Hello , upgraded my AX86U to the latest and greatest 386.1 . Working very well .
I would also like to take the opportunity now to start using the asuscomm.com ddns service , along with a secure vpn connection to connect to the private network (to connect to router , NAS etc.) . Instead of opening ports towards internal servers like I used to do .
While I am finding some guides on how to set up openvpn , they contain lots of contradicting information .
Setting up and making it work is not hard but I want to be sure it it set up SECURE and PROPERLY .
For example I found this guide :
OpenVPN Server Setup Instructions for Asuswrt-Merlin – x3mtek Blog Site
1. he sais to use LZ4 compression while i read mostly to set compression to NONE .
2. when connecting from android he sais to press "continue" on the screen where it asks to select a certificate (I do not think the vpn works SECURE and PROPERLY when you do this ?!!)
3. he does not want all traffic to go through the vpn and rather use the coffeshop internet connection : Alarmbells go off in my head as I want an encrypted connection where all traffic over the vpn is secured .
So what I have now is a working VPN server running on Merlin firmware (following the above guide but his interface is somewhat different from mine) . I am not use the compression .
I also have set up the ddns and activate the Let's encrypt certificate for the dns name .
Weren't certificates supposed to be included in the ovpn file ... ? Certificates are somewhat of a blackbox for me .
So Is there a proper guide that you can point me to , to put the last bits together and make the VPN work in a SECURE way ?
Or if one would not exist , could someone briefly explain the certificate part maybe ? (which certificate to take from the router and how/where to install it on android/ipad/pc)
I would also like to take the opportunity now to start using the asuscomm.com ddns service , along with a secure vpn connection to connect to the private network (to connect to router , NAS etc.) . Instead of opening ports towards internal servers like I used to do .
While I am finding some guides on how to set up openvpn , they contain lots of contradicting information .
Setting up and making it work is not hard but I want to be sure it it set up SECURE and PROPERLY .
For example I found this guide :
OpenVPN Server Setup Instructions for Asuswrt-Merlin – x3mtek Blog Site
1. he sais to use LZ4 compression while i read mostly to set compression to NONE .
2. when connecting from android he sais to press "continue" on the screen where it asks to select a certificate (I do not think the vpn works SECURE and PROPERLY when you do this ?!!)
3. he does not want all traffic to go through the vpn and rather use the coffeshop internet connection : Alarmbells go off in my head as I want an encrypted connection where all traffic over the vpn is secured .
So what I have now is a working VPN server running on Merlin firmware (following the above guide but his interface is somewhat different from mine) . I am not use the compression .
I also have set up the ddns and activate the Let's encrypt certificate for the dns name .
Weren't certificates supposed to be included in the ovpn file ... ? Certificates are somewhat of a blackbox for me .
So Is there a proper guide that you can point me to , to put the last bits together and make the VPN work in a SECURE way ?
Or if one would not exist , could someone briefly explain the certificate part maybe ? (which certificate to take from the router and how/where to install it on android/ipad/pc)