meta data for this page
  •  

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux:openwrt [2019/06/21 07:43] niziaklinux:openwrt [2021/03/05 14:09] (current) niziak
Line 1: Line 1:
 +====== OpenWRT ======
 +
 ====== First steps ====== ====== First steps ======
 To use SSH, first telnet to router and set root password. To use SSH, first telnet to router and set root password.
Line 48: Line 50:
 </file> </file>
  
-====== OpenVPN ====== 
  
-<code bash>opkg install openvpn-openssl luci-app-openvpn openvpn-easy-rsa</code> 
- 
-Enable incoming OpenVPN connections: 
- 
-<code bash> 
-uci add firewall rule 
-uci set firewall.@rule[-1]._name=openvpn 
-uci set firewall.@rule[-1].src=wan 
-uci set firewall.@rule[-1].target=ACCEPT 
-uci set firewall.@rule[-1].proto=udp 
-uci set firewall.@rule[-1].dest_port=1194 
-uci commit firewall 
- 
-echo "iptables -I OUTPUT -o tap+ -j ACCEPT" >> /etc/firewall.user 
-echo "iptables -I INPUT -i tap+ -j ACCEPT" >> /etc/firewall.user 
-echo "iptables -I FORWARD -o tap+ -j ACCEPT" >> /etc/firewall.user 
-echo "iptables -I FORWARD -i tap+ -j ACCEPT" >> /etc/firewall.user 
-</code> 
- 
-<code bash> 
-mkdir -o /etc/openvpn 
-uci set openvpn.uservpn=openvpn 
-uci set openvpn.uservpn.config=/etc/openvpn/user-vpn.conf 
-uci set openvpn.uservpn.enable=1 
-uci commit openvpn 
-</code> 
- 
-cat > /etc/openvpn/user-vpn.conf 
- 
-   port 1194 
-   proto udp 
-   dev tap0 
-   keepalive 10 120 
-   status /tmp/openvpn-status.log 
-   verb 3 
-   secret /etc/openvpn/secret.key 
- 
-Add VPN to local LAN bridge: 
- 
-<code bash> 
-cat > /etc/init.d/openvpn-bridge 
-#!/bin/sh /etc/rc.common 
-     
-    START=94 
-     
-    start() { 
-        openvpn --mktun --dev tap0 
-        brctl addif br-lan tap0 
-        ifconfig tap0 0.0.0.0 promisc up 
-    } 
-                                                                                                         
-    stop() { 
-        ifconfig tap0 0.0.0.0 down 
-        brctl delif br-lan tap0 
-        openvpn --rmtun --dev tap0 
-    } 
- 
- 
-chmod 755 /etc/init.d/openvpn-bridge  
-/etc/init.d/openvpn-bridge enable 
-/etc/init.d/openvpn-bridge start 
-</code> 
- 
-<code bash> 
-openvpn --genkey --secret /etc/openvpn/secret.key 
-</code> 
- 
-Start VPN: 
-<code bash> 
-/etc/init.d/openvpn enable 
-/etc/init.d/openvpn start 
-</code>