ASUS RT-N56U + Padavan Custom Firmware + VPN

[deukalion]

I've been trying and trying to find some information on how to configure the Asus RT-N56U with Padavan Custom Firmware but all "issues" on their pages suggest that I just enable the script - which does nothing for me.

I've also tried to replicate the routing table as best I can while connecting to the VPN from Windows manually. No luck.

This is the default settings:

#!/bin/sh

### Custom user script
### Called after internal VPN client connected/disconnected to remote VPN server
### $1        - action (up/down)
### $IFNAME   - tunnel interface name (e.g. ppp5)
### $IPLOCAL  - tunnel local IP address
### $IPREMOTE - tunnel remote IP address
### $DNS1     - peer DNS1
### $DNS2     - peer DNS2

# private LAN subnet behind a remote server (example)
peer_lan="192.168.9.0"
peer_msk="255.255.255.0"

[B]Turn on:[/B]
route add -net $peer_lan netmask $peer_msk gw $IPREMOTE dev $IFNAME

[B]Turn off:[/B]
route del -net $peer_lan netmask $peer_msk gw $IPREMOTE dev $IFNAME

This is doing nothing whatsoever with the connection.

This is my routing table from Windows after connecting to the VPN Server:

MY_VPN_IP = The IP which my VPN DNS server resolves for me, can be different each time...

*ISP_FROM_ISP.0   = 12.23.24.0
*ISP_FROM_ISP.255 = 12.23.24.255

Network Destination	Netmask			Gateway		Interface 	Metric
--------------------------------------------------------------------------------------
0.0.0.0			0.0.0.0			ISP_GATEWAY	IP_FROM_ISP	4245
0.0.0.0			0.0.0.0			On-link		VPN_LOCAL_IP	21
VPN_LOCAL_IP		255.255.255.255		On-link		VPN_LOCAL_IP	276
MY_VPN_IP		255.255.255.255		ISP_GATEWAY	IP_FROM_ISP	4246
127.0.0.0		255.0.0.0		On-link		127.0.0.1	4531
127.0.0.1		255.255.255.255		On-link		127.0.0.1	4531
127.255.255.255		255.255.255.255		On-link		127.0.0.1	4531
IP_FROM_ISP.0		255.255.255.0		On-link		IP_FROM_ISP	4501
IP_FROM_ISP		255.255.255.255		On-link		IP_FROM_ISP	4501
IP_FROM_ISP.255		255.255.255.255		On-link		IP_FROM_ISP	4501
224.0.0.0		240.0.0.0		On-link		127.0.0.1	4531
224.0.0.0		240.0.0.0		On-link		IP_FROM_ISP	4502
224.0.0.0		240.0.0.0		On-link		VPN_LOCAL_IP	21
255.255.255.255		255.255.255.255		On-link		127.0.0.1	4531
255.255.255.255		255.255.255.255		On-link		IP_FROM_ISP	4501
255.255.255.255		255.255.255.255		On-link		VPN_LOCAL_IP	276

This is as close as I can get to replicating the routing table, or from the "forth" entry in the routing table.

[B]Turn on:[/B]
ISP_GW=$(route -n | grep "^0\.0\.0\.0" | awk '{print $2}')
VPN_ENDPOINT=echo $(grep pptp_server /tmp/ppp/options.vpnc  | tr -d \' | awk '{print $2}')

route del default gw $ISP_GW
route del -net $IPREMOTE netmask 255.255.255.255

route add -net $VPN_ENDPOINT netmask 255.255.255.255 gw $ISP_GW dev eth3
route add -net $IPLOCAL netmask 255.255.255.255 dev $IFNAME
route add gw $IPREMOTE netmask 255.255.255.255 dev $IFNAME
route add default gw $ISP_GW dev eth3

All I'm sure of is that by adding $IPREMOTE as my default gateway makes the router extremly slow, takes about 2-5 minutes before a page is loaded and I can't access the internet at all. Usually need to turn off the power to the router.

I'm not sure if all VPN's work the same, but according to an issue posted HERE all you need to do is add the default values. I've also tried most of the "scripts" that people provide as solutions there, but the router usually freeze, dies or does nothing. And the thread seems to be dead, since my entry is the last and it's dated last October. Which is since I've been trying alot of times to get this to work.

If I leave the default script as it is I just get a new entry in my routing table like this:

Destination	Gateway		Genmask		Flags	Metric	Ref	Use	Iface
default		ISP_GW		0.0.0.0		UG	0	0	0	eth3
IPREMOTE	*		255.255.255.255	UH	0	0	0	ppp

Any suggestions? I've only added the script that will run when the VPN is turned on, since currently I'm just trying to get it to work that way.

 

[deukalion]

My latest attempt which literally result in almost idenetical routing table with the last four entries:

[B]Turn on script:[/B]

route del default gw $GW
route del -net $IPREMOTE netmask 255.255.255.255
route add -net $VPN_DNS netmask 255.255.255.255 gw $GW dev eth3
route add -net $IPLOCAL netmask 255.255.255.255 dev ppp5
route add default gw $IPREMOTE
route add default gw $GW

[B]netstat -nr[/B]

Destination	Gateway		Genmask		Flags	Metric	Ref	Use	Iface
default		$GW		0.0.0.0		UG	0	0	0	eth3
default		$IPLOCAL	0.0.0.0		UG	0	0	0	ppp5
$IPLOCAL	*		255.255.255.255	UH	0	0	0	ppp5
$VPN_DNS	$GW		255.255.255.255	UGH	0	0	0	eth3

 

[gam1989]

I found a solution for my own needs. I did not end up using a script. I use PIA (PrivateInternetAccess) for my VPN client through the Asus RT-N56U router with Padavan FW.

For the WAN settings, I changed the connection type to L2TP. This allowed me to enter my client information into the fields that popped up below. I tried PPTP, but the connection speed was significantly slower. . . Some people may dislike this, but it works for me.

I checked the log as the connection was established to make sure there were no issues with this method. Nothing seemed to arise.

I had attempted a connection through the "VPN Client" tab with no success. The connection was dropped over and over again by the VPN provider.

Using the L2TP connection, I have had a continuous connection with awesome speeds. Currently, I'm getting 50Mb/s, which is the max of my ISP.

Let me know if you have any questions!

******Edit******​

In order to get this to work:

Log into your PIA account through their website. (https://www.privateinternetaccess.com)

At the bottom of the screen (after you log in) there should be a green box that says
PPTP/L2TP/SOCKS Username and Password (Optional)

Click on: “Generate Username and Password”

Whatever Username and Password that gives you is what needs to put put into the router’s login information.