In this tutorial, we will show you how you can easily setup OpenVPN on any Padavan firmware. It is important to follow the step-by-step guide below to ensure that the OpenVPN configuration process is carried out properly. Scroll down for more details.
Configuring OpenVPN on Padavan Router Manually
Follow the steps below to successfully setup OpenVPN on your Padavan router:
1- Log into your Padavan router, and then head over to VPN Client.
2- From the VPN Client window, go to Settings tab.
3- Choose Enable VPN client, and then fill in the required information in the specified fields as follows:
Remote VPN Server (IP or DNS host): insert the hostname of the VPN server you want to connect to.
Login: insert your VPN username.
Password: insert your VPN password.
OpenVPN Extended configuration:
remote-cert-tls server
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping-timer-rem
reneg-sec 0
# log /tmp/vpn.log
### Syslog verbose level
verb 3
mute 10
4- Click on Apply, and then choose OpenVPN Certificates & Keys.
5- In the ca.crt field copy your VPN’s server’s CA certificate into ca.crt field, and then leave the ta.key field blank.
6- Once you are connected to the VPN service, make sure to make the changes you make permanent. There are three different ways to do so:
- You can run this command: mtd_storage.sh save
- Go to Advanced Settings, and then click on Administration, then click on Settings and hit “Commit” located on the right of “Commit Internal Storage to Flash Memory Now“.
- Restart your Padavan router (hit the Reboot button located next to the Logout button).
7- It is better to edit the contents of “Run the Script After Connected/Disconnected to VPN Server” in order to avoid any leakage in traffic in case your VPN connection drops:
peer_lan=”192.168.9.0″
peer_msk=”255.255.255.0″
func_ipup()
{
if iptables -C FORWARD -j REJECT; then
iptables -D FORWARD -j REJECT
fi
return 0
}
unc_ipdown()
{
if (! iptables -C FORWARD -j REJECT); then
iptables -I FORWARD -j REJECT
fi
return 0
}
logger -t vpnc-script “$IFNAME $1″
case “$1″ in
up)
func_ipup
;;
down)
func_ipdown
;;
esac
You must block traffic as well until the tunnel is up. In order to do so, head over to Advanced Settings > Customization > Scripts , and then enter the following lines under “Run After Firewall Rules Restarted“:
if [ -z "$(ip a s tun0 | grep 'state UP')" ] && (! iptables -C FORWARD -j REJECT);
then
iptables -I FORWARD -j REJECT
fi
Congratulations! You have successfully setup OpenVPN on Padavan router, Good job!
