How can we help you?

DD-WRT Setup via Script

DD-WRT is a custom firmware for routers, it offers OpenVPN, L2TP and PPTP protocol support and is available on a wide variety of routers. You can check if your router supports DD-WRT firmware here . An article how to install DD-WRT firmware on a router can be found here .

This tutorial shows how to connect a DD-WRT router to NordVPN servers via the OpenVPN protocol, using a script.
 

Tested on DD-WRT v24-SP2 (03/19/12) std – build 18777

1. Go to Administration → Commands in your router settings.

2. Paste this whole text to the Command box:

#!/bin/sh
USERNAME=""
PASSWORD=""

PROTO="udp"
TUN="tun1"
REMOTE="remote 38.132.111.190 1194"

CA_CRT='-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIJALvSMaZkTqL3MA0GCSqGSIb3DQEBCwUAMIGfMQswCQYD
VQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQMA4GA1UEChMH
Tm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEbMBkGA1UEAxMSdXMxMDE5Lm5vcmR2
cG4uY29tMRAwDgYDVQQpEwdOb3JkVlBOMR8wHQYJKoZIhvcNAQkBFhBjZXJ0QG5v
cmR2cG4uY29tMB4XDTE3MTAxODE2MzYxMVoXDTI3MTAxNjE2MzYxMVowgZ8xCzAJ
BgNVBAYTAlBBMQswCQYDVQQIEwJQQTEPMA0GA1UEBxMGUGFuYW1hMRAwDgYDVQQK
EwdOb3JkVlBOMRAwDgYDVQQLEwdOb3JkVlBOMRswGQYDVQQDExJ1czEwMTkubm9y
ZHZwbi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEWEGNlcnRA
bm9yZHZwbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0wvlR
QsN3qzD8qBNV4Lc1zOTfdBZ7fhtA/uuTz3E3s04fmFc4lLnlBxkQ4JdLX4o0zV5q
k6ac1hQ4+8j4fnNay+N0imef/1XKlg6lrnD2/uoQYzs1lbdGBjxh53B6/Uq4X34q
WVt5lrSnRfXwJtVG/rK/9OH7zq2whle59kxOrygXeHE/jaP07B5XCAy3r82VxMIC
KP7b0dnUFwp7gbLW0RMTbyblMowJsjQfh0Agqwyw4ye5zMqdL//zKO6dQ5hdDy17
pwZR+6fXFxsxryQPDuh6ExTnNAvyWEn6Eetjet3wlTpJwDR2CmdlLjVp6NeZ4M7A
dIDYUUHmBnEJ0SypAgMBAAGjggEIMIIBBDAdBgNVHQ4EFgQUf+YTRBRDRccEnHS/
+b10HXSEn6cwgdQGA1UdIwSBzDCByYAUf+YTRBRDRccEnHS/+b10HXSEn6ehgaWk
gaIwgZ8xCzAJBgNVBAYTAlBBMQswCQYDVQQIEwJQQTEPMA0GA1UEBxMGUGFuYW1h
MRAwDgYDVQQKEwdOb3JkVlBOMRAwDgYDVQQLEwdOb3JkVlBOMRswGQYDVQQDExJ1
czEwMTkubm9yZHZwbi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0B
CQEWEGNlcnRAbm9yZHZwbi5jb22CCQC70jGmZE6i9zAMBgNVHRMEBTADAQH/MA0G
CSqGSIb3DQEBCwUAA4IBAQCQHdgGncjrSSifMpZAIQB38E2dciucX5dGtPOLqlSn
Ad0GNKMntO0YfbSfgqG6PnES7vzmFvsvwFbNJ9V7r4w2ErlDSnkCggk7WgPAZte6
R1SJgOYJSXlA1oLP+4F1uM8CN2qwtaujyHEoYxam+lCqbuwoY8buNCmCVoARGppA
oBhg2C7giJVbi+bBK8Rap6Q7/FGZ43joKyMX6n0NnC4wLzoEeg9Rl30c//Yo5OGZ
+A4mFP1fAV97CXUhLijKrSqdK7UYxj9eXd2H06Cg/2IwXUV9ROf3YgRm095VC7us
MfRd9YHaxxuBdBnJ2Rsk5q/JZatG7isZwfFLWlQS9eiY
-----END CERTIFICATE-----'

TLS_AUTH='-----BEGIN OpenVPN Static key V1-----
3f0caf14b74143b1f704cf87c160b27c
6214d16c712c66f1c387e888176f50c4
8afdee9386ce38a87825ddf9a7eea2dc
f36572969bc1c37e6b9d4c279e69da96
3cc3c606dd70b83f78e34e7bd66b86e6
755a88a4fc3c129d018bfe704c9d387b
69eb293f150aa0a7ad69bc328099ce76
43bf4df8c8586ddcdb639e7fe301ac6a
b13f6a9558f5482ab50b4493b1739e7d
4512e0adedca74254baf5ae8023e70b6
dba8929dfd9ed288aba1114f13014696
8c268df506a3977b6d8db067a54592ba
e7c54eea57d0a001f01b4f479677369e
7da3bcf8bd6a14a35a85960fee0b8d90
a2d7402b3fd798bd79cf33b4c2bfb34f
4ea5ef59a2a0771ac909fa37b0e5357d
-----END OpenVPN Static key V1-----'

#### Don't modify below here, except the "auth sha512" line ####

#### Ensure gui client disabled ####
if [ `nvram get openvpncl_enable` != 0 ]; then
nvram set openvpncl_enable=0
nvram commit
sleep 10
fi

mkdir /tmp/vpncl; cd /tmp/vpncl

echo -e "$USERNAME\n$PASSWORD" > userpass.txt

echo "#!/bin/sh
iptables -t nat -I POSTROUTING -o $TUN -j MASQUERADE" > route-up.sh

echo "#!/bin/sh
iptables -t nat -D POSTROUTING -o $TUN -j MASQUERADE" > route-down.sh

echo "$CA_CRT" > ca.crt
echo "$TLS_AUTH" > tls-auth.key
sleep 10

echo "client
dev $TUN
proto $PROTO

$REMOTE
resolv-retry infinite
nobind

tun-mtu 1500
tun-mtu-extra 32
mssfix 1450

persist-key
persist-tun
keepalive 5 30

mute 20
verb 3
log-append /tmp/vpn.log
log /tmp/nord.log
fast-io

auth-user-pass userpass.txt
script-security 2
remote-cert-tls server
cipher AES-256-CBC
#some of our servers are using sha1 and in this case you should comment the line below

auth sha512

ca ca.crt
tls-auth tls-auth.key 1

daemon" > openvpn.conf

chmod 600 ca.crt tls-auth.key userpass.txt openvpn.conf; chmod 700 route-up.sh route-down.sh

(killall openvpn ; openvpn --config openvpn.conf --route-up /tmp/vpncl/route-up.sh --down-pre /tmp/vpncl/route-down.sh) &

exit 0

3. Instead of YourNordVPNusername type your VPN account username.

4. Instead of YourNordVPNpassword type your VPN account password.

5. Click the Save Startup button.

6. Go to Administration → Management and click the Reboot Router button at the bottom of the page.

7. Once the router is rebooted wait for a minute. This tutorial is made for the connection to the United States #1019 server (US1019).

Server IP/Name = For the sake of the tutorial, we have used us1019.nordvpn.com, but you should connect to a server suggested to you at  https://nordvpn.com/servers/tools/ . You can find the server hostname right under the server title.

8. If you wish to set up the connection for another server you need to change this line to the one of the server you wish to connect:

remote 38.132.111.190 1194 (server host address);

CA and TLS certificates; (You can download them https://downloads.nordcdn.com/configs/archives/certificates/servers.zip )

Reboot the router after changes.

Related Articles

© Copyright 2019 all rights reservedSelf-service by