Now uncomment, further down, the following line by removing # so it appears like this: set_var EASYRSA_KEY_SIZE 2048 Note: The first parameter EASYRSA_REQ_COUNTRY requires a 2-digit country code like GR, FR, DE, IT, NL, UK, DK etc.
Set_var EASYRSA_REQ_OU "My Department Name" Set_var EASYRSA_REQ_EMAIL "My Mail Address" Set_var EASYRSA_REQ_ORG "My Organisation" Set_var EASYRSA_REQ_PROVINCE "My Province" nano and change the following variables with your own details: We need to start by editing a few lines in the /etc/easy-rsa/vars file and enable stronger 2048-bit encryption.
Now, we must generate the certificates for the server and client(s). The idea here is that we create an independent folder to store all of our keys instead of the /etc/easy-rsa/ folder, as the latter does not survive a firmware update we only need to link symbolically this original (and needed) folder /etc/easy-rsa/ to point to our own folder under /etc/config/ that does survive a firmware update. $ ln -s /etc/config/openvpn-asus /etc/easy-rsaįor an existing installation after an OpenWRT firmware update: $ mv /etc/easy-rsa/* /etc/config/openvpn-asus/ It is recommended that we move our easy-rsa files from the default location so that we don’t accidentally overwrite those in case of a system or firmware update.įor a fresh installation on an OpenWRT firmware: Next, we need to generate the required server keys and certificates using easy-rsa. Note: In case there is a need to re-install a package and its dependencies, use the -force-reinstall parameter: $ opkg install -force-reinstall openvpn-easy-rsa 2. So we have first updated/refreshed the latest available packages from the source repository then we installed the 4 needed packages finally, we just restarted the router’s web server daemon. $ opkg install openvpn-openssl openvpn-easy-rsaĪdditionally, as my preferred editor is nano and it doesn’t come with OpenWRT, it’s a good idea to install that one, too: $ opkg install nano
To set up and configure an OpenVPN server so we can connect to our home’s local network, we need to first install the following packages: I recently decided to install a secondary OpenVPN server on my Asus RT-58U router, as a backup gateway to my home network. Kindly understand that I cannot be held responsible for any mistakes or malfunctions on your side. These instructions below are published for people to compare notes and understand the process like I did. This guide reflects my personal notes for personal use it expects you to have an up-and-running OpenWRT firmware on your router, an existing dynamic DNS service available as well as know your way around Terminal i.e.
0 kommentar(er)
