The following lines were added (+) and removed (-):
dev tap0 proto udp port 1194 keepalive 10 120 ;comp-lzo status openvpn-status.log secret /etc/openvpn/wlan.key persist-key persist-tun verb 6 max-clients 10''note: I have tried "proto tcp-server" using tcp protocol. It is much slower than using udp. For some people udp won't work and therefore they have to use tcp.''Create /etc/openvpn/makebridge <nowiki>#!/bin/sh</nowiki> <nowiki>br="br0"</nowiki> <nowiki>tap="tap0"</nowiki> <nowiki>case "$1" in</nowiki> <nowiki> up)</nowiki> <nowiki> insmod tun</nowiki> <nowiki> for t in $tap; do</nowiki> <nowiki> openvpn --mktun --dev $t</nowiki> <nowiki> done</nowiki> <nowiki> for t in $tap; do</nowiki> <nowiki> brctl addif $br $t</nowiki> <nowiki> done</nowiki> <nowiki> for t in $tap; do</nowiki> <nowiki> ifconfig $t 0.0.0.0 promisc up</nowiki> <nowiki> done</nowiki> <nowiki> ;;</nowiki> <nowiki> down)</nowiki> <nowiki> for t in $tap; do</nowiki> <nowiki> ifconfig $t 0.0.0.0 down</nowiki> <nowiki> done</nowiki> <nowiki> for t in $tap; do</nowiki> <nowiki> brctl delif $br $t</nowiki> <nowiki> done</nowiki> <nowiki> for t in $tap; do</nowiki> <nowiki> openvpn --rmtun --dev $t</nowiki> <nowiki> done</nowiki> <nowiki> rmmod tun</nowiki> <nowiki> ;;</nowiki> <nowiki> *)</nowiki> <nowiki> echo "$0 {up|down}"</nowiki> <nowiki> ;;</nowiki> <nowiki>esac</nowiki>Create /etc/init.d/S65openvpn <nowiki>#!/bin/sh</nowiki> <nowiki>case "$1" in</nowiki> <nowiki> start)</nowiki> <nowiki> /etc/openvpn/makebridge up</nowiki> <nowiki> openvpn --daemon --config /etc/openvpn/wlan_roachnet.conf</nowiki> <nowiki> ;;</nowiki> <nowiki> restart)</nowiki> <nowiki> $0 stop</nowiki> <nowiki> sleep 3</nowiki> <nowiki> $0 start</nowiki> <nowiki> ;;</nowiki> <nowiki> reload)</nowiki> <nowiki> killall -SIGHUP openvpn</nowiki> <nowiki> ;;</nowiki> <nowiki> stop)</nowiki> <nowiki> killall openvpn</nowiki> <nowiki> /etc/openvpn/makebridge down</nowiki> <nowiki> ;;</nowiki> <nowiki>esac</nowiki>Execute permissions on file chmod a+x /etc/init.d/S65openvpnStart the OpenVPN and check out interfacesSome modifications to the iptables firewall /etc/firewall.user iptables -t nat -A prerouting_rule -i br1 -p udp --dport 1194 -j ACCEPT iptables -A input_rule -i br1 -p udp --dport 1194 -j ACCEPT== WPA Wireless Security ==Enable WPA Wireless Security (as opposed to WEP)# WiFi Protected Access (WPA) is the new security standard adopted by the WiFi Alliance consortium.# nas is the proprietary binary tool that sets up dynamic encryption (WEP/WPA) on the wireless device.