How to Install and Use DD-WRT for VPN Connections

By Conner Sinclair | VPNs

If you’re concerned about Internet security and protecting your anonymity and privacy, your light years ahead of the average Internet user. Today’s Internet landscape is more perilous than ever before, and countless attacks happen each day – by both common hackers and governmental wiretapping schemes such as those employed by the NSA.

Using the Internet without a security mechanism like a VPN tunnel is just begging for trouble, but there are many other reasons to use VPNs every time you fire up your favorite Internet browser.

Unfortunately, many countries across the globe engage in stringent censorship programs. And more often than not, Internet users are baffled at the reasons their nation’s government blocks certain websites. It isn’t uncommon for countries around the globe to blackout entire websites; even the most popular web services of our time such as Facebook, Google, YouTube, and just about any streaming video or audio service you can think of.

Would you really want to run the risk of a foreign government or hacker obtaining your private information as it is in transit through the public Internet? Of course not. Likewise, most people find it absolutely unacceptable to have their freedoms of expression and information restricted.

vpn

But, I have good news and bad news for you. The good news is that all of these problems are easily solved by using a VPN tunnel. The bad news is that the vast majority of providers (though not all) only allow simultaneous connections between 2 devices. Some even only allow simultaneous connections between 1 laptop/desktop computer and 1 mobile device.

But this is intolerable. We live in the age of information, and most people have several devices including laptops, smartphones, tablets, desktop computers, and a variety of other types of computing systems.

The global information infrastructure is transitioning to the latest trend – the Internet of Things (IoT). Believe it or not, devices that require an Internet connection outnumber the global population!

With so many devices to secure with VPN tunnels, how on Earth is the average user supposed to get away with only 2 simultaneous connections? Worse yet, what about people with family and friends that want to share the same account?

The Best VPN Solution for Local Area Networks (LANs)

What if I told you there was a clever trick just about any user can employ to circumvent the simultaneous connection restrictions imposed by the average VPN provider? Well, guess what, there is!

Instead of establishing a VPN tunnel between your computer (or mobile device) and the VPN server, you can actually create a VPN tunnel between your home router and the VPN server. This way, users can secure virtually any number of devices at the same time, as long as those devices are connected to your home’s network, be they wired or wireless devices.

There’s just one problem. Most home wireless routers have default software (called firmware) that is incapable of establishing a VPN connection. Fortunately, there are completely free versions of firmware that the vast majority of users can use to supercharge the functionality of their basic routers to take better advantage of their hardware. Today we are going to look at DD-WRT, but there are other free alternatives – such as Tomato – that boost the capabilities of your basic router…for free!

Tomato firmware 1.28

DD-WRT Caveats

The whole idea is to upgrade the default firmware on your home wireless router to add code (among countless other useful features) that allows your router to create a VPN tunnel with a server from your provider.

But, not all routers are capable of running DD-WRT. However, most of the mainstream routers can run this code, and a complete list of supported models can be found here.

Believe it or not, the upgrade process is so simple and straightforward that even technology novices can complete the task without a headache. The first step, however, is making sure your router model is supported.

After that, all you need to do is two easy tasks: flashing your router firmware and building a VPN tunnel to your VPN service provider’s server. Then, your home network will have an ‘always-on’ VPN connection that secures all of the Internet traffic originating from your home – regardless of how many devices use your local network.

Benefits and Features of DD-WRT

DD-WRT provides a ton of useful features that aren’t usually present in default OEM firmware. After you have upgraded the code on your router to DD-WRT, you can gain the following benefits and features for free:

  • Decrease processing, memory, and latency overhead from your local computer to your router, thereby increasing overall Internet performance and speed
  • Encrypt all (or optionally selective amounts) of local traffic
  • Ancillary benefits such as NAS (Network Attached Storage) capabilities, printer sharing, and even file server functionality
  • The ability to create a VPN tunnel back to your private home network
  • Unblock websites for every device that connects to your local network

dd-wrt

What You Need

There are a few things you need to get started. First and foremost, you need a router supported by the DD-WRT software. Furthermore, users need a router with at least 8MB of RAM.

In addition, users will need an Ethernet cable to connect their laptop to their router. Last but not least, users will also want to have their VPN username and password readily available.

The DD-WRT Installation Process

The installation process (also called flashing your router) is pretty darn simple. Just use the following steps:

  1. Before you do anything, make sure that your router is capable of running DD-WRT. On the off-chance that your router isn’t capable, you can purchase a new model that has the ability to run DD-WRT.
  2. Next, you will need to download the appropriate .bin file that contains the code for your unique router model. You’ll find that the right file download is named “factory to DD-WRT.”
  3. The third step is performing a 30/30/30 reset on your router. To perform this procedure, simply push and hold the reset button on your router for 90 seconds. After the first 30 seconds are up, remove the power cable from your router – remembering to keep the reset button pressed the whole time. Then, wait another 30 seconds. Finally, with the reset button still firmly pressed, reapply the power cable for 30 more seconds. This process will complete the 30/30/30 reset.
  4. Now you need to connect your computer to the router with the Ethernet cable.
  5. 5. Open the web interface of your router by typing the default IP address into a web browser. More often than not, the default IP address of any home router is 192.168.1.1. However, this can change slightly among different router models. Check your user manual in the event that 192.168.1.1 does not pull up the configuration interface in your web browser.
  6. Each router model is a little bit different, but most likely, there is an Administration or System Tools tab that allows users to upgrade firmware. Again, refer to your router manual if one of these two options aren’t available.
  7. Click on the button that allows you to upgrade the firmware, and browse to the downloaded .bin file from DD-WRT. After you upload the code (and usually click the Apply Changes button), wait until the router has automatically rebooted.
  8. Perform one more 30/30/30 reset.
  9. After the reset operation is complete, refresh the web interface (IP address of 192.168.1.1). The default login credentials of DD-WRT are a username of admin and a password of admin. At this point, the upgrade process is complete! All that remains is to configure an OpenVPN connection between the router and your VPN service provider’s server.

Router VPN Configuration Process

Within the confines of the DD-WRT software, there are two basic ways to establish a VPN connection with your provider. Either use the GUI (which is much easier), or opt for the command line. The vast majority of VPN providers offer OpenVPN configuration files free for download, so this is the preferred configuration we will explain in detail during this tutorial.

  1. Log in to your newly upgraded DD-WRT router. Then browse to Services, and then click on the VPN interface. From this interface, enable OpenVPN.
  2. Open your .ovpn file in a text editor. Windows users can use Notepad. Essentially, we want to copy the code into the GUI (ctrl + c, ctrl + v).
  3. Now, all we have to do is ‘plug and chug.’ Simply copy the following information into the appropriate fields. Find the Server IP or Name text field, and copy the corresponding information from your text file. You will recognize the information because it is in the provider.com xxxx format (xxxx is the required port).
  4. Now look for the TLS AUTH KEY field, and copy the required information located between the <tls-auth> and </tls-auth> tags in your text document.
  5. Next, copy and paste the required information between the <ca> and </ca> tags in your downloaded text document into the CA Cert field.
  6. For the next step, copy and paste the information contained between the <cert> and </cert> tags into the Public Client Cert field.
  7. Finally, copy and paste the text between the <key> and </key> tags into the Private Client Key field (the worst is behind us!).
  8. Now, make sure you click the save button. After that, click the apply button.
  9. There’s only one last step! Now you will want to check to make sure that the VPN tunnel has been established by browsing to Status and then OpenVPN. There should be a multitude of logging messages that lend credence to the fact that your VPN tunnel is up and running. If your VPN tunnel hasn’t established, you may have failed to copy and paste the data correctly. In this event, it is best to contact the customer support team – and just about every reliable provider has 24/7 customer support.

Looking for a Good Pre-Configured DD-WRT Router?

Thankfully, there has been a proliferation of DD-WRT routers recently. You can check out my guide here to see the top 5 options.

Final Thoughts

After following this configuration process, your newly flashed DD-WRT router should have established a VPN tunnel with your provider of choice. Doing so will secure every single device that connects to your local network. Just remember, should you run into any technical difficulties, any decent VPN service will have customer support staff ready and waiting to assist you with the configuration process.

Follow

About the Author

Conner is a self-professed tech nerd, obsessed with digital security and privacy. He loves debugging "lost causes" and thwarting hackers. When not in his depressing cubicle in Corporate America, he's blogging here.