Hi guys,
after several days of trial and error, I finally found a way to setup my WRT54GL with dd-wrt 2.4 sp1 firmware (VPN Edition) to automatically log into Hideway and share the openvpn connection to every client pc within the LAN. No setup on the client pcs is needed. The connection is forwarded through the vpn transparently by the router.
Here is what you have to do, to share Hideway VPN with your LAN:
1. First, look for your hideway key and certificat information in C:\Program Files\OpenVPN\config\<acc_number> (or your custom install location of openvpn). In that directory, there should be the following files:
- CA_cert.pem
- Ct<acc_number>.pem
- Kt<acc_number>.pem
- ta.key
2. Copy the following command chain into a texteditor end replace the text within the brackets "<<<" and ">>>" with the exact content of the appropriate file. For example, in the chain, it says "<<< CA_cert.pem >>>". Replace that text with the content of file CA_cert.pem, from "-----BEGIN CERTIFICATE-----" untill "-----END CERTIFICATE-----".
nvram set rc_startup="cd /tmp
echo \"
<<< CA_cert.pem >>>
\" > ca.crt
echo \"
<<< Ct<acc_number>.pem >>>
\" > client.crt
echo \"
<<< Kt<acc_number>.pem >>>
\" > client.key
echo \"client
dev tap
remote vpn1.hideway.eu 1194 udp
tls-client
tls-remote palma.tarifa.biz
ca /tmp/ca.crt
cert /tmp/client.crt
key /tmp/client.key
tls-auth /tmp/ta.key 1
redirect-gateway def1
ns-cert-type server
comp-lzo
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
verb 3
route-method exe
route-delay 2\" > openvpn.conf
echo \"
<<< ta.key >>>
\" > ta.key
mkdir /tmp/etc/config
echo \"openvpn --config /tmp/openvpn.conf --route-up \\\"iptables -t nat -A POSTROUTING -o tap0 -j MASQUERADE\\\" --daemon > pc1 &\" > /tmp/etc/config/vpn.sesbutton
chmod a+x /tmp/etc/config/vpn.sesbutton
"
nvram set cron_jobs="*/1 * * * * root PID=\`ps|grep openvpn|grep -v grep|awk -F ' ' '{print \$1}'\`;if [ \"x\$PID\" == \"x\" ]; then /tmp/etc/config/vpn.sesbutton; fi"
nvram commit
3. Enable SSH on dd-wrt router (Web Interface -> Services -> SSHd (Enable))
4. Log into router through SSH.
5. Copy the prepared code above and paste it into the SSH command line (when using "Putty" as SSH client, pasting is done by clicking the right mouse botton). By that procedure, the code will be executed automatically.
6. Reboot router. Done.
The router will now try to connect to Hideway and establish a connection every minute. If successful, all internet traffic is automatically routed through the VPN. If unsuccessful, all internet traffic is routed normally (unencrypted).
If something goes wrong, execute the following code in SSH command line, reboot, and everything will be undone:
nvram set rc_startup=""
nvram set cron_jobs=""
nvram commit
