How does one learn every setting on DD-WRT, i mean, is there not a specific key reference idiots guide where it states the option, explains what the option is for and further lists situations when one should use it and why etc?
hmmm i learned them hard way, bit by bit, one bit at the time, google, forums, self-education...
im may case there was no "pour all da juice in ma brain at once, situation" it take patience time and understanding...and effort..
Yes, i hear you, thanks, i shall do the same, however that leaves me with my guest network config quest, i have now set up WLAN1 & WLAN1.1 the latter is the guest.(yet i need both to be fully VPN protected yet separate)
I put here my setting, please if someone could tell me if correct, the bridged and unbridged part in particular i confused and DHCPD.
THIS IS MY NORMAL BROADCAST
Physical Interface wlan1 - SSID
Wireless Mode = AP
TurboQAM (QAM256) support = DISABLED.
U-APSD (Automatic Power Save) = Disabled.
Disassoc Low Ack = Disabled.
Protection Mode = NONE.
RTS Threshold = Disabled.
Short Preamble = Disabled.
Short GI = Enabled.
AP Isolation = Enabled.
Beacon Interval = 100
DTIM Interval = 2
WMM Support = Enabled.
ScanList = DEFAULT.
Sensitivity Range (ACK Timing) = 500
Max Associated Clients = 256
------------------------------------------
Drop Clients with Low Signal
Minimum Signal for authenticate = -128
Minimum Signal for connection = -128
Poll Time for signal lookup = 10
Amount of allowed low signals = 3
-----------------------------------------
Multicast To Unicast = DISABLED.
Network Configuration = Bridged .
----------------------------------------------------
----------------------------------------------------
THIS IS MY VIRTUAL (GUEST) NETWORK WHICH SHOULD BE ISOLATED FROM MAIN NETWORK.
Virtual Interfaces wlan1.1 SSID
WIRELESS - BASIC SETTINGS
Wireless Mode = AP
RTS Threshold = Disabled.
WMM Support = Enabled.
U-APSD (Automatic Power Save) = Disabled.
AP Isolation Enabled.
Max Associated Clients = 256
DTIM Interval = 2.
--------------------------------------
Drop Clients with Low Signal
Minimum Signal for authenticate = -128
Minimum Signal for connection = 128.
Poll Time for signal lookup = 10.
Amount of allowed low signals = 3.
Network Configuration = Unbridged.
Multicast forwarding = Disabled.
Masquerade / NAT = Enabled.
Filter WAN NAT Redirection = Disabled.
Net Isolation = Enabled.
Forced DNS Redirection = Disabled.
(VPS)IP Address = 192.168.4.1/0
----------------------------------------
I also then after the above settings, i went into SETUP - NETWORKING - DHCPD
then i changed Multiple DHCP Server to WLAN1.1 then i saved & re-booted then went back & it just shows the said IP of the WLAN1.1 (VPS) being; 192.168.4.1/0 & No subnetmask or anything, not sure if i need a subnetmask on a VPN.
If all the above looks correct then i need a way to check that both WLAN & WLAN1.1 are completely separate in the real world which i cant think how i would do that test to be sure.
I also need to config 1 of the Ethernet ports on the VPN Router to work with WLAN1.1 and be separate from WLAN1 which i presume to be configured somehow in SETUP - NETWORKING - PORT SETUP yet idk for sure.
and then add a Kill switch somehow, not sure if the command someone kindly gave earlier in this post would be suffice with my config or not either. _________________ Thanks, Sue
... assume the presence of only the default private network interface (br0). If you want something to cover *all* possible network interfaces, you can eliminate the input network interface option (-i).
Joined: 04 Aug 2018 Posts: 1446 Location: Appalachian mountains, USA
Posted: Fri Apr 09, 2021 23:32 Post subject:
Just to jump in quickly to answer one of your many earlier questions: @eibgrad is far more up-to-date and expert on setting up dd-wrt's OpenVPN client than ExpressVPN is. VPN providers almost always post instructions that are a few years old, so they have missed out on a great deal of evolution in dd-wrt and even in OpenVPN. VPN providers' instructions should always be considered suspect. _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
... assume the presence of only the default private network interface (br0). If you want something to cover *all* possible network interfaces, you can eliminate the input network interface option (-i).
Make sure to reboot after adding the above to the firewall script.
If you want to test it, just disable the OpenVPN client and you'll find your LAN clients (private or guest network) will have NO internet access. Not until the VPN is activated again.
Your response doesnt seem to answer my questions or i just dont really understand your response, please can you simplify your response more for me as i am a newbie? _________________ Thanks, Sue
Just to jump in quickly to answer one of your many earlier questions: @eibgrad is far more up-to-date and expert on setting up dd-wrt's OpenVPN client than ExpressVPN is. VPN providers almost always post instructions that are a few years old, so they have missed out on a great deal of evolution in dd-wrt and even in OpenVPN. VPN providers' instructions should always be considered suspect.
Yes, i could tell as their idiots guide was missing settings which i have in the DD-WRT software which has left me with outstanding questions on the settings which they didnt cover also but no one has answered here either so not sure if anyone here knows maybe. _________________ Thanks, Sue
Joined: 18 Mar 2014 Posts: 12837 Location: Netherlands
Posted: Sat Apr 10, 2021 12:32 Post subject:
sue wrote:
SurprisedItWorks wrote:
Just to jump in quickly to answer one of your many earlier questions: @eibgrad is far more up-to-date and expert on setting up dd-wrt's OpenVPN client than ExpressVPN is. VPN providers almost always post instructions that are a few years old, so they have missed out on a great deal of evolution in dd-wrt and even in OpenVPN. VPN providers' instructions should always be considered suspect.
Yes, i could tell as their idiots guide was missing settings which i have in the DD-WRT software which has left me with outstanding questions on the settings which they didnt cover also but no one has answered here either so not sure if anyone here knows maybe.
That is only for the paid version, I think you did not pay anything for this software?
Oh and @eibgrad (and others) knows everything about OpenVPN but as there are different providers and different needs there is no one size fits all and no we do not make house calls to set things up to your individual liking and giving you a master class of the ins and outs of all the settings.
But the information is available for free if you search the forum
Just to jump in quickly to answer one of your many earlier questions: @eibgrad is far more up-to-date and expert on setting up dd-wrt's OpenVPN client than ExpressVPN is. VPN providers almost always post instructions that are a few years old, so they have missed out on a great deal of evolution in dd-wrt and even in OpenVPN. VPN providers' instructions should always be considered suspect.
Yes, i could tell as their idiots guide was missing settings which i have in the DD-WRT software which has left me with outstanding questions on the settings which they didnt cover also but no one has answered here either so not sure if anyone here knows maybe.
That is only for the paid version, I think you did not pay anything for this software?
Oh and @eibgrad (and others) knows everything about OpenVPN but as there are different providers and different needs there is no one size fits all and no we do not make house calls to set things up to your individual liking and giving you a master class of the ins and outs of all the settings.
But the information is available for free if you search the forum
The one you are paying is your provider so ask them instead of us for better support.
I understand even less from your last message unfortunately.
I have dd-wrt issues not VPN providing services issues hence thought dd-wrt was the most appropriate place to seek answers about dd-wrt settings being correct as i have issues.
I dont need any master class in anything, i just need to know how to get my dd-wrt thingy working which it doesn't seem to be.
I did read up on here a lot to layout as much info as possible for the best chance of good help, so i spent hours in doing so but dont feel that has achieved anything productive thus-far.
Not sure what you mean about payment, i pay for the Expressvpn subscription if thats what you mean. _________________ Thanks, Sue
as far those are up to date, lots of info how to...
the other helpful bit is forum search or google search and you add ddwrt at the end of your request...also, have a look at the help section on the router menu's, there is a small button/link help, it comes out with what router settings do mean... all the rest, you copy paste in google and read about what those settings do...that's how i started...
When look for help ...
1. expose your router model / current firmware
2. explain in details what you want to achieve, what you tried already...and show some pictures or details of your settings...
3. do not go messy and keep asking and complicate the things, as you will get lost...there is too much to learn...you can't just learn brain surgery in a one go...do you...just do one bit at the time...
clearly, if i read your first post, what do you want to achieve...to me is a slightly messy...if your goal is to set up express VPN on the router side/client...follow eibgrad advise...
Don't get lost with questions..he provides a pic of his settings and this is the best you can get...if its not working its up to something else...
as far as the standard set up, it most of the time it comes pre set up after reset it just needs some minor tweaks for a standard user...gateway/AP also your router is a Marvell based, so more help at https://forum.dd-wrt.com/phpBB2/viewforum.php?f=58 _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913