openVPN with an ASUS router

0 Members and 1 Guest are viewing this topic. Read 7223 times.

randytsuch

openVPN with an ASUS router
« on: 23 Mar 2016, 07:01 pm »
Here is a pretty simple, safe, free way to get access to your machines from the internet.

Was looking for a secure way to get at my raspberry pi, but this works for a NAS or a server or whatever you have on your internal network, that you want to keep safe from the outside world, but want access to.

One thing that made this easy is the router I have, courtesy of tmobile, a TM-AC1900, which is really an Asus RT-AC68U.
This is a really nice, fast router, and it has support for openVPN built in. 
Asus also offers a ddns (dynamic dns) service, that maps a custom name to your home ip address (which can change).  This lets openVPN find your home network over the internet.

Without an ASUS router, you can run an openVPN server on a pi, but it is more complicated to setup.  And you would need a ddns service.  There are some free and cheap ones to look into.

I did some research on VPN security, and while PPTP is better than nothing, there is a known way to break it, so it is not recommended.  OpenVPN is secure, so you don't have to worry about someone getting access to your stuff.

So here is what I did, to connect my android phone to my router, via OpenVPN.

On the router, don't use the normal 192.168.1.x for the internal ip address.  Change the .1. to something else, this avoids conflicts down the road.  Select LAN on the left.  Change the IP address, then select apply.

Enabled DDNS.  Select WAN on the left, then DDNS tab on top.  Yes to Enable the DDNS Client, I used the asuscomm.com free ddns server, created a new address.  It checks for availability.  Then click apply.  You don't have to worry about remembering the address, it will automatically insert the address into the openvpn file below.

Added my pi as a static IP address.  Click LAN on the left, DHCP Server on top.  You need the MAC address for your device.  Or let your device connect to the router, and then select the device.  Set the IP address to whatever you want.  After you click apply, you should reset your device, pi in my case.  It will come up, and talk on the static ip address now.
You should make whatever you want to talk to a static IP.

VPN.  Select VPN on left. It will start at the Server screen.  Enable VPN Server to ON.  Change server mode to openvpn. 
Create some usernames and passwords, add and save. 
Export the OpenVPN configuration file.  Note that you should do the DDNS step before doing this, and it will use the ddns address you created.  The file you export should be called client.ovpn or maybe something similar
email the file to yourself

Android VPN setup
install open VPN connect on your phone.
go to your email, and download the client.ovpn file
start the open VPN connect program, and select the ovpn file.  It was in my downloads directory of the sd card on my phone
enter your username and password
hit connect, wait a few, and it should connect.

Now you have a vpn connection from your router to your phone.  This is basically a secure pipeline between your phone and your home network. No one else can see what's in this pipeline.

You can call up your browser, and enter an address in the form of 192.168.x.x, and get at devices on your network, just like you could if you were home.

You can't enter a name, it needs to be in numeric form.  Since you made static addresses for whatever you want to talk to, you just need to use that static address.

You should also be able to use a ssh terminal program, and talk to you devices with a terminal.  I haven't tried it yet.

And as long as no one gets their hands on the client.ovpn file, they can't break into your vpn.

You can also installed openvpn on a laptop, macbook, tablet, etc, and access your stuff through that.  There are lots of tutorials to show you how.



randytsuch

Re: openVPN with an ASUS router
« Reply #1 on: 25 Mar 2016, 08:17 pm »
So I was too quick to declare victory on this.

I can open a VPN connection between my phone and my router.

But I can't get at my Pi yet.

Tried from both an iphone and an android, and both connect but can't get to the Pi.

Hopefully I'll figure it out, and post what I did.

Randy

randytsuch

Re: openVPN with an ASUS router
« Reply #2 on: 1 Apr 2016, 03:22 pm »
I've given up on getting openVPN to run on my asus router.

If I had a "real" asus router, instead of the tmobile version, I might try some more.  Tmobile disabled the console port, so I can't see what's going on in the router.

I was going to try running openVPN in my pi instead, but then I found weaved.com

I think weaver is a new service, but they provide a secure way to access stuff on your home network.
You can get a free account with some limitations (like only 30 minutes per session, but unlimited number of sessions).

Or you can spend a little , $2/mo, and get a little more capability.

With weaved, I had to install a program on my pi, spend a few minutes setting up the pi, and then I can just log into my weaved account from another computer, phone, whatever, and access my pi.  You can even access the console port if you want to.

It is as secure as the password on the weaved account.  I used my password program, and made a very complicated password, so I think its safe.

The only problem with this is you need to be able to get the password to open the account, but I can do that from my phone or pc, so I'm good.

Randy

randytsuch

Re: openVPN with an ASUS router
« Reply #3 on: 8 Nov 2016, 04:24 pm »
Resurrecting because I played with this some more.

For my security cam system, I wanted to have VPN, so worked a little harder.

Was able to get OpenVPN working with a Asus router and android and iphone, actually pretty easy.

I just had to check off a few settings in the advanced section
Username / Password Auth. Only Yes
Push LAN to clients Yes
Direct clients to redirect Internet traffic No
Respond to DNS Yes
Advertise DNS to clients Yes

With the settings like this, OpenVPN works great, I can get into my home network from anywhere with my iphone and android.

Note with my android, I had to mess with the power savings settings too, found what to do with an internet search.
https://github.com/schwabe/ics-openvpn/issues/471

Randy

randytsuch

Re: openVPN with an ASUS router
« Reply #4 on: 9 Nov 2016, 09:08 pm »
I made a blog if anyone wants to try setting up openVPN, and has an asus router with this feature.

http://randyshomeprojects.blogspot.com/2016/11/openvpn-on-asus-router.html

Once you know what to do, it's really easy (like many things  :lol:)

And very cool being able to securely access stuff at home, especially now with IOT and security cams and stuff.


Holihan62

  • Newbie
  • Posts: 1
Re: openVPN with an ASUS router
« Reply #5 on: 11 Jul 2017, 06:42 am »
Pleased to know about superb vpn services. My friend is in search of vpn for kodi service providers. She is exploring deals and unlimited bandwidth too. Have seen many of them online and go for the best reviewed one. Hope she gets it soon.