OVPN script

If you would like a plug and play router solution, visit the NordVPN Router section.

 

This tutorial shows how to connect a DD-WRT router to NordVPN servers via the OpenVPN protocol, using a script.

 

Tested on DD-WRT v24-SP2 (03/19/12) std – build 18777

1. Go to Administration → Commands in your router settings.

2. Paste this whole text to the Command box:

#!/bin/sh
USERNAME="YourNordVPNusername"
PASSWORD="YourNordVPNpassword"

PROTO="udp"
TUN="tun1"
REMOTE="remote 85.159.233.233 1194"

CA_CRT='-----BEGIN CERTIFICATE-----
MIIExzCCA6+gAwIBAgIJAIQgKiQRmISyMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD
VQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQMA4GA1UEChMH
Tm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEZMBcGA1UEAxMQbmw0Ny5ub3JkdnBu
LmNvbTEQMA4GA1UEKRMHTm9yZFZQTjEfMB0GCSqGSIb3DQEJARYQY2VydEBub3Jk
dnBuLmNvbTAeFw0xNjEyMTUxMzI5MTlaFw0yNjEyMTMxMzI5MTlaMIGdMQswCQYD
VQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQMA4GA1UEChMH
Tm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEZMBcGA1UEAxMQbmw0Ny5ub3JkdnBu
LmNvbTEQMA4GA1UEKRMHTm9yZFZQTjEfMB0GCSqGSIb3DQEJARYQY2VydEBub3Jk
dnBuLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANKnDD7yArdF
sGmfK1wHeGMQYhLCJKQkmHKp+DpyMrhqJFNWlkl1LbZu+qRuc1eyOuFBqOdAUCKY
1B8URdhfHVMcs+IlLNG50tfCgCXmWGLdQ3gOk5k2mA8ZBloJyIVnC26+Cj0Aki0j
/N/E5ond6/2VKkG2AR7k9TB2qPyMKlExga3o9nGxj/TYA/JNNMU3f6Izcsx3/Biq
oYpy/h7Ckqrlg6dccBGx6QdPEIYAlCZHWddkNrWA8r0h1HzdNuOO5wfCYLrRjECb
NoWAjSTG2EU12BNtsYu0G/EGxx2fF4F27HLN7Hh0EEx6Zh7VKotnozPzwuEAkABA
1l92wCAWM+0CAwEAAaOCAQYwggECMB0GA1UdDgQWBBTAMsO6FHhsL2alA5uzQxem
SR4CsjCB0gYDVR0jBIHKMIHHgBTAMsO6FHhsL2alA5uzQxemSR4CsqGBo6SBoDCB
nTELMAkGA1UEBhMCUEExCzAJBgNVBAgTAlBBMQ8wDQYDVQQHEwZQYW5hbWExEDAO
BgNVBAoTB05vcmRWUE4xEDAOBgNVBAsTB05vcmRWUE4xGTAXBgNVBAMTEG5sNDcu
bm9yZHZwbi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEWEGNl
cnRAbm9yZHZwbi5jb22CCQCEICokEZiEsjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3
DQEBBQUAA4IBAQBx7T8RQe5+MqjLwCvpmKD4II130cpWejO8GNFamjRHTLto8Fys
bKZHVX0JqmG2ps/7ypbpNvtVcYRwRNOfms7wDr1tmygrRg8Kydnp5kvNDyYzGWjJ
Tfuax9jcht4Uqxx1hDWlY/DF/+i6+Rn4+0OtHSbbls3RamtOUR/rvVLk9N8LO8J5
yNFQH2F4SD6EqbMV1R69dDKe/9TCFG1CbcZg6slD2cwbaMO7WTmzYpVtkFP1rOX7
BWL0aAT4/q0jwjoaq31Lnm2d1Cu7zOgrvLi39Lt0sRZ6Sqj5evnJ2SMruoBeqUiC
260tamxTFnA0NrCo578JAZC1k9UF3/GWwVKZ
-----END CERTIFICATE-----'

TLS_AUTH='-----BEGIN OpenVPN Static key V1-----
7ebced42abcaa86981fae997026bf1b8
934a6a01f0b679dc23b890717a508a6c
263fe6663e33edf987d4ba5ed8146701
a35e71213fd9fd7ba02caf64bb1527d6
182ea79158b809c2016b83652e473c26
895a581a4aff4a63b7069228d28d5c5b
d827ec675dad94dae2ac7066ffdff1fe
143f3494dfa4473aaca055af86ef3028
123c247eb0bb9fc72d34a794dcce2db4
4906dfdba554d79423ca1e8f86d35e8e
449fe28e8898064cc91ddec802e526bb
ea49f64973f8c61ee36f45a2315baac8
b52bea5f9a760ac8215fdce272c14743
d4ab8dd5a4826818dc2093c0d9db2f64
5aaccd9ed6d8f1e078f9e435b45ea373
5ced080d87ac70d9555e2fd95ae452ed
-----END OpenVPN Static key V1-----'

#### Don't modify below here ####

#### Ensure gui client disabled ####
if [ `nvram get openvpncl_enable` != 0 ]; then
nvram set openvpncl_enable=0
nvram commit
sleep 10
fi

mkdir /tmp/vpncl; cd /tmp/vpncl

echo -e "$USERNAME\n$PASSWORD" > userpass.txt

echo "#!/bin/sh
iptables -t nat -I POSTROUTING -o $TUN -j MASQUERADE" > route-up.sh

echo "#!/bin/sh
iptables -t nat -D POSTROUTING -o $TUN -j MASQUERADE" > route-down.sh

echo "$CA_CRT" > ca.crt
echo "$TLS_AUTH" > tls-auth.key
sleep 10

echo "client
dev $TUN
proto $PROTO

$REMOTE
resolv-retry infinite
nobind

tun-mtu 1500
tun-mtu-extra 32
mssfix 1450

persist-key
persist-tun
keepalive 5 30

comp-lzo
mute 20
verb 3
log-append vpn.log
fast-io

auth-user-pass userpass.txt
script-security 2
remote-cert-tls server
cipher AES-256-CBC

ca ca.crt
tls-auth tls-auth.key 1

daemon" > openvpn.conf

chmod 600 ca.crt tls-auth.key userpass.txt openvpn.conf; chmod 700 route-up.sh route-down.sh

(killall openvpn ; openvpn --config openvpn.conf --route-up /tmp/vpncl/route-up.sh --down-pre /tmp/vpncl/route-down.sh) &

exit 0

3. Instead of YourNordVPNusername type your VPN account username.

4. Instead of YourNordVPNpassword type your VPN account password.

5. Click the Save Startup button.

6. Go to Administration → Management and click the Reboot Router button at the bottom of the page.

7. Once the router is rebooted wait for a minute. This tutorial is made for the connection to the Dutch #47 server (nl47).

8. If you wish to set up the connection for another server you need to change this line to the one of the server you wish to connect:

remote 85.159.233.233 1194 (server host address);

Ca and TLS certificates; (You can download them from here.)

Reboot the router after changes.

——————————————

One of our user has created a NordVPN guide for setuping your DD-WRT router. You may try this tutorial if our script does not work on your router.

There is another script which helps our users connect their DD-WRT routers to NordVPN. Here is the download link.