Posted: Tue Dec 10, 2024 3:15 Post subject: Router behind router as a VPN node only.
Hello,
I'm new to this topic and trying to learn about router flashing and whether I can use it in the way I want.
I have a SOHO network with three routers:
My main router is a Verizon G3100 made by Arcadyn Technologies. Its WAN port and coax port are connected to a fiber optic node, carrying Ethernet data for high-speed internet as well as MoCA-based DVR data. This primary router performs NAT, holds the single public IP on its WAN port, acts as a DHCP server, and serves as the primary wireless access point (WAP1). I do not want to modify the configuration of this router and prefer to leave it as is.
The other two routers are TP-Link Archer C1200 v3.0 models. Both act as wireless access points (WAP2 and WAP3) to extend Wi-Fi coverage and as 4-port Ethernet switches to connect devices at those spots. They do not run DHCP or NAT; they function in bridge mode and are connected to the main router via a gigabit switch. The entire internal LAN uses the 192.168.1.x range, with the main router at 192.168.1.1 as the gateway.
Now, I’ve signed up for a new VPN service, and the VPN provider supports Tomato or DD-WRT firmware. I would like to configure one of these routers (or possibly add a fourth router) as a dedicated VPN node in my LAN. My goal is to allow specific computers to use the VPN by simply changing their gateway IP settings to the VPN router.
Unfortunately, my TP-Link Archer C1200 (AC1200) v3.0 routers are not listed in the DD-WRT database, so using those doesn’t seem possible.
I also have three older routers:
Two Linksys WRT54G models (v1.1 and v3.1) and One Actiontec MI424WR Rev. 1.
These are all listed in the DD-WRT database.
My Questions:
Can I add a DD-WRT-flashed router to my LAN to act solely as a VPN gateway? I don’t need it to provide wireless or any other services—just a dedicated VPN gateway. Is this configuration possible?
Are any of those older routers (Linksys WRT54G or Actiontec MI424WR) capable of reliably running OpenVPN to act as a VPN gateway if dd-wrt flashed?
Joined: 18 Mar 2014 Posts: 13880 Location: Netherlands
Posted: Tue Dec 10, 2024 6:57 Post subject:
Quote:
My Questions:
Can I add a DD-WRT-flashed router to my LAN to act solely as a VPN gateway? I don’t need it to provide wireless or any other services—just a dedicated VPN gateway. Is this configuration possible?
Are any of those older routers (Linksys WRT54G or Actiontec MI424WR) capable of reliably running OpenVPN to act as a VPN gateway if dd-wrt flashed?
You can add a DDWRT router with VPN to your network and if you set the gateway of your client to this router they will use the VPN, alternatively clients connected directly to this VPN router can use the VPN without changing gateway.
You should use WireGuard as VPN instead of OpenVPN it is three times as fast and easier to setup check you provider, most good VPN providers support WireGuard but they have to support using it on a router (e.g. they must be able to send you a config you can easily import on your router).
Joined: 16 Jun 2006 Posts: 230 Location: Germany, BW
Posted: Thu Dec 12, 2024 16:06 Post subject: Re: Router behind router as a VPN node only.
newestbie wrote:
My Questions:
Can I add a DD-WRT-flashed router to my LAN to act solely as a VPN gateway? I don’t need it to provide wireless or any other services—just a dedicated VPN gateway. Is this configuration possible?
Yes you can.
newestbie wrote:
Are any of those older routers (Linksys WRT54G or Actiontec MI424WR) capable of reliably running OpenVPN to act as a VPN gateway if dd-wrt flashed?
At least no. It's working, but speed will be terrible slow.
I tried OpenVPN with ASUS RT-16N and RT-18N and Down- Upload is about 2-3 MB what is 15-25 Mbit.
For OpenVPN you need a CPU which can handle encyption like AES-NI. I bought cheap Micro-PCs like HP ProDesk 600 G2 Mini on eBay, installed X64-DD-WRT and it's working with full ISP-Speed.
