Personally I have not use such service provider nor have that router. The service provider I use is HideMyAss with a Linksys E1200 Build 18946 Small-OpenVPN. But regardless of the service provider and router, my intention is not to promote any service or router. Rather, allow me to show how I configured my DDWRT router to work with such service provider. The configuration may be similar to your service provider and you may just need to tweak it a little bit.
I hope the configuration will be similar and that this might help you.
thanks. Your service seems to use a different authentication method. PIA only has you set the CA.CRT
By the way, how did you copy/paste the certificates into DD-WRT. The CA.CRT file gets extra "newlines" added when I use notepad. I don't know if this alters the certificate or not.
I think I will do full restore to OEM firmware and try again. A thread on another router says that this arcane step is required.
thanks. Your service seems to use a different authentication method. PIA only has you set the CA.CRT
By the way, how did you copy/paste the certificates into DD-WRT. The CA.CRT file gets extra "newlines" added when I use notepad. I don't know if this alters the certificate or not.
I think I will do full restore to OEM firmware and try again. A thread on another router says that this arcane step is required.
To copy the CRT file I used textpad. It's a free program and hanldes properly the newline and carriage return special characters.
Another difference that I don't know if might be affecting you is that my config does not have this:
Posted: Sun Jun 02, 2013 11:51 Post subject: Re: Help: Private Internet Access openVPN - D-Link - DIR-632
esamett wrote:
[Moved from main Atheros Thread - Sorry for mistake]
I have been trying for over a month to getting PIA openVPN to work. I have tried a couple DD-WRT builds. Router works fine as standard router. PIA tech support has been unsuccessful in working with me. I tried a custom script they sent me and their posted technique of filling in VPN fields via GUI- both unsuccessful. One technician told me that copy/paste doesn't work from Windows for entering the CA.CRT file. I have noticed that the CA.CRT has extra line breaks the original file does not have when I copy/paste. Running a configuration script via SSH did not yield a working VPN.
There was as recent post on the Atheros Thread about having success with "VPN" using a certain DD-WRT build but no details were revealed. Google has not revealed much to me about openVPN and my router.
Please post here if anybody has openVPN working on their DIR-632, particularly if they use the Private Internet Access VPN service. Perhaps you could post the EXACT technique and build that worked for you. A Configuration Backup file from the router would also be useful - please redact your login / password.
Thanks.
Hi there,
I managed to get it working after hours of googling however I can't find the link so I'll just copy/paste my startup script.
First in Services->VPN enable openVPN Server/Daemon, startup type - System and Config as - Daemon. The create a startup script in Administration-> Commands, just paste your own user/pass and change the server to your choice (mine is "nl.privateinternetaccess.com" )
Posted: Sun Jun 02, 2013 15:48 Post subject: Which DD-WRT build?
Your reply is greatly appreciated. Can you direct me to the firmware build you succeeded with? I have read that some people have had to try many builds before finding one that works. They do no know why.
Posted: Mon Jun 10, 2013 19:34 Post subject: Re: Help: Private Internet Access openVPN - D-Link - DIR-632
esamett wrote:
[Moved from main Atheros Thread - Sorry for mistake]
I have been trying for over a month to getting PIA openVPN to work. I have tried a couple DD-WRT builds. Router works fine as standard router. PIA tech support has been unsuccessful in working with me. I tried a custom script they sent me and their posted technique of filling in VPN fields via GUI- both unsuccessful. One technician told me that copy/paste doesn't work from Windows for entering the CA.CRT file. I have noticed that the CA.CRT has extra line breaks the original file does not have when I copy/paste. Running a configuration script via SSH did not yield a working VPN.
There was as recent post on the Atheros Thread about having success with "VPN" using a certain DD-WRT build but no details were revealed. Google has not revealed much to me about openVPN and my router.
Please post here if anybody has openVPN working on their DIR-632, particularly if they use the Private Internet Access VPN service. Perhaps you could post the EXACT technique and build that worked for you. A Configuration Backup file from the router would also be useful - please redact your login / password.
Thanks.
I was trying to get this to work today myself.The instructions from Private Internet Access don't work for me either. I read their forums and one of their user's came up with a solution that works for me however it cuts my upload & down speeds to less than half even when I change to the nearest location. see link below.
I upgraded to the latest dd-wrt firmware (r21676) and was about to get it working with the regular PIA instructions. Speeds are about what they should be for using the VPN, there is a loss.... I run it for a while and see how it goes
DD-WRT: VPN OpenVPN Setup
Access the Administration area and then go to Commands and finally Startup.
Enter the following:
echo username >> /tmp/password.txt
echo password >> /tmp/password.txt
/usr/bin/killall openvpn
/usr/sbin/openvpn --config /tmp/openvpncl/openvpn.conf --route-up /tmp/openvpncl/route-up.sh --down-pre /tmp/openvpncl/route-down.sh --daemon
Access the VPN tab found under the Services section.
Enable the OpenVPN Client.
Set the Server IP/name to us-east.privateinternetaccess.com [*].
Set the Port to 1194.
Set the Tunnel Device to TUN.
Set the Tunnel Protocol to UDP.
Set the Encryption Cipher to Blowfish CBC (Default).
Set the Hash Algorithm to SHA1.
Set the nsCertType to unchecked.
Set the Advanced Options to Enabled.
Set Use LZO Compression to Enable.
Set NAT to Enable.
In the Additional Config enter the following:
auth-user-pass /tmp/password.txt
persist-key
persist-tun
tls-client
remote-cert-tls server
Copy and paste the contents of ca.crt found in our OpenVPN Config Files, into the CA cert field.
Posted: Tue Apr 15, 2014 8:37 Post subject: Re: Help: Private Internet Access openVPN - D-Link - DIR-632
JBeard wrote:
Hi there,
I managed to get it working after hours of googling however I can't find the link so I'll just copy/paste my startup script.
First in Services->VPN enable openVPN Server/Daemon, startup type - System and Config as - Daemon. The create a startup script in Administration-> Commands, just paste your own user/pass and change the server to your choice (mine is "nl.privateinternetaccess.com" )
Nice one JBeard this is working for me too!
WRT54GS V1.1 - DD-WRT v24-sp2 (10/10/09) vpn
Services->VPN
enable openVPN Daemon,
Startup type - System
Config as - Daemon (I didn't have this option)
Hi, I have the same problem and I can read that it´s been solved with JBeard comment, but i´m a bit amateur and i´d like to know if someone can explain the excat way to make work PIA VPN on a router, I can see the info from JBeard is the right one I can copy paste some of the info but some i don´t understand where to change it, Please help!!!
Posted: Tue Apr 29, 2014 8:18 Post subject: Re: Help: Private Internet Access openVPN - D-Link - DIR-632
esamett wrote:
Please post here if anybody has openVPN working on their DIR-632, particularly if they use the Private Internet Access VPN service. Perhaps you could post the EXACT technique and build that worked for you. A Configuration Backup file from the router would also be useful - please redact your login / password.
Thanks.
I suspect your problem may lie in your DHCP and/or dnsmasq settings. The reason I say this is I have PIA working very well per the instructions on their web site (not using the script) and the problem I had initially was around dnsmasq settings. Might I suggest that you review them.
yeah "05dyna" give the better information with resources "https://www.privateinternetaccess.com/forum/index.php?p=/discussion/345/setting-up-dd-wrt-openvpn-client-/p1 "
But if any one of you still facing any issue to setup openvpn or configure pia with openvpn then i will suggest them to ask from PIA support team for getting the solid result.
However further more it is better to read detail review of PIA VPN specially for those who have no idea about PIA VPN services
I am looking for similar assistance and have done quite of bit of research but not quite able to get this working.
I have a netgear r7500v2 running the Kong build from 4-4.
I have tried the tutorials, PIA site and also startup script methods but havent quite found a solution.
Has anyone been successful with OpenVPN PIA with r7500v2 or 7800?
Any help is appreciated.
Code:
Log
Serverlog:
Clientlog:
19691231 16:00:13 W WARNING: file '/tmp/openvpncl/credentials' is group or others accessible
19691231 16:00:13 I OpenVPN 2.4.0 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Apr 4 2017
19691231 16:00:13 I library versions: OpenSSL 1.0.2h 3 May 2016 LZO 2.09
19691231 16:00:13 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16
19691231 16:00:13 W WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
19691231 16:00:13 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19691231 16:00:18 N RESOLVE: Cannot resolve host address: us-california.privateinternetaccess.com:1198 (Try again)
19691231 16:00:23 N RESOLVE: Cannot resolve host address: us-california.privateinternetaccess.com:1198 (Try again)
19691231 16:00:23 W Could not determine IPv4/IPv6 protocol
19691231 16:00:23 I SIGUSR1[soft init_instance] received process restarting
19691231 16:00:23 Restart pause 5 second(s)
19691231 16:00:28 W WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
19691231 16:00:28 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19691231 16:00:33 N RESOLVE: Cannot resolve host address: us-california.privateinternetaccess.com:1198 (Try again)
19691231 16:00:38 N RESOLVE: Cannot resolve host address: us-california.privateinternetaccess.com:1198 (Try again)
19691231 16:00:38 W Could not determine IPv4/IPv6 protocol
19691231 16:00:38 I SIGUSR1[soft init_instance] received process restarting
19691231 16:00:38 Restart pause 5 second(s)
19691231 16:00:43 W WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
19691231 16:00:43 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
19691231 16:00:48 N RESOLVE: Cannot resolve host address: us-california.privateinternetaccess.com:1198 (Try again)
19691231 16:00:53 N RESOLVE: Cannot resolve host address: us-california.privateinternetaccess.com:1198 (Try again)
19691231 16:00:53 W Could not determine IPv4/IPv6 protocol
19691231 16:00:53 I SIGUSR1[soft init_instance] received process restarting
19691231 16:00:53 Restart pause 5 second(s)
19691231 16:00:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19691231 16:00:53 D MANAGEMENT: CMD 'state'
19691231 16:00:53 MANAGEMENT: Client disconnected
19691231 16:00:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19691231 16:00:53 D MANAGEMENT: CMD 'state'
19691231 16:00:53 MANAGEMENT: Client disconnected
19691231 16:00:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19691231 16:00:53 D MANAGEMENT: CMD 'state'
19691231 16:00:53 MANAGEMENT: Client disconnected
19691231 16:00:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19691231 16:00:53 D MANAGEMENT: CMD 'status 2'
19691231 16:00:53 MANAGEMENT: Client disconnected
19691231 16:00:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
19691231 16:00:53 D MANAGEMENT: CMD 'log 500'
19691231 16:00:00