Changes

OpenWRT on Asus WL-500gP: Installation Guide

2,702 bytes added, 17:58, 15 July 2007
/* OpenVPN Installation and Configuration */
The following lines were added (+) and removed (-):
dev tap0 proto udp port 1194 keepalive 10 120 ;comp-lzo status openvpn-status.log secret /etc/openvpn/wlan.key persist-key persist-tun verb 6 max-clients 10''note: I have tried "proto tcp-server" using tcp protocol.  It is much slower than using udp.  For some people udp won't work and therefore they have to use tcp.''Create /etc/openvpn/makebridge <nowiki>#!/bin/sh</nowiki> <nowiki>br="br0"</nowiki> <nowiki>tap="tap0"</nowiki> <nowiki>case "$1" in</nowiki> <nowiki>  up)</nowiki> <nowiki>    insmod tun</nowiki> <nowiki>    for t in $tap; do</nowiki> <nowiki>      openvpn --mktun --dev $t</nowiki> <nowiki>    done</nowiki> <nowiki>    for t in $tap; do</nowiki> <nowiki>      brctl addif $br $t</nowiki> <nowiki>    done</nowiki> <nowiki>    for t in $tap; do</nowiki> <nowiki>      ifconfig $t 0.0.0.0 promisc up</nowiki> <nowiki>    done</nowiki> <nowiki>  ;;</nowiki> <nowiki>  down)</nowiki> <nowiki>    for t in $tap; do</nowiki> <nowiki>      ifconfig $t 0.0.0.0 down</nowiki> <nowiki>    done</nowiki> <nowiki>    for t in $tap; do</nowiki> <nowiki>      brctl delif $br $t</nowiki> <nowiki>    done</nowiki> <nowiki>    for t in $tap; do</nowiki> <nowiki>      openvpn --rmtun --dev $t</nowiki> <nowiki>    done</nowiki> <nowiki>    rmmod tun</nowiki> <nowiki>  ;;</nowiki> <nowiki>  *)</nowiki> <nowiki>    echo "$0 {up|down}"</nowiki> <nowiki>  ;;</nowiki> <nowiki>esac</nowiki>Create /etc/init.d/S65openvpn <nowiki>#!/bin/sh</nowiki> <nowiki>case "$1" in</nowiki> <nowiki>  start)</nowiki> <nowiki>    /etc/openvpn/makebridge up</nowiki> <nowiki>    openvpn --daemon --config /etc/openvpn/wlan_roachnet.conf</nowiki> <nowiki>  ;;</nowiki> <nowiki>  restart)</nowiki> <nowiki>    $0 stop</nowiki> <nowiki>    sleep 3</nowiki> <nowiki>    $0 start</nowiki> <nowiki>  ;;</nowiki> <nowiki>  reload)</nowiki> <nowiki>    killall -SIGHUP openvpn</nowiki> <nowiki>  ;;</nowiki> <nowiki>  stop)</nowiki> <nowiki>    killall openvpn</nowiki> <nowiki>    /etc/openvpn/makebridge down</nowiki> <nowiki>  ;;</nowiki> <nowiki>esac</nowiki>Execute permissions on file chmod a+x /etc/init.d/S65openvpnStart the OpenVPN and check out interfacesSome modifications to the iptables firewall /etc/firewall.user iptables -t nat -A prerouting_rule -i br1 -p udp --dport 1194 -j ACCEPT iptables -A input_rule -i br1 -p udp --dport 1194 -j ACCEPT== WPA Wireless Security ==Enable WPA Wireless Security (as opposed to WEP)# WiFi Protected Access (WPA) is the new security standard adopted by the WiFi Alliance consortium.# nas is the proprietary binary tool that sets up dynamic encryption (WEP/WPA) on the wireless device.
Admin
Bureaucrat, administrator
16,192
edits