Here I show you how to use VPN tunnel with OpenWRT/LEDE.
I'm using NordVPN, but the steps are similar with other providers.
Install needed modules:
Download .ovpn configuration files. Then we modify all files to search username/password from file 'secret'.
Let's create this file, just put first line username, second line password. Nothing else, then save.
Configuring OpenVPN with chosen *.ovpn file. You can see diffrent server with 'ls' command.
Should look like this:
Make new network interface:
New network interface:
Make new firewall zone:
The zone should look like this:
Setup DNS for WAN, this will prevent DNS leak. Using Google DNS. (If you have modified mbim.sh remove lines that set operator DNS!!):
Start OpenVPN:
Should work like a plague:
I'm using NordVPN, but the steps are similar with other providers.
Install needed modules:
Code:
opkg update
opkg install libustream-openssl openvpn-openssl luci-app-openvpn unzipDownload .ovpn configuration files. Then we modify all files to search username/password from file 'secret'.
Code:
cd /etc/openvpn/
wget https://nordvpn.com/api/files/zip
unzip zip
sed -i -- 's/auth-user-pass/auth-user-pass secret/g' *.ovpnLet's create this file, just put first line username, second line password. Nothing else, then save.
Code:
nano secretConfiguring OpenVPN with chosen *.ovpn file. You can see diffrent server with 'ls' command.
Code:
uci set openvpn.nordvpn=openvpn
uci set openvpn.nordvpn.enabled='1'
uci set openvpn.nordvpn.config='/etc/openvpn/al1.nordvpn.com.tcp443.ovpn'
uci commit openvpn
cat /etc/config/openvpnShould look like this:
Code:
config openvpn 'nordvpn'
option enabled '1'
option config '/etc/openvpn/al1.nordvpn.com.tcp443.ovpn'
Code:
uci set network.nordvpntun=interface
uci set network.nordvpntun.proto='none'
uci set network.nordvpntunh.ifname='tun0'
uci commit network
cat /etc/config/networkNew network interface:
Code:
config interface 'nordvpntun'
option proto 'none'
option ifname 'tun0'
Code:
uci add firewall zone
uci set firewall.@zone[-1].name='vpnfirewall'
uci set firewall.@zone[-1].input='REJECT'
uci set firewall.@zone[-1].output='ACCEPT'
uci set firewall.@zone[-1].forward='REJECT'
uci set firewall.@zone[-1].masq='1'
uci set firewall.@zone[-1].mtu_fix='1'
uci add_list firewall.@zone[-1].network='nordvpntun'
uci add firewall forwarding
uci set firewall.@forwarding[-1].src='lan'
uci set firewall.@forwarding[-1].dest='vpnfirewall'
uci commit firewall
cat /etc/config/firewallThe zone should look like this:
Code:
config zone
option name 'vpnfirewall'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'nordvpntun'
config forwarding
option src 'lan'
option dest 'vpnfirewall'Setup DNS for WAN, this will prevent DNS leak. Using Google DNS. (If you have modified mbim.sh remove lines that set operator DNS!!):
Code:
uci set network.wan.peerdns='0'
uci del network.wan.dns
uci add_list network.wan.dns='8.8.8.8'
uci add_list network.wan.dns='8.8.4.4'
uci commitStart OpenVPN:
Code:
/etc/init.d/openvpn startShould work like a plague:
