AdvHomeServer
Senior Member
I originally posted this as a reply to some else's thread. In retrospect, I decided it was different enough to have a thread of its own.
-----
I just wrote a three part series about setting up OpenVPN on a DD-WRT server and discovered something odd about OpenVPN / DD-WRT along the way. I'm curious if ASUS and Netgear have the same issues on the iterations of their stock firmware that offer OpenVPN server, or if their factory configurations take care of the curiosity I discovered with DD-WRT.
To summarize, I discovered that OpenVPN on a DD-WRT server offers NO browsing protection on public wi-fi unless you add a few steps that are 1) not included in a lot of easy to find documentation and 2) If you find those steps you need to make sure you found the right steps as a lot of authors have different ideas on what works. I found that none had it right for me. I had to pick a bit from several articles and use trial and error to create a secure browsing gateway from public wi-fi.
The missing bits were;
The need for a reachable DNS server (I used 8.8.8.8). Otherwise no page will load.
The additional configuration for a remote gateway.
The correct POSTROUTING statement in the firewall. None of the commonly offered one worked for me.
Starting OpenVPN client with Administrator privileges, otherwise it only looks like it works.
tracert and whatismyip.com proved the connection went through my home router from a public wi-fi site.
After solving the problem, at least for my setup, I wondered if the advanced router manufacturers have it right with their OpenVPN feature.
-----
I just wrote a three part series about setting up OpenVPN on a DD-WRT server and discovered something odd about OpenVPN / DD-WRT along the way. I'm curious if ASUS and Netgear have the same issues on the iterations of their stock firmware that offer OpenVPN server, or if their factory configurations take care of the curiosity I discovered with DD-WRT.
To summarize, I discovered that OpenVPN on a DD-WRT server offers NO browsing protection on public wi-fi unless you add a few steps that are 1) not included in a lot of easy to find documentation and 2) If you find those steps you need to make sure you found the right steps as a lot of authors have different ideas on what works. I found that none had it right for me. I had to pick a bit from several articles and use trial and error to create a secure browsing gateway from public wi-fi.
The missing bits were;
The need for a reachable DNS server (I used 8.8.8.8). Otherwise no page will load.
The additional configuration for a remote gateway.
The correct POSTROUTING statement in the firewall. None of the commonly offered one worked for me.
Starting OpenVPN client with Administrator privileges, otherwise it only looks like it works.
tracert and whatismyip.com proved the connection went through my home router from a public wi-fi site.
After solving the problem, at least for my setup, I wondered if the advanced router manufacturers have it right with their OpenVPN feature.