I would recommend TomatoUSB. I can't get Merlin installed on my N66U so I went with Tomato. DD-WRT would also not load. I'm having great success on TomatoUSB. It took a couple of days of trial and error with DD-WRT, Merlin, TomatoUSB.... to get connected to ibVPN but now it is working like a dream.
Here are the steps I followed. The thing about TomatoUSB is that it uses a /jffs partition. I'm not sure if Merlin does, but with Putty and SSH into the command window this went very quickly:
How to use Asus RT-N66u with OpenVPN on TomatoUSB for ibVPN.com
Despite what the below post says, I could not get it to load with DD-WRT.
With a new router, upgrade to TomatoUSB following the instructions here:
http://www.dd-wrt.com/phpBB2/viewtop...r=asc&start=60
I used this version of TomatoUSB
tomato-K26USB-1.28.RT-N5x-MIPSR2-097-Tor-VPN-64K.trx
Downloaded from here:
http://tomato.groov.pl/download/K26R...or-VPN-64K.trx
Basic Instructions:
- Use a static IP adress. 192.168.1.12 for example.
- From the latest Asus Firmware installed on your router: Upgrade CFE 1.0.3!!! TO BE DONE ONLY ONCE... NO WAY BACK!!!
Step #1:
- Reset NVRAM: just press the WPS button 5 seconds while your router boots. (yep no need to do the 30/30/30 old trick...). Then wait till the router reboot.
- Put the router in recovery mode: Press the reset button 10 seconds while your router boots.
- Go to
http://192.168.1.1/
- Now that you have access to the
http://192.168.1.1/ page restore to RT-N66U_3.0.0.4_260.trx (this step is not required, but just in case... follow it).
- Put the router in recovery mode: Press the reset button 10 seconds while your router boots.
- Go to
http://192.168.1.1/ and restore to tomato-K26USB-1.28.RT-N5x-MIPSR2-097-Tor-VPN-64K.trx.
NOW WAIT FOR THIS MESSAGE:
Receive file size=8081473
Upload completed. System is going to reboot.
Please wait a few moments.
The button power button will stop blinking when the upload is finished... Then you need to wait till the router reboots by itself... between 3 and 10 minutes. Just in case you don't want to wait starring at the router's leds: ping 192.168.1.1, if you got a reply then the router has rebooted and is up and running .
Once the router has rebooted, it will have some more configuration work to do, so be patient.
The router will then reboot once again (all leds will flash at the same time), this time the WiFi leds (2.4Ghz and 5Ghz) will be on... and if you scan your WiFi network you'll see Tomato24 and Tomato50 access points.
Step #2:
- Go to Tomato admin panel.
- Verify that we have 64KB of NVRAM:
Status -> Overview :
Total / Free NVRAM: 64.00 KB / 22.36 KB (34.94%)
This is where I finally stopped since upgrading to DD-WRT would not work, so I stuck with TomatoUSB.
TomatoUSB will work with OpenVPN and ibVPN.com service.
Once logged into the administration panel, go to Administration>JFFS
Considering your local subnet is 192.168.1.1 you should be able to click on these url's to bring up the pages.
If you're on a different subnet then append the url with your IP.
http://192.168.1.1/admin-jffs2.asp
Check "Enable" and then "Format/Erase".
Wait for the partition to format.
You're going to need an SSH client like Putty to get to the router's config.
The admin login is root.
The admin password is whatever you set it to in the TomatoUSB config.
http://192.168.1.1/admin-access.asp
Make sure you have the SSH Daemon running with "Allow Password Login" checked.
Open Putty and SSH to your router's IP.
Login with root/password.
Type or copy/paste these commands into the Putty terminal window in the following order. They will create the necessary files in the necessary locations:
Command: cd /jffs
Command: mkdir etc
Command: mkdir /etc/openvpn
Command: chmod 777 /jffs/etc
Command: chmod 777 /jffs/etc/openvpn
Command: cd /etc/openvpn
Command: echo "-----BEGIN CERTIFICATE-----
MIIDeDCCAuGgAwIBAgIJAMVKgpjMPUfxMA0GCSqGSIb3DQEBBQ UAMIGFMQswCQYD
VQQGEwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZyYW 5jaXNjbzEVMBMG
A1UEChMMRm9ydC1GdW5zdG9uMRgwFgYDVQQDEw9Gb3J0LUZ1bn N0b24gQ0ExITAf
BgkqhkiG9w0BCQEWEm1lQG15aG9zdC5teWRvbWFpbjAeFw0xMD A3MjExOTU5MzVa
Fw0yMDA3MTgxOTU5MzVaMIGFMQswCQYDVQQGEwJVUzELMAkGA1 UECBMCQ0ExFTAT
BgNVBAcTDFNhbkZyYW5jaXNjbzEVMBMGA1UEChMMRm9ydC1GdW 5zdG9uMRgwFgYD
VQQDEw9Gb3J0LUZ1bnN0b24gQ0ExITAfBgkqhkiG9w0BCQEWEm 1lQG15aG9zdC5t
eWRvbWFpbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAz2 3m3BXY5Asiw8Dx
T4F6feqsp+pIx6ivftTniyUCbSAxI1J1s1x75DzxmUpIwPu5xa vzgPXgZr8FT81X
JGqF9km4AE95iddJawKx0wNgdTo7GximQq9rw0dsQIB5hZZQ9T JwHC3VOnmEic5A
OawKOCybMcRs8saLakZOgh7Xc+UCAwEAAaOB7TCB6jAdBgNVHQ 4EFgQUeRhE2N4l
XwL4H1dbjkZ4ou6fj3AwgboGA1UdIwSBsjCBr4AUeRhE2N4lXw L4H1dbjkZ4ou6f
j3ChgYukgYgwgYUxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQT EVMBMGA1UEBxMM
U2FuRnJhbmNpc2NvMRUwEwYDVQQKEwxGb3J0LUZ1bnN0b24xGD AWBgNVBAMTD0Zv
cnQtRnVuc3RvbiBDQTEhMB8GCSqGSIb3DQEJARYSbWVAbXlob3 N0Lm15ZG9tYWlu
ggkAxUqCmMw9R/EwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQASt0pl
WzVseQLTNM8Mlgw4ZnGAv/x2xnijmMqrkE+F7pnaOicGpxgCfMKzjZuJu0TNJqF2
fibE7GhMdomD4dLFgIu8Wb5E7iQ1CSBEOGumRhK8qCsDzjr7WX UdhqA6Xvo+ylU6
DMzy0Wn3NNvfGC+qxOgybYCJwDnVPi0CEDSbzQ==
-----END CERTIFICATE-----" > /jffs/etc/openvpn/ibvpn.com.crt
Command: echo "#!/bin/sh
[ "$1" = "up" -o "$1" = "down" ] || (echo "No action specified." && exit 1 )
action="$1"
shift
[ -z "$1" ] && echo "Failed to specify table." && exit 1
table="$1"
shift
[ -z "$1" ] && echo "Failed to specify subnet." && exit 1
ip route flush table $table
for i in '^127\.' '^172\.31\.' '^192\.168\.'
do
ip route add $(ip route list|grep "$i") table $table 2>>/dev/null
done
[ "$action" = "down" ] && ip route add default via $route_net_gateway table $table
[ "$action" = "up" ] && ip route add default via $route_vpn_gateway dev $dev table $table
for subnet in $*
do
ip rule del from $subnet table $table 2>>/dev/null
[ "$action" != "up" ] || ip rule add from $subnet table $table
done" > /jffs/etc/openvpn/route.sh
Command: chmod ugo+rx /jffs/etc/openvpn/route.sh
Command: chmod +x /jffs/etc/openvpn/route.sh
This may seem redundant, but for some reason my first command did not work and I had connection issues. I had to make sure the file is executable so it does not hurt to type this command to make sure it is set properly.
Command: echo "<USERNAME>" > /jffs/etc/openvpn/auth1.txt
Command: echo "<PASSWORD>" >> /jffs/etc/openvpn/auth1.txt
Command: chmod 600 /jffs/etc/openvpn/auth1.txt
Note: That <USERNAME> should be your actual username. For ibVPN <USERNAME> is your e-mail address. <PASSWORD> should be your actual password.
Now, go to the administration panel in TomatoUSB under VPN Tunneling>OpenVPN Client
http://192.168.1.1/vpn-client.asp
Click "Client 1"
Go to "Basic" tab.
Follow these settings:
Start with Wan: not checked
Interface Type: TAP
Protocol: UDP
Server Address/Port: 172.234.43.202 1194 - This should be the server you want to connect to from the list here: (Use one of the listed IP addresses)
http://www.ibvpn.com/billing/knowled...ayarticle&id=4
Firewall: Automatic
Authorization Mode: TLS
Extra HMAC authorization (tls-auth): Disabled
Service is on the same subnet: not checked
Create NAT on tunnel: checked
Go to the "Advanced" tab.
Follow these settings:
Redirect Internet traffic: unchecked
Accept DNS configuration: Disabled
Encryption cipher: Use Default
Compression: Adaptive
TLS Renegotiation Time: -1
Connection retry: 30
There is a box for "Custom Configuration".
Copy/paste the following into this box, substituting the 192.168.1.0/24 with your subnet.
script-security 3 system
ca /jffs/etc/openvpn/ibvpn.com.crt
verb 3
mute 20
ns-cert-type server
fragment 1300
route-noexec
route-delay 2
redirect-private
auth-user-pass /jffs/etc/openvpn/auth1.txt
auth-nocache
reneg-sec 0
route-up "/jffs/etc/openvpn/route.sh up 1 192.168.1.0/24"
down "/jffs/etc/openvpn/route.sh down 1 192.168.1.0/24"
You should now be able to click the "Start Now" button and have your router connect to the VPN server.
Go to
http://www.ibvpn.com/
and see your ip address and location from the one you selected and entered in the Server Address/Port.
RT-N66U, how to configure VPN client for IBvpn ?
Linear Mode
