الخاص بك: Unknown · حالتك: غير محمي محمي

OpenVPN

This tutorial explains how to connect your Padavan firmware router to NordVPN using the OpenVPN protocol.

First things first, these changes are made in the web configuration panel of your router. You can access it by visiting the local IP of your router from your web browser. The two most common, default local IPs that most routers have are 192.168.1.1 or 192.168.0.1 – you can access these by opening http://192.168.1.1 or http://192.168.0.1 in your browser. The default IP, username and password are listed in your router’s User Manual.

1. Please access your router and navigate to VPN Client -> Settings tab.

2. Select Enable VPN Client and fill in the fields as follows:

Remote VPN Server (IP or DNS host): for the sake of the tutorial, we have used se22.nordvpn.com, but you should connect to a server suggested to you at https://nordvpn.com/servers/tools/ . You can find the server hostname right under the server title.

Login: Your NordVPN Username
Password: Your NordVPN Password
Authentication Algorithm: SHA-512
Encryption Cipher Algorithm: AES-256-CBC
Enable LZO for Data Compression: Disable

Open the OpenVPN Extended Configuration menu and paste the following code block:

remote-cert-tls server
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping-timer-rem
reneg-sec 0
# log /tmp/vpn.log
### Syslog verbose level
verb 3
mute 10

3. Press Apply and then select OpenVPN Certificates & Keys

Copy our servers CA certificate into ca.crt field and Static Key into ta.key field. You can download these certificates and keys using this link: https://downloads.nordcdn.com/configs/archives/certificates/servers.zip

4. After connecting to our service you should make your changes permanent. You can do it in three ways:

• Run in console command "mtd_storage.sh save";
• On the page Advanced Settings -> Administration -> Settings press button "Commit" to the right of the item "Commit Internal Storage to Flash Memory Now";
• Reboot router by pressing the Reboot button to the right of "Logout" button.

5. You should also use NordVPN DNS servers to protect against DNS leaks. You can see the setting in the image below:

Optional Kill Switch set up (for advanced users):

To prevent traffic leakage in case VPN-tunnel drops you should edit the contents of item "Run the Script After Connected/Disconnected to VPN Server" in the VPN Client:

peer_lan="192.168.9.0"
peer_msk="255.255.255.0"
func_ipup()
{
if iptables -C FORWARD -j REJECT; then
iptables -D FORWARD -j REJECT
fi return 0
}
func_ipdown()
{
if (! iptables -C FORWARD -j REJECT); then
iptables -I FORWARD -j REJECT
fi return 0
}
logger -t vpnc-script "$IFNAME $1"
case "$1" in
up) func_ipup ;;
down) func_ipdown
;;
esac

You should also block traffic until the tunnel is up. To do that please navigate to Advanced Settings -> Customization -> Scripts and put in these lines under "Run After Firewall Rules Restarted":

if [ -z "$(ip a s tun0 | grep 'state UP')" ] && (! iptables -C FORWARD -j REJECT); then
iptables -I FORWARD -j REJECT
fi

Now you should make your changes permanent in the same way, as shown in Step 4.