【原创】DD WRT路由上架设openvpn-用于cmwap上网

myliyifei

恩，看到这个功能，看到是DD WRT 支持OPEN VPN

cqsc

宸茬粡鎸塋Z鐨勬柟娉曡?缃?簡,鍙?互杩炰笂VPN,鍙?互鍒嗛厤鍒癐P,灏辨槸涓嶄紶閫佹暟鎹?寘.PING涓嶉

CRCERIC

要带vpn的版本

CRCERIC

可以的 你可以参考这里的文章  http://www.dd-wrt.com/wiki/index.php/OpenVPN

CRCERIC

QUOTE:

Posted by 孑然一身 on 2008-1-19 14:55
是否只要DDWRT就可以工作了，不用电脑了？

是的 只开路由就可以了

CRCERIC

QUOTE:

Posted by k22m on 2008-1-20 03:10
你买的哪款DD WRT路由器呀，我也想看看！真是强人，厉害！

惭愧 其实坛子里好多人都会的，只是没人写教程。我只是把他写出来而已

只要可以刷DD wrt的路由器就可以了 我买的是buffor 很便宜的那种 200块 具体型号忘记了

cqsc

按LZ的方法,已经可以连上
但是不传数据,不知道为什么

spyderco

HTTP proxy returned bad status 什么原因 难道433封了

cqsc

知道为什么可以连上,但是不传数据了,
把客户端的配置文件后面加上一句
   route-gateway 192.168.1.1  #你内网的网关IP
   redirect-gateway
就OK了
呵呵

fatlsj

弄了一晚上，都3点了。上来说句话。一直用DDWRT，V24，RC5版本。但是总是到最后诊断的地方就不能出来LZ说的那3行，只有2行。最后一个一个版本换着刷，刷到V24,RC3，发现出来那3行诊断结果了。用手机拨号连接，成功。但是又碰到一个问题，为什么可以开QQ,却不能开网页呢？

cqsc

回楼上的,你肯定是DNS的问题,自己设置个DNS就可以鸟,,四川的是61.139.2.69

fatlsj

请教CQSC，在哪里设置呢？就是普通DDWRT界面里设置吗？用电信的DNS可不可以？

myliyifei

感觉似乎很难接通，接通率很低

fatlsj

尝试成功了。V24RC5也可以。配置代码我也贴一份，从官方粘过来的，这个代码用了RC3和RC5，都可以。除了代码，其它方面看LZ写的就可以了，基本上就是先生成静态KEY，设置DDNS，关NTP，粘启动和防火墙代码，重启路由，测试然后就OK。我这也只是一个例子，希望其它成功的兄弟也上来说说。

启动：

openvpn --mktun --dev tap0
brctl addif br0 tap0
ifconfig tap0 0.0.0.0 promisc up
echo "
-----BEGIN OpenVPN Static key V1-----
这里粘KEY文件里的内容注意上下两行重复的地方
-----END OpenVPN Static key V1-----
" > /tmp/static.key
ln -s /usr/sbin/openvpn /tmp/myvpn
/tmp/myvpn --dev tap0 --secret /tmp/static.key --comp-lzo --port 443 --proto tcp-server --verb 3 --daemon




防火墙：

iptables -I INPUT 1 -p tcp --dport 443 -j ACCEPT



测试：

ps | grep vpn






至于客户端，我贴2种：


第一种：这种在CMWAP下使用

remote xxxxxx.3322.org #输入你申请的3322的动态域名
http-proxy-retry
http-proxy 10.0.0.172 80 #移动代理
port 443
dev tap
secret key.txt
proto tcp-client
comp-lzo
route-gateway 192.168.1.1
redirect-gateway


第二种：这种在宽带不走代理时使用

remote xxxxxx.3322.org #输入你申请的3322的动态域名
port 443
dev tap
secret key.txt
proto tcp-client
comp-lzo

[ Edited by  fatlsj on 2008-2-16 00:16 ]

tung84

打算也搞个无线的来玩玩..

tung84

学习了..

CRCERIC

QUOTE:

Posted by myliyifei on 2008-2-16 00:49
感觉似乎很难接通，接通率很低

我用了很久了 基本上每次都能接通 在好多城市测试过 都没什么问题

liven168

我的V24RC4版本的显示4行,不知道什么意思,
1154 root        372 S   sh -c alias ping='ping -c 3'; eval "ps | grep vpn" >
1155 root             sh -c alias ping='ping -c 3'; eval "ps | grep vpn" >
1156 root             sh -c alias ping='ping -c 3'; eval "ps | grep vpn" >
1158 root        268 S   grep vpn
大家帮忙看看,但输入网址能打开陆游界面

fatlsj

这种情况你可以试下用RC3，我一开始也是这样的。不过最后RC3能行了，改用RC5就也可以了。
PS:用我的配置文件试试，除了3322域名和KEY以外一个字都不要改，应该可以的。

liven168

可能是版本不带VPN.想问下如果我换VPN的版本的RC3直接升级就可以吗?我的是WRT 54G V1版本的陆游,已经刷DD WRT RC4 STD版

liven168

谢谢楼主,已经成功,速度不错的说,准备收个WAP包月卡, ,感觉比论坛兄弟给的还快点

yeqil2006

mail卡能用吗

xinhuaking

强帖，学习了

new3312112

非常感谢楼主，终于自己组建完成了。谢谢了。

523865546

liu ming

xzw007

好东西

崂山道士

我在论坛上一位朋友的帮助下建了一个，现在是一用GC85拨号上线后就马上死机，不知道为什么？

崂山道士

虚拟网卡一直在连接，为什么？

崂山道士

Fri Mar 07 20:28:27 2008 recv_line: TCP port read timeout expired
Fri Mar 07 20:28:27 2008 SIGUSR1[soft,init_instance] received, process restarting
Fri Mar 07 20:28:32 2008 LZO compression initialized
Fri Mar 07 20:28:32 2008 TAP-WIN32 device [本地连接 3] opened: \\.\Global\{23413A8B-FB15-4045-83C5-B6823A13E67A}.tap
Fri Mar 07 20:28:32 2008 Successful ARP Flush on interface [4] {23413A8B-FB15-4045-83C5-B6823A13E67A}
Fri Mar 07 20:28:32 2008 Attempting to establish TCP connection with 10.0.0.172:80
Fri Mar 07 20:28:32 2008 TCP connection established with 10.0.0.172:80
Fri Mar 07 20:28:38 2008 recv_line: TCP port read timeout expired
Fri Mar 07 20:28:38 2008 SIGUSR1[soft,init_instance] received, process restarting
Fri Mar 07 20:28:43 2008 LZO compression initialized
Fri Mar 07 20:28:43 2008 TAP-WIN32 device [本地连接 3] opened: \\.\Global\{23413A8B-FB15-4045-83C5-B6823A13E67A}.tap
Fri Mar 07 20:28:43 2008 Successful ARP Flush on interface [4] {23413A8B-FB15-4045-83C5-B6823A13E67A}
Fri Mar 07 20:28:43 2008 Attempting to establish TCP connection with 10.0.0.172:80
Fri Mar 07 20:28:43 2008 TCP connection established with 10.0.0.172:80
Fri Mar 07 20:28:49 2008 recv_line: TCP port read timeout expired
Fri Mar 07 20:28:49 2008 SIGUSR1[soft,init_instance] received, process restarting
Fri Mar 07 20:28:54 2008 LZO compression initialized
Fri Mar 07 20:28:54 2008 TAP-WIN32 device [本地连接 3] opened: \\.\Global\{23413A8B-FB15-4045-83C5-B6823A13E67A}.tap
Fri Mar 07 20:28:54 2008 Successful ARP Flush on interface [4] {23413A8B-FB15-4045-83C5-B6823A13E67A}
Fri Mar 07 20:28:54 2008 Attempting to establish TCP connection with 10.0.0.172:80
Fri Mar 07 20:28:54 2008 TCP connection established with 10.0.0.172:80
Fri Mar 07 20:29:00 2008 recv_line: TCP port read timeout expired
Fri Mar 07 20:29:00 2008 SIGUSR1[soft,init_instance] received, process restarting
Fri Mar 07 20:29:05 2008 LZO compression initialized
Fri Mar 07 20:29:05 2008 TAP-WIN32 device [本地连接 3] opened: \\.\Global\{23413A8B-FB15-4045-83C5-B6823A13E67A}.tap
Fri Mar 07 20:29:05 2008 Successful ARP Flush on interface [4] {23413A8B-FB15-4045-83C5-B6823A13E67A}
Fri Mar 07 20:29:05 2008 Attempting to establish TCP connection with 10.0.0.172:80
Fri Mar 07 20:29:05 2008 TCP connection established with 10.0.0.172:80
Fri Mar 07 20:29:11 2008 recv_line: TCP port read timeout expired
Fri Mar 07 20:29:11 2008 SIGUSR1[soft,init_instance] received, process restarting
Fri Mar 07 20:29:16 2008 LZO compression initialized
Fri Mar 07 20:29:16 2008 TAP-WIN32 device [本地连接 3] opened: \\.\Global\{23413A8B-FB15-4045-83C5-B6823A13E67A}.tap
Fri Mar 07 20:29:16 2008 Successful ARP Flush on interface [4] {23413A8B-FB15-4045-83C5-B6823A13E67A}
Fri Mar 07 20:29:16 2008 Attempting to establish TCP connection with 10.0.0.172:80
Fri Mar 07 20:29:16 2008 TCP connection established with 10.0.0.172:80
Fri Mar 07 20:29:22 2008 recv_line: TCP port read timeout expired
Fri Mar 07 20:29:22 2008 SIGUSR1[soft,init_instance] received, process restarting
Fri Mar 07 20:29:27 2008 LZO compression initialized
Fri Mar 07 20:29:27 2008 TAP-WIN32 device [本地连接 3] opened: \\.\Global\{23413A8B-FB15-4045-83C5-B6823A13E67A}.tap
Fri Mar 07 20:29:27 2008 Successful ARP Flush on interface [4] {23413A8B-FB15-4045-83C5-B6823A13E67A}
Fri Mar 07 20:29:27 2008 Attempting to establish TCP connection with 10.0.0.172:80
Fri Mar 07 20:29:27 2008 TCP connection established with 10.0.0.172:80
Fri Mar 07 20:29:33 2008 recv_line: TCP port read timeout expired
Fri Mar 07 20:29:33 2008 SIGUSR1[soft,init_instance] received, process restarting
Fri Mar 07 20:29:38 2008 LZO compression initialized
Fri Mar 07 20:29:38 2008 TAP-WIN32 device [本地连接 3] opened: \\.\Global\{23413A8B-FB15-4045-83C5-B6823A13E67A}.tap
Fri Mar 07 20:29:38 2008 Successful ARP Flush on interface [4] {23413A8B-FB15-4045-83C5-B6823A13E67A}
Fri Mar 07 20:29:38 2008 Attempting to establish TCP connection with 10.0.0.172:80
Fri Mar 07 20:29:38 2008 TCP connection established with 10.0.0.172:80
Fri Mar 07 20:29:44 2008 recv_line: TCP port read timeout expired
Fri Mar 07 20:29:44 2008 SIGUSR1[soft,init_instance] received, process restarting
Fri Mar 07 20:29:49 2008 LZO compression initialized
Fri Mar 07 20:29:49 2008 TAP-WIN32 device [本地连接 3] opened: \\.\Global\{23413A8B-FB15-4045-83C5-B6823A13E67A}.tap
Fri Mar 07 20:29:49 2008 Successful ARP Flush on interface [4] {23413A8B-FB15-4045-83C5-B6823A13E67A}
Fri Mar 07 20:29:49 2008 Attempting to establish TCP connection with 10.0.0.172:80
Fri Mar 07 20:29:49 2008 TCP connection established with 10.0.0.172:80
Fri Mar 07 20:29:55 2008 recv_line: TCP port read timeout expired
Fri Mar 07 20:29:55 2008 SIGUSR1[soft,init_instance] received, process restarting
Fri Mar 07 20:30:00 2008 LZO compression initialized
Fri Mar 07 20:30:00 2008 TAP-WIN32 device [本地连接 3] opened: \\.\Global\{23413A8B-FB15-4045-83C5-B6823A13E67A}.tap
Fri Mar 07 20:30:00 2008 Successful ARP Flush on interface [4] {23413A8B-FB15-4045-83C5-B6823A13E67A}
Fri Mar 07 20:30:00 2008 Attempting to establish TCP connection with 10.0.0.172:80
Fri Mar 07 20:30:00 2008 TCP connection established with 10.0.0.172:80
虚拟网卡不停的连上断开，请高手看看是什么原因？谢谢了

[ Edited by  崂山道士 on 2008-3-7 20:34 ]

fatlsj

建议楼上加一句TIMEOUT指令,这样可以延长等待时间,就不会TCP不停断开了.
具体是 HTTP-PROXY-TIMEOUT 45 #这个数字可以自己改,应该是等待秒数的意思