can anyone tell me how i might set up dd-wrt on a wrt54g using its built it pptp client to connect to purevpn?

I have one connected to my home lan expressly for this purpose, in order to serve a few devices that need to connect via a vpn to the UK and US.

i found instruction on strongvpn for their service but am not able to post the URL on this forum until I have 10 posts apparently!

thanks

further to this, here is my setup:

I have a DSL connections with a router (wrt54G running tomato) acting as my primary router. The lan side interface is 192.168.1.1

there are a number of devices on this lan

I also have another router (wrt54G running dd-wrt) connected via the switch ports to this same lan (NOT using the WAN port on router 2... it is disabled)

So, all devices connected to switch ports on either router will be on a switched network and all will receive a 192.168.1.x address from router 1

on router 2 I have enabled pptp and wish to have that connect to the UK via purevpn so that I can use my Xbox (running XBMC) to access UK content

I have seen that this configuration is working on other VPN providers. I would appear that one would jsut need to configure the devices that wnat UK access to use the second router as their default gateway (192.168.1.2 instead of 1.1)

theoretically this allows devices on the same physical lan to be easily configured to use either my local ip address or tunnelled to the UK.

at the moment i seem to have the VPN connecting (no encryption?) but am not able to get it to pick up the traffic and forward it out the VPN connection by default.

anyone got something liek this working?

in answer to my own question (in hope that it may help someone else)

I did get this working simply by using the standard account information for a pptp vpn and using the network address of the default route found when i ran ipconfig /all at a command line.

once the pptp connection was up i told dd-wrt to change the default route to using the ppp0 connection (the vpn)

here are the commands (I did it via telnet, but it also works via the gui)

route add -host 78.129.202.33 gw 192.168.1.1
route del default
route add default dev ppp0


(for host use address of vpn gateway... various depending on the geography you are trying to reach)


now i just have to tell any machine that wants to use the vpn connection to use the router with the vpn connection as its default gateway.

it works fine from both an xp machine and xbox

:D

can you tell me exactly what you entered in the vpn client boxes?

is router 2 really connected switch to switch and not through the wan port?

sure, under the pptp tab (under services) I enabled the pptp client and entered the following

server ip 78.129.202.33 (for the uk vpn... i've not yet set up the us one)
remote subnet 192.168.108.30
netmask 255.255.255.0
mppe encryption : empty (I don;t need encryption for my needs here )

MTU/MRU default at 1450
NAT enable

username and password per your own purevpn account

the only tricky bit so far was figuring out the subnet on the other side of the vpn server, but that is available from a telnet session into the box, or more easily by looking at the IP address you get with a vpn client on a PC/Mac/Linux box

have a look at the strongvpn link as it seems pretty good and is where I started.

ideally i want to figure out how to use the SES button on the router to run a script to switch between 2 VPN's and a directly routed solution.


hope that helps

No help at all. It simply does not work. Goodbye PureVPN:(

purvpn works fine for me (on a router, a linux machine and an XP box.. have not tried a mac )

.... but you do need to tell dd-wrt to set up the default route and pass all the traffic via the vpn (in windows that happens automatically when you open a vpn in order to make it easier for users... a router assumes less)

to do that i set up a script that runs on boot. it looks like this

route add -host 78.129.202.33 gw 192.168.1.1
route del default
route add default dev ppp0

in my setup, this adds an entry that makes sure that the router has a route to the VPN host via my internet connection (another router at 192.168.1.1)
then it removes the old default route and tells the router to send all traffic that comes via this router to the VPN

then all i need to do is configure device to use my second router (at 192.168.1.2) as the default route

hope that helps (and if someone else reading this has better advice or methods, please help out... I'm no expert)

is the 2nd router connected parallel (switched)?

the second router is simply switched on my home lan.

the WAN port on router 2 is not connected at all (although if i need the port on the lan I think i can use it simply as a switch port using the vlan settings)

so all devices are on one switched network and the second router just sits on that network as 192.168.1.2

i then jsut tell any device that i wnat to use the VPN to use 192.168.1.2 as its default gateway instead of 192.168.1.1 and the data will then travel through the vpn via router 2

sorry if i am not explaining this well

So in windows, where do I tell it to use router 2?

i'm not 100% sure since i use a little app called netsetman but here goes

option 1
under the control panel or network connections
right click on the connection you want to use router 2
click on internet protocol, then press the properties button
click on advanced under default gateways and add the second routers address there.
however, i think you would need to set up the metrics so that the vpn is preferred in this case...


or i prefer this one
under general ip settings.. use a fixed ip address and just put the default gateway in there.. then there is no confusion

OR download and use netsetman ;)

btw, all of the dd-wrt stuff is linux so anything to do with linux and iptables etc is relevant... just over my head. you can do much more forma command line than from the web interface

what are the dns servers and do you use the fire wall scripts as mentioned in strong vpn BBS?

F&^% it, this simply does not work at all.

Thanks for nothing!

wow

try being a bit more polite after someone spent a great deal of time trying to help you!

with the internet resources to hand i got it working in perhaps half an hour. if you have the same hardware and firmware you need to ask yourself what has most likely gone wrong.

I'm not a support person, just a customer like you who worked hard to get a solution going and was willing to share.

purevpn is perhaps better off without you

for the record for future readers of this thread, I simply used my own internet gateway (192.168.1.1) as the dns, however support from purevpn gave me the following information



1)Under Server IP or DNS name enter this IP address:78.129.202.33 of UK VPN server

2) Use default installation which makes encryption optional,

3)in the Setup/Basic Setup
Under Network Address Server Settings (DHCP)
Set Static DNS 1 to: 87.117.146.200
Set Static DNS 2 to: 87.117.198.200

why would you enter the dns in dhcp when you are not using the routers dhcp?

yep, pure vpn is better without me...using a dd-wrt router as a client simple does not work, as it did not work with strong vpn either.

Ok I apoligize, I messed around with some settings and now it works! I will post detailed instructions soon, and thanks en1gma, I'm sorry I doubted you!

Pure VPN Rocks!!!!!!

Hi, good to read about all the great info on setting up a VPN router.
I have a Linksys BEFVP41 wired router with a 4port switch.
I'm planning on adding this behind my current router, Dlink DIR655.
I've got the BEFVP41 hooked up from the WAN port to the DIR655's port 3.
I've set up the Linksys to have its own IP in a different range, ie. xxx.xxx.100.1
The main router starts at xxx.xxx.25.1.
I've also defined max of 2 clients that can connect to the VPN router, so 100.100 and 100.101.

On this Linksys VPN router, in the setup, I want to use L2TP and have entered the PureVPN info for my account and the German IP.
Unfortunately, I can't get it to connect. Do I also need to specify the details of the VPN Tunnel. This Linksys has a tab on the web admin that allows you to enter the VPN Tunnel info. This would require you to know the sub net of the remote VPN server, which I can get by connecting with my shortcut to the VPN server on my XP laptop.

Am I missing anything?

Thanks :D

I'm afraid i am not the ideal person to help as I'm not really up to speed on all this... i just wanted to get my xbox working with the BBC for the kids ;)

also, my network differs from yours in that I have the VPN router on the same switched network and subnet (192.168.1.0) so I do not have the multiple NAT and DHCP issues etc.

that said, I don;t see why yours would not work. Have you looked at the strongvpn forum link ? there is quite a bit more there.

I also recently discovered that I could simply put 0.0.0.0 in for the subnet and mask in dd-wrt and it works. i presume that this is because, unlike a normal corporate LAN, the router does not route only part of the traffic only to a subnet. all my traffic to that router goes out the default route which is ppp0 (the vpn).

have you set a default route on the linksys? or does it automatically default to using the vpn if one is connected (windows does this.. but ideally a router shouldn't..which is why the subnet is needed for it to decide which way to send traffic)

also, I presume that your devices don't share a physical LAN ... i.e the ones that you wnat to use the VPN are connected directly to the linksys box? otherwise you will have two dhcp servers running and no way to tell which address a device gets.

I an not running any encryption on mine.. just pptp... so it might be an option for you to test that first in case it is an encryption negotiation thing stopping you. (the wrt54G is not that powerful and encryption is quite a load but your BEFVP41 is designed for that...

good luck and please post your solution when you get it working

Hi, I did a live chat with a Linksys tech support person and basically they told me that the BEFVP41 has no way of automating a VPN login with uid/pwd.

Here's a condensed version:
(22186): "LAN to LAN connection will not allow the BEFVP41 router to connect to a VPN server since it is only acting as a switch. [07:22:58 PM]"

(22186): "The VPN connection can be established if you have another VPN router also on the other end/ [07:31:45 PM]
In that way, you can have a VPN tunnel set up. [07:31:57 PM]

Me: ok, so there's no way to have an automated VPN login using a username/pwd [07:34:03 PM]

(22186): No. [07:34:35 PM]

So, maybe I should get a cheap, Linksys WRT54GL with dd-wrt firmware?
I was looking at a Dlink DIR 625 but it looks like it has the same options as the BEFVP41 as far as PPTP / L2TP only in the Internet connection setup.
Remember, my main router (internet connection) is either a WRT54G or a Dlink DIR 655. I want to use this 2nd router for devices that need the VPN UK/US/DE donnections.

Help...:confused:

wow.. thats strange... it is a box designed expressly for connecting a remote netowrk to a VPN core (and also multi sites since it will do up to 50 tunnels)
I would have though what you are trying to do would be very simple for it!

Does it do PPTP?
I had a quick look online and found someplace where it indicated that the linksys will not do the PPTP or L2TP
purevpn indicates it does L2TP +IPSEC ... but not if they other other ipsec options that might support your router (probably not!)

I think the dlink only does vpn passthrough... you actually need the client support in there.

(wow... all this stuff takes me back a LONG way....)

the second point linksys mention IS exactly what you are doing... there IS a VPN server at the other end.

I highly recommend the wrt54G(L) route.... I use two of them... main one running Tomato and the VPN one running dd-wrt since Tomato doens't provide the vpn client... you can also go openwrt.
the nice thing is there is a big community online and lots of amassed knowledge (and af lest we know one (mine) works doing what you want)
note however that performance on the wrt54g is not that great if you need encryption or are running it at high bandwidth. I don;t need the BBC encrypted so am happy with PPTP with no encryption.

I think there are some routers that are good with dd-wrt or tomato that are more powerful... ASUS and Buffalo come to mind

I think the buffalo WHR-HP-G54 was one of the better choices and runs both Tomato and DD-WRT


hope that helps

:D\

since I think I have enough forum posts to post a link
(with apologies to purevpn as it is one of their competitors forums... but is the best source I have found)

Here is what I have been working with:
http://www.strongvpn.com/forum/viewtopic.php?id=153

however I can not get the configuration working with their firewall script.
Anyone out there a code/script guru who could gov over the firewall scrtip and alter the instructions to work with purevpn?

I have tried the script method and can get the vpn to connect but no traffic is routed.

so I've gone back to my startup script as per this thread but it seems to be unreliable lately.

Well, I finally went out and got me a WRT54GL and my problems were solved.
Thanks en1gma for all your help!
I basically followed the guide from strongvpn including the startup cmd script.
I didn't put in the firewall script.
I basically have my Dlink DIR655 as the internet router and the WRT54GL as the client router. That was the trick. Also, disabling DHCP on the client router.
I also left, as per your suggestion, the remote sub net and remote sub net mask blank and was finally able to get a connection. So, using NetSetMan, I was able to override my gateway to the gateway address of the WRT54GL and connect to port 2, opened a browser, went to the whatsmyip page and voila...UK IP!

Next is to try encryption...anyone done that yet or maybe I should post it as a ticket to support.

THanks again :D:D

Next I would like to

congratulations dtvnewbie.

did you use the iptables command from the strongvpn forums in your script?
what kind of throughput have you been getting?

did you leave the wrt54g on the same physcial lan or put the devices using the vpn behind the wrt on a new lan segment (192.168.2.x?) (re-examining your comments above it looks like they are all on the same switched lan?)

lately my own setup has not been working too well and has been dropping connections while watching the bbc and the throughput was much worse than via the software vpn client on XP.
without encryption the wrt hardware should easily fill my 5meg dsl line but ti doesn;t and the cpu is hardly about 10% either...

so I'm trying to figure a way to fine tune it .

I have not had any luck with the firewall script, but I'm fairly sure that is because of the subnet settings. strongvpn assigns a static IP address (a real IPV4 one I think) so that makes the setup slightly different.

I had a quick look at the iptables command and found it to be HUGELY complex so I'm certianly not in a position to mess with things further.
I did ask the nice people at purevpn to take a look at the script if they could as if would be a good solution for them to offer to people who want a hardware solution.

do let me know if it all works well for you

here is one other alternative approach that a dd-wrt user found worked

https://secure.dd-wrt.com/phpBB2/viewtopic.php?p=196997&sid=da6bd04d5475fe6bf5eae6b1c2e478b7

just a quick note in case anyone esle finds they have troubles.

previously, when i was having problems with pptp i was connecting to my ISP via MLPPP (it is a means to overcome some throttling issues here in monopoly dominated Canada).

Since I removed the MLPPP and went back to regular PPPoE the PPTP tunnel seems much more stable and a bit quicker.
(it is still slower than using the windows vpn client though... depsite the router not been anywhere near 100% loaded... it seems that the PPTP code in dd-wrt is known to have performance issues.. but there seem to be few options if I want the xbox and other clients on the lan to connect easily)

perhaps it is due to packet sizes or some obscure routing issue... but at least it is one more clue.

now if only I knew a linux routing guru to let me do all this with ONE router and source based policy routing! :eek:

just a quick note in case anyone esle finds they have troubles.I'm assuming you are a TekSavvy user. Any chance you can update your instructions with screenshots please? I'm not having luck.

afraid not, sorry.
I was a teksavvy user and they were great, but i no longer live in Canada and not longer have this set up
(and looking forward to the 24Meg/40meg/50meg broadband available in the UK!)
good luck (I'm convinced the solution is in the command line with tomato or dd-wrt rather than the web interface

Hello,

Further to visitor's information, we have posted pictorial tutorial for router VPN setup here:
http://www.purevpn.com/vpn-service/router-vpn.php

Do send your feedback how we can make it more user friendly,

Regards,
The PureVPN Team

Hi Guys,

We now have better tutorials for those having bridged configurations or those using multiple routers in their network.

Do contact us here : http://billing.purevpn.com/submitticket.php should you need them,

Regards,
The PureVPN Team

Hi dtvnewbie,

I have the some problem like you, the difference is that I am two years late.

So, I do have a second router WRT54GL and want to setup it to have VPN working on it. Th purpose is to connect the PS3 to it and see Hulu, BBC etc on the TV.

I have tried multiple setting and nothing seems to work.

I am wondering if you can share with me you router setting.

Thanks,


Veronica