believe, OpenVPN.
You can, of course download the complete source code from the repository and build your own firmware with reasonable high confidence that it will work on your router (as long as you stick to the rules - the main one being you have to stay within the space confines of your flash chip - for a dir615d thats about 3.65Mbytes max image (flash chip is 4Meg but there's a 256k overhead for 'other stuff' and you need a little free space) )
Building an image is easy enough using a vmware/VirtualBox etc linux session but to make things easier i've attached an image I built earlier that gives basic functionality plus OpenVPN (note I have made NO attempt to get wireless running in this image although the components necessary to do so are present. Wireless operation is just not important to me)
Note there are two files in the attachment. The webflash version is signed and can be used to flash the router directly from the d-link/VM flash update page. The standard version can be used to update via the routers emergency room or it can update from dd-wrt or any previous Open-wrt images that may be on the router (PLEASE BE AWARE - upgrading flash images could brick your router and leave it unusable).
Once you've flashed the router the new (rather sparse) config should be available on 192.168.1.1. If everything went well then you should see the OpenWRT/Kamikaze logo
The standard builds of dd-wrt available for this router only include PPTP/L2TP vpn functionality which is ok for most people but tends not to work so well (or at least not easily) when cascaded through a primary router. OpenVPN is a far more flexible protocol (and theoretically more secure) in that it works quite nicely with NAT redirection and will thus work easily with cascaded routers.
So, as dd-wrt doesn't supply OpenVPN functionality as standard we have do one of 2 things.
1/ Replace the 4Meg flash chip in the router with an 8Meg one which will allow us add OpenVPN as an addon module. This is possible but not particularly easy. If you want to try it then it does have the benefit of you ending up with a very nice user interface !!!
2/ Use the alternative Open-wrt firmwares. This is somewhat easier but the disadvantage is the user interface is pretty crappy. Still, once set up it works fine so who cares about the user interface
Ok, so I chose option2 (I actually did both but we'll stick with option2 for the purposes of this thread).
Open-wrt is completely open-source and offers a relatively simple build interface that allows you to make custom firmwares with lots of different functionality available ranging from built in web servers, ftp servers, mail servers right through to, would you believe, OpenVPN.
You can, of course download the complete source code from the repository and build your own firmware with reasonable high confidence that it will work on your router (as long as you stick to the rules - the main one being you have to stay within the space confines of your flash chip - for a dir615d thats about 3.65Mbytes max image (flash chip is 4Meg but there's a 256k overhead for 'other stuff' and you need a little free space) )
Building an image is easy enough using a vmware/VirtualBox etc linux session but to make things easier i've attached an image I built earlier that gives basic functionality plus OpenVPN (note I have made NO attempt to get wireless running in this image although the components necessary to do so are present. Wireless operation is just not important to me)
Note there are two files in the attachment. The webflash version is signed and can be used to flash the router directly from the d-link/VM flash update page. The standard version can be used to update via the routers emergency room or it can update from dd-wrt or any previous Open-wrt images that may be on the router (PLEASE BE AWARE - upgrading flash images could brick your router and leave it unusable).
Once you've flashed the router the new (rather sparse) config should be available on 192.168.1.1. If everything went well then you should see the OpenWRT/Kamikaze logo
If anybody gets that far and wants to go further then I'm happy to assist you through a simple configuration to use an external vpn provider as an internet 'redirector' (ie, encrypt everything from your ISP and give yourself an IP in whichever country your vpn provider hosts).
You obviously need a VPN host to do this though. One you could possibly use for testing is USAIP but this only provider a 7 minute demo (user: demo, passwd: demo) account
You obviously need a VPN host to do this though. One you could possibly use for testing is USAIP but this only provider a 7 minute demo (user: demo, passwd: demo) account
I have two DIR615D routers with the standard Brainslayer dd-wrt firmware on both. However, it doesn't seem possible, with any of the builds of dd-wrt, to have OpenVPN on this router model. There is PPTP but NOT OpenVPN.
If anyone knows differently please let me know how because I'd like to use OpenVPN.
If anyone knows differently please let me know how because I'd like to use OpenVPN.
sounds good, i'll have a shot once i pic up a compatible router, do you not need to pay for hosted vpn's?
other than incryption is that too and from the isp? and then having an ip address from where? where the other vpn on the system is?
other than incryption is that too and from the isp? and then having an ip address from where? where the other vpn on the system is?
Possibly, but there are still a few free ones. The main reason I wanted OpenVPN is that its easier to cascade through multiple routers than the alternative PPTP or L2PT protocols and usually tends give a more stable connection (although it is more resource hungry).
Encryption will be between yourself and the other end of the VPN. This effectively means all your ISP see's is a connection to the VPN server. They cant actually tell what the real destination is nor can they view the actual data or even tell what the underlying protocol is.
Your public IP effectively becomes the IP of the other end of the VPN. This means that you can easily grab an IP in the US etc (using a US based VPN) and view a lot of streaming material that may normally be restricted to US only customers.
Shindig
DW Regular
To fully appreciate the DD-WRT features you could really do with a WGR614L or better still the (slight more expensive) WNR3500L.
These have alot more RAM available for flashing.
Becareful though, alot of described WGR614L routers available on ebay are actually WGR614v9, sent out by VM and are unflashable.
These have alot more RAM available for flashing.
Becareful though, alot of described WGR614L routers available on ebay are actually WGR614v9, sent out by VM and are unflashable.
