Connecting to VPN.sh in DD-WRT

darkblade

Hello all

I have been trying to connect my DD-WRT router to VPN.sh service fromt he past couple of days and finally managed to pull it off today.

I thought this script may be useful to someone who is trying to achieve the same.

1. Log in to the administrative interface of DD-WRT (usually http://192.168.1.1; Default Username: root; Default Password: admin)
2. Setup your internet connection normally as you would on a router
3. Go to Administration -> Commands
4. Modify this script as mentioned in-line
5. Paste the modified script into the Command textarea
6. Save it as a Startup Script
7. Reboot the router

Hope this helps.

VPNsh

Thanks for this, we're just in the process of getting full DD-WRT tutorials up on our website, but in the meantime I'm sure this will be of use to some people!

luckychang

@darkblade said:
Hello all

I have been trying to connect my DD-WRT router to VPN.sh service fromt he past couple of days and finally managed to pull it off today.

I thought this script may be useful to someone who is trying to achieve the same.

1. Log in to the administrative interface of DD-WRT (usually http://192.168.1.1; Default Username: root; Default Password: admin)
2. Setup your internet connection normally as you would on a router
3. Go to Administration -> Commands
4. Modify this script as mentioned in-line
5. Paste the modified script into the Command textarea
6. Save it as a Startup Script
7. Reboot the router

Hope this helps.

Can you explain how or where to get the CA.crt file from?

This is the script you've linked to.

Name: DD-WRT Startup script to connect to VPN.sh VPN service

Author: Yugandhar Veeramachaneni (www.capslocktrojan.com)

Date: 01/01/2015

Tested on: DD-WRT v24-sp2

Credits: Some part of the code reused from VyprVPN's script

!/bin/sh

USERNAME="Your VPN.sh Username"
PASSWORD="Your VPN.sh Password"
PROTOCOL="tcp"

Add - delete - edit servers. You can use multiple servers; Edit remote_server_ip and remote_port.

Usually, the port number is 443. Remote IP is the IP of the servers in various locations. Check your Client Area.

REMOTE_SERVERS="
remote remote_server_ip remote_port
"

CA_CRT='-----BEGIN CERTIFICATE-----
Paste the contents of CA.crt file here.
-----END CERTIFICATE-----'

Check if OpenVPN Client is disabled in the GUI. If not, disable it now.

OPVPNENABLE=nvram get openvpncl_enable | awk '$1 == "0" {print $1}'

if [ "$OPVPNENABLE" != 0 ]; then
nvram set openvpncl_enable=0
nvram commit
fi

sleep 10
mkdir /tmp/vpn; cd /tmp/vpn
echo -e "$USERNAME\n$PASSWORD" > auth.conf
echo "$CA_CRT" > ca.crt
echo "#!/bin/sh
iptables -t nat -I POSTROUTING -o tun0 -j MASQUERADE" > route-up.sh
echo "#!/bin/sh
iptables -t nat -D POSTROUTING -o tun0 -j MASQUERADE" > route-down.sh
chmod 644 ca.crt; chmod 600 auth.conf; chmod 700 route-up.sh route-down.sh
sleep 10
echo "client
auth-user-pass /tmp/vpn/auth.conf
management 127.0.0.1 5001
management-log-cache 50
dev tun
proto $PROTOCOL
comp-lzo adaptive
fast-io
script-security 2
mtu-disc yes
verb 3
mute 5
cipher bf-cbc
auth sha1
tun-mtu 1500
resolv-retry infinite
nobind
persist-key
persist-tun
log-append vpn.log
ca ca.crt
status-version 3
status status
daemon
$REMOTE_SERVERS" > vpn.conf
ln -s /tmp/vpn/vpn.log /tmp/vpn.log
ln -s /tmp/vpn/status /tmp/status
(killall openvpn; openvpn --config /tmp/vpn/vpn.conf --route-up /tmp/vpn/route-up.sh --down /tmp/vpn/route-down.sh) &
exit 0

This is where I am stuck at. "Paste the contents of CA.crt file here." I wasn't provided any CA.crt file from VPN.sh. Also their customer service is terrible cause it has been almost 3 days now I haven't heard back from them.