Thursday, February 17, 2011

The Complete Noob Guide To Installing DD-WRT & 12vpn On An Asus RT-N16 router

Installing a VPN service can be challenging for many of us but the advantages of using a VPN service are well worth the pain it causes to make things work. First of all, using a VPN service makes your internet more secure than it already is by tunneling all traffic through an encrypted channel to the location of your VPN provider. From there, the traffic will be redirected to its intended destination. You will hence be free of geolocation restrictions and should you use your VPN service on a wifi hotspot your data will be safe.

So, let's assume you bought an Asus RT-N16 router (one of the most powerful yet moderately priced router out there) and want to configure your home network to use 12vpn. Make sure before and after every firmware upgrade that you reset your router using the 30-30-30 sequence (press the wps button for 30 secs while router is on, keep pressing and unplug it for 30 secs, keep pressing after plugging it back for another 30 secs). Now, here is my step-by-step guide:

1. Make sure you download all the necessary firmwares mentioned in step 1 before your connect your router to your computer through an Ethernet cable (as you will then lose Internet connectivity) on one of the 4 LAN ports.

2. Go to this blog and follow the instructions on how to flash the factory firmware with a different one. Instead of using the Tomato firmware, use the initial dd-wrt firmware located here (Otherwise go to: http://www.dd-wrt.com then Router Database then type Asus & choose Asus RT N-16 & Image for Initial Flashing). After following the steps in order to install this firmware, you should install the last firmware through the dd-wrt web interface (by logging in to http://192.168.1.1 and going to administration). Here is the location of the latest firmware: choose the "dd-wrt.v24-15962_NEWD-2_K2.6_mega.bin" firmware. Once you're done with that, you will need to login again to the newly flashed firmware administration web interface (http://192.168.1.1).

3. Start by disabling the firewall by changing the router password and going to Security->Firewall->Firewall Protection->SPI Firewall: Disable






Save and Apply.

4. Disable Wifi as it is activated and open by default




Save and Apply.

5. Configure LAN like this (don't update the WAN configuration yet):





Router IP:
Local IP Address: 192.168.0.210
Subnet Mask: 255.255.255.0
Gateway: 192.168.0.1 (This is your DSL or Cable router address, change it accordingly)
Local DNS: 0.0.0.0

DHCP Server: Disable


Save and Apply.


In this example, I'm using 192.168.0.210 as the url to access the router assuming your DSL or Cable router address can by accessed at http://192.168.0.1. In case your DSL or Cable router has a 192.168.1.1 address in order to access it then you should change all 192.168.0.xxx addresses in my configuration example to 192.168.1.xxx addresses.
I'm using a xxx.xxx.xxx.210 address assuming it is not already taken by another device on your home network. It can basically be any non already used address but if you have a DHCP server running I suggest an address close to xxx.xxx.xxx.200 to make sure it won't be attributed by the router to another device.

6. Disconnect the router from your computer and connect it through Ethernet on one of its LAN ports to your DSL or Cable Router. You will now be able to access the configuration of your dd-wrt router through your home network by entering http://192.168.0.210 in your browser.

7. Configure WAN as in the last screen capture.

WAN Connection type: Static IP
Wan IP Address: 192.168.0.200 (not the same address than 192.168.0.210)
Subnet Mask: 255.255.255.0
Gateway: 192.168.0.1 ((This is your DSL or Cable router address, change it accordingly)
Static DNS 1: 8.8.8.8 (Google DNS for better performance)
Static DNS 2: 8.8.4.4 (Google DNS for better performance)
Static DNS 3: 0.0.0.0
STP: Disable


Save and Apply.



8. Go to the Services tab and OpenVPN:








Start OpenVPN Client: Enable
Server IP/Name:     CHECK 12vpn.com to choose the server you want to use
Port: 1194
Tunnel Protocol: UDP
Tunnel Device: TUN
Encryption Cipher: Blowfish CBC
Hash Algorithm: SHA1
Use LZO Compression: Enable
nsCertType verification: ticked
Advanced Options: Enable
Enable NAT: Enable
Bridge Tap to br0: Disable
TUN MTU Setting: 1500
Mss-Fix/Fragment accross the tunnel: 1300
TLS Cipher: OFF
TLS Auth Key: Leave Blank (other configurations might require ta.key)
Additional Config: Leave Blank

CA Cert: copy & paste ca-vpnservices.cer
Public Client Cert: copy & paste vpnxxxxx.crt2.pem
Public Client Key: copy & paste vpnxxxxx.key2.pem

(For certificates copy & paste between BEGIN and END)

9. Connect an additional Ethernet cable from your DSL or cable router to the WAN port of your Asus router

10. Configure any of your home computers, consoles or Apple TVs like this in order to use the VPN connection:

Static IP
ip : 192.168.0.2xx  (use an unused address for each device)
subnet mask : 255.255.255.0
gateway router address : 192.168.0.210  (this is the Asus router address)
DNS address : 192.168.0.210 (sometimes 8.8.8.8 might work better notably with an Apple TV)


11. If you don't want to use the DD-WRT VPN then configure your computers to use the DHCP server (automatic default configuration) from your DSL or Cable router and your connection will be exactly the same it was without any VPN service or Asus router. You can also switch back and forth according to your needs.

12. You might want to automatically reboot the router everyday to ensure continuous connectivity.

The added beauty of 12vpn is that they allow simultaneous connections from your home router and an iDevice (iPhone, iPad, iPod Touch) using IPSEC/L2TP. This means you can be connected at home and also from a wifi hotspot or 3G connection on your iDevice. The configuration on an iDevice is straightforward by following the steps mentioned on the 12vpn website.


Voila! Enjoy it!





12 comments:

FAsh10npr1nc3ss said...

Excellent Information. Did you know that 24 hours a day you can have access to excellent customer service courtesy of DISH Network? You can! DISH Network is still the lowest digital pricing offered for television services in the nation. DISH outpaces cable providers everywhere. Dish.com for more information, don't take my word for it because I work for DISH. Take my word for it because I am a subscriber.

ushisama said...

The binaries with e2k-e3k are not for RT-N16.
These never work with RT-N16.

fr8d said...

Oops! You are right ushisama. Sorry for the typo. I've corrected it.

ushisama said...

fr8d,

Thanks for correction. Have you tried TomatoUSB for 12vpn? I prefer tomato for its stability but no luck yet.

fr8d said...

Well I couldn't get a stable connection with TomatoVPN. It would crash every 30 mns. A friend of mine, however, isn't experiencing this problem and he's using the same settings in TomatoVPN (with 12vpn as well)...

Anonymous said...

You should try DebWrt if you're feeling adventurous, full debian linux on the rt-n16 http://dev.debwrt.net/wiki/AsusRT-N16

Anonymous said...

I got through step 5 and now find my router inaccesible. Any idea what might have gone wrong? I tried resetting DD-WRT to defaults, but it doesn't seem to be working.

Free Antivirus Download said...

i know vpn but what is DD-WRT is it like the vpn? free antivirus download

Anonymous said...

Thanks for installation guide.
It works cool.
top10-bestvpn.com

Unknown said...

Thank you.Good installation guide and manual for VPN connection between router.
Great post.
http://10webhostingservice.com/

alfred03white said...

Quite useful information. Thanks for sharing. I think everyone nowadays uses VPN but it is important to pick a right service. I was seeking a good service and found hidemyass pro vpn review and would like to purchase their subscription. Hope it works well for me.

Sawyer said...

Awesome article regarding VPN configuration on Router try Fastest VPN Service on your Router and surf safely.