Joined: 18 Mar 2014
|Posted: Sat Dec 05, 2020 10:41 Post subject: OpenVPN guides and documentation
|OpenVPN Server Setup guide
Setup as DDWRT router as OpenVPN server including setting up of different clients like phone windows PC and DDWRT router as client.
Also with advanced section like site-to-site setup and much more
The third post has a VPN Troubleshooting guide:
OpenVPN Client setup guide
Instructions to setup an OpenVPN client, including the use of a killswitch and Policy Based Routing.
Also included setup instructions for various providers:
VPN and DNS guide
Advanced reading for DNS setup using VPN clients (WireGuard/OpenVPN) including DNS leaks, routing of DNS servers, adding extra DNS servers, Split DNS etc.:
Some pointers if you are coming from OpenVPN 2.4 and upgrading to OpenVPN 2.5 (build 44627 and later):
How to run multiple OpenVPN clients
If the Built-in PBR possibilities are not sufficient you can use Static Routing See:
For questions just open a thread in the Advanced Networking forum
OpenVPN Policy Based Routing guide
Instructions for using Policy Based Routing, upgraded starting with build number 45420.
Also contains guides to handle DNS problems and leaks, Automatic kill script for PBR (second post) , Watchdog script for OpenVPN to restart the VPN or reboot the router when the connection is lost (third post):
The Built-in PBR can be used in cases where you are using a VPN (Wireguard or OpenVPN) and want to "free" some ports or protocols from the VPN.
This can be useful if you want to port forward via the WAN to a client on your LAN which is using the VPN or use a server and client simultaneously and not wanting to use the standard PBR. See:
Note 1: If you use Policy Based Routings, check and adapt your settings when stepping up to this build or higher!
Note 2: For optimal DNS experience, disable "Query DNS in Strict Order" on Services page.
Changed DNS as strict-order does not seem to be reliable any more
If you enable Split DNS the IP addresses in the PBR field will use the first pushed DNS server or if you set your own DNS server(s) (dhcp-option DNS x.x.x.x) it will use the first you have set.
Note you have to manually set routing for the DNS servers you have added if you want that DNS servers to route via the tunnel (route x.x.x.x 255.255.255.255 vpn_gateway).
All other addresses will use the regular DNS servers
Reinstate scramble patch
Update to OpenVPN 2.5.5
Triple state radio button for pushing Default gateway, Servers subnet and off
change password box to display as password (hide when not entered)
Add block option for multicast when using TAP mode
Add notification to reboot (for those who do not read manuals)
Restart firewall after changing
Fix unwanted deleting of iprules after inactivity timeout and with killswitch disabled
NAT rule for seamless LAN access
(thanks to @eibgrad for his help and advice)
Upgrade to OpenVPN 2.5.6: https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst
mtu-disc should be fixed (finally) so you can see if MTU 1500 is working again (see VPN troubleshooting guide)
Killswitch on a WAP
Routers:Netgear R7800, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000 (converted WRT320N), WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Last edited by egc on Fri Mar 18, 2022 10:53; edited 33 times in total
Joined: 18 Mar 2014