As I requested, entware-ng team added ocserver (Openconnect VPN server) to the repository. This may help a lot of people where many other VPN techniques blocked (e.g. China). Here is a very simple guide:
1. Install entware-ng as stated here: https://github.com/RMerl/asuswrt-merlin/wiki/Entware
2. opkg update; opkg install ocserv
3. Follow https://www.vultr.com/docs/setup-openconnect-vpn-server-for-cisco-anyconnect-on-ubuntu-14-04-x64 to create certificates if you would like to use certificate as the authentication method. Put your certificates under /opt/etc/ocserv/cert/. Or some other places but you will have to modify the ocserv.conf by yourself. This guide is based this method.
4. Put the attached ocserv.conf.txt in /opt/etc/ocserv/, rename it to ocserv.conf and tailor it to your need.
5. Put the attached S79ocserv.txt in /opt/etc/init.d/, rename it to S79ocserv and chmod +x /opt/etc/init.d/S79ocserv
6. Append content of the attached ocserv_iptables.txt to /jffs/scripts/firewall_start and chmod +x /jffs/scripts/firewall_start if needed.
7. Reboot your router and enjoy!
I guess this guide fits all dd-wrt based roms as well.
Credits:
zyxmon@entware_ng for compiling & adding ocserv to the repository
https://wiki.openwrt.org/doc/howto/openconnect-setup for iptables script insight
@RMerlin for the wonderful asuswrt-merlin
@RMerlin, @sfx2000 and @jeff288 for valuable discussion and insights.
1. Install entware-ng as stated here: https://github.com/RMerl/asuswrt-merlin/wiki/Entware
2. opkg update; opkg install ocserv
3. Follow https://www.vultr.com/docs/setup-openconnect-vpn-server-for-cisco-anyconnect-on-ubuntu-14-04-x64 to create certificates if you would like to use certificate as the authentication method. Put your certificates under /opt/etc/ocserv/cert/. Or some other places but you will have to modify the ocserv.conf by yourself. This guide is based this method.
4. Put the attached ocserv.conf.txt in /opt/etc/ocserv/, rename it to ocserv.conf and tailor it to your need.
5. Put the attached S79ocserv.txt in /opt/etc/init.d/, rename it to S79ocserv and chmod +x /opt/etc/init.d/S79ocserv
6. Append content of the attached ocserv_iptables.txt to /jffs/scripts/firewall_start and chmod +x /jffs/scripts/firewall_start if needed.
7. Reboot your router and enjoy!
I guess this guide fits all dd-wrt based roms as well.
Credits:
zyxmon@entware_ng for compiling & adding ocserv to the repository
https://wiki.openwrt.org/doc/howto/openconnect-setup for iptables script insight
@RMerlin for the wonderful asuswrt-merlin
@RMerlin, @sfx2000 and @jeff288 for valuable discussion and insights.
Attachments
Last edited: