DDWRT OpenVPN Configuration From Mac OS X And IOS

Like many projects dealing with computers the people that write them assume we know more than we do. This is me dumbing down things a bit.

I have a WRT1900ACS router that I installed DDWRT on and wanted to run an OpenVPN server. It is really not all that easy, that is until you put all the steps in one place.

That is mostly done here

This page is nearly perfect. I followed the Mac directions. Download Easy RSA and literally cut and paste the commands on the page. Follow the directions carefully. It was generate client and server cert files.

Then go to this page and carefully follow the directions to set up the server in DDWRT and your Mac client software called Viscosity It costs $9 and it is worth it. It has a trial version as well if you just want to configure things and use an iPhone or iPad.

I cannot write the directions any better than those previous two pages so you need to follow those directions.

Now here is the fun part.

That configuration ONLY lets you hook up to your local network. I want to access this anywhere. First you need to be able to find your router from anywhere in the world. To do that you need to configure DDNS.

First go to Noip.com and set up a hostname. I selected my last name which gave me an address of hagensieker.ddns.net.

You'll have to set up a DDNS configuration which will give you username and password.

Now go to DDWRT click the SETUP tab and then DDNS. Fill out your NOIP information


You'll notice I have some Status entries that look alarming. This router wasn't hooked to the internet when I did this so it was looking for my host and couldn't find it. Notice the first couple entries are fine. It works fine.
Stacks Image 45762
Now you can always find hagensieker.ddns.net (or better yet, your DDNS hostname) wherever it is on the internet.

Go back to your Viscosity Preferences and change your IP address they had you put in here to your hostname like so
Stacks Image 45766
Now you need to let DDWRT forward your port to your server or it won't work from outside your network. Do it from DDWRT page NAT/QOS > Port Forwarding like so then Apply Changes.
Stacks Image 45770
So now it should all be working. Here's the really fun part. My mac computer is working, now I want it to work from my IOS devices. Go to Viscosity > Preferences and then click the settings wheel at the bottom and Export Connection
Stacks Image 45774
Save it wherever you want and then right click on it and select Show Package Contents.
Stacks Image 45778
Now you can change the name of the .visc file (if you want) now change the extension to .ovpn by right clicking and changing it in Get Info
Stacks Image 45782
Make sure you have the OpenVPN Connect app on your IOS device. It's a free download. Connect your iPad to your Mac and open iTunes, navigate to your device then select apps. Scroll down to OpenVPN and then drag those four files into the OpenVPN file area.
Stacks Image 45788
It will transfer the files to your device on the next sync. Now when you open the OpenVPN Connect app on your IOS device it will tell you there is a new configuration to import.

Import it and connect.

BAM! You did it. Should work from anywhere. Note that I am on my cellular network in the picture below outside my LAN.
Stacks Image 45792
I noticed I had a Split VPN which means when I talk to my home network computers I'm tunneled safely but when I'm on the internet I'm still using FREE HOUSTON WI-FI unsafely.

Add the following two lines to the Additional Config for the server on DDWRT

push "redirect-gateway def1"
push "dhcp-option DNS"

Then apply changes
Stacks Image 47188
Now click in viscosity preferences on your connection and go to the Network tab and click "Route All Traffic Through VPN" check box.
Stacks Image 47192
Now this will slow your internet connection down noticeably (maybe) however you are now completely safe.

My advice to you. If you're on CNN.com just surf off the unsafe wifi. If you're banking, on Facebook or doing anything personal……use your VPN.