Today I set up a second wired+wireless network in my home – this one running a secure VPN (provided by StrongVPN).
What follows is my setup experience, and some links that were helpful to me. YMMV.
Firstly I had to install the DD-WRT firmware. This is an open source firmware that runs on a bunch of routers (I chose the router specifically because I learnt it was capable of running this firmware well). Make sure you check before you buy.
Following the steps here worked fine (on OS X). Apparently you have to get the timing just right, I managed to get it to flash on the first attempt. Now that DD-WRT is installed, I can easily re-flash the device with my desired version of DD-WRT (in my case, the vpn build) from the web interface.
My first crack at setting up the VPN failed (using the latest vpn version from here), I think because I had too little available flash memory (they say you need 5.5kb and I didn’t).. The helpful folks at StrongVPN linked me to this version to try, which worked a treat (after following the StrongVPN setup instructions to the letter). StrongVPN is not only a great service, but they actually officially support DD-WRT, provide a single shell script which you run on the device to install it, and can even provide live troubleshooting help. wow.
$ scp ovpn???_ddwrt.sh firstname.lastname@example.org:/tmp/ $ ssh -l root 192.168.11.1 # once you're connected... $ sh /tmp/ovpn???_ddwrt.sh # which should output something like "size: 27011 bytes (5757 left)" $ reboot
First troubleshooting tip: make sure you can actually connect to the VPN using your computer (via the router’s network) before you try to debug it on the router. If you can’t connect from your PC then what hope does your router have?
If you’re uncomfortable working in a bash shell with ssh/scp tools, then these steps may be pretty difficult for you. Otherwise it’s not that hard.
So now I have two networks to pick from my devices which is handy. Previously the VPN would only work on my laptop, whereas now I can use it on all devices, and also switch rapidly when needed.
WHR-HP-G54 is a damn fine piece of hardware (even if you don’t need DD-WRT). I recognise it from the awesome Ace Inn Shinjuku hostel which had one on every floor, and I’ve seen the distinctive default SSID network names around (they assign a random one, not a stupid one like ‘dlink’).
Starting and stopping:
killall openvpn sleep 10 openvpn --daemon --config /tmp/ovpn/ovpn.conf