Post by Admin on Apr 22, 2018 7:40:50 GMT
Hit www.privateinternetaccess.com/pages/buy-vpn/bry to set up Private Internet Access (PIA) OpenVPN on DD-WRT Router today! Learn more?
By default, DD-WRT may use your ISP's DNS servers using DHCP. For privacy reasons, we'll instead configure DD-WRT to explicitly use alternate DNS servers. The below servers are provided as an example, you can use any Public DNS service you would prefer, such as Google DNS (8.8.8.8 and 8.8.4.4), OpenDNS (208.67.222.222 and 208.67.220.220), Level 3 (209.244.0.3 and 209.244.0.4), or you can use a combination to fill in the 3 Static DNS fields.
You can find PIA's CA Certificate@ www.privateinternetaccess.com/openvpn/ca.rsa.2048.crt , which will be useful later.
In the DD-WRT Administrative Interface, navigate to Setup > Basic Setup.
(from: DD-WRT)
Under Network Address Server Settings (DHCP), set:
Static DNS 1 = 4.2.2.1
Static DNS 2 = 4.2.2.2
Static DNS 3 = 4.2.2.3
Use DNSMasq for DHCP = Checked
Use DNSMasq for DNS = Checked
DHCP-Authoritative = Checked
Save and Apply Settings.
To Disable IPv6, Navigate to Setup > IPV6
Set IPv6 to Disable, then Save & Apply Settings.
Disable IPv6
To Enable Local DNS, Navigate to Services > Services
If there is a DNS Suffix, remove that
Under DHCP Server, Set Used Domain to LAN & WLAN
Under DNSMasq Ensure that DNSMasq, Local DNS, and No DNS Rebind are all enabled.
Save & Apply Settings.
Navigate to Service > VPN
Under OpenVPN Client, set Start OpenVPN Client = Enable. Other options will appear.
Set Advanced Options to Enable, More options will appear.
Set the following:
Server IP/Name = us-california.privateinternetaccess.com [*]. Or if you prefer to use a specific location, You can find the full list of locations here: www.privateinternetaccess.com/pages/network
Port = 1198
Tunnel Device = TUN
Tunnel Protocol = UDP
Encryption Cipher = AES-128-CBC
Hash Algorithm = SHA1
User Pass Authentication = Enable
Username, Password = Your PIA username & password
TLS Cipher = None
LZO Compression = Yes
NAT = Enable
In Additional Config, Type:
persist-key
persist-tun
tls-client
remote-cert-tls server
Download the file www.privateinternetaccess.com/openvpn/ca.rsa.2048.crt
Right-Click the ca.rsa.2048 file, and Choose Open With, Then choose Notepad
Highlight the full contents of the ca.rsa.2048 file by pressing Ctrl+A then copy with Ctrl+C
In DD-WRT, Paste, (Ctrl+P) the contents in the CA Cert field. Be sure the entire text gets pasted in, including "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----".
Save and Apply Settings
To Verify the VPN is Working, Navigate to Status > OpenVPN
Under State, you should see the message "Client: CONNECTED SUCCESS"
You can find PIA's CA Certificate@ www.privateinternetaccess.com/openvpn/ca.rsa.2048.crt , which will be useful later.
In the DD-WRT Administrative Interface, navigate to Setup > Basic Setup.
(from: DD-WRT)
Under Network Address Server Settings (DHCP), set:
Static DNS 1 = 4.2.2.1
Static DNS 2 = 4.2.2.2
Static DNS 3 = 4.2.2.3
Use DNSMasq for DHCP = Checked
Use DNSMasq for DNS = Checked
DHCP-Authoritative = Checked
Save and Apply Settings.
To Disable IPv6, Navigate to Setup > IPV6
Set IPv6 to Disable, then Save & Apply Settings.
Disable IPv6
To Enable Local DNS, Navigate to Services > Services
If there is a DNS Suffix, remove that
Under DHCP Server, Set Used Domain to LAN & WLAN
Under DNSMasq Ensure that DNSMasq, Local DNS, and No DNS Rebind are all enabled.
Save & Apply Settings.
Navigate to Service > VPN
Under OpenVPN Client, set Start OpenVPN Client = Enable. Other options will appear.
Set Advanced Options to Enable, More options will appear.
Set the following:
Server IP/Name = us-california.privateinternetaccess.com [*]. Or if you prefer to use a specific location, You can find the full list of locations here: www.privateinternetaccess.com/pages/network
Port = 1198
Tunnel Device = TUN
Tunnel Protocol = UDP
Encryption Cipher = AES-128-CBC
Hash Algorithm = SHA1
User Pass Authentication = Enable
Username, Password = Your PIA username & password
TLS Cipher = None
LZO Compression = Yes
NAT = Enable
In Additional Config, Type:
persist-key
persist-tun
tls-client
remote-cert-tls server
Download the file www.privateinternetaccess.com/openvpn/ca.rsa.2048.crt
Right-Click the ca.rsa.2048 file, and Choose Open With, Then choose Notepad
Highlight the full contents of the ca.rsa.2048 file by pressing Ctrl+A then copy with Ctrl+C
In DD-WRT, Paste, (Ctrl+P) the contents in the CA Cert field. Be sure the entire text gets pasted in, including "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----".
Save and Apply Settings
To Verify the VPN is Working, Navigate to Status > OpenVPN
Under State, you should see the message "Client: CONNECTED SUCCESS"