Openvpn client on ddwrt

sajansen

I have pfsense setup as openvpn server with a few users. everything works fine but i was trying to setup a DDWRT router to connect to openvpn.

what i want to do is to be able to plug in a internet source to the wan port and have everything connected to the router be pushed over the openvpn connection.
what i cant figure out is how to setup the ddwrt side of things… i need a few certificates that i cant seem to get?

if someone has done this before then i would like some tips on what settings i need to set to get this working.

I am using a Linksys E4200 with Firmware: DD-WRT v24-sp2 (06/07/14) kingkong
pfsense: 2.3.2-RELEASE-p1 (amd64)

I also have a question about the ip range pfsense uses... is it possible to set it to use the LAN ip range and subnet (not overlapping ofcource) for some aplications i want to use i need to be in the same subnet and ip range...

thans in advance :)
Sander

imaginary_number

Not exactly sure I understand all of your questions, take this with a grain of salt.

You can set the IP address on any interface and define what subnet it uses. By default it uses 192.168.1.1/24 on the LAN interface and DHCP on the WAN interface (unless you set something else) but you can set whatever whenever. It is controlled under "Interfaces". You can also add additional IP addresses to an interface (Virtual IPs, under "Firewall"), but read about it before trying it, not normally something people need.

I looked at this for what DD-WRT's OpenVPN client looks like; haven't used it in awhile: https://www.privateinternetaccess.com/pages/client-support/dd-wrt-openvpn

I can't imagine what certificates you might be having trouble getting? It looks pretty straightforward. I'm assuming the pfSense is the server and the DDWRT router is the client, wanting to connect from somewhere to your pfSense, and you want to route all traffic on its LAN through the tunnel. You may want to set me straight if that's totally wrong. This is typically a site-to-site tunnel (pfSense calls it Peer-To-Peer I believe) rather than Remote Access your individual users are probably using.

sajansen

The whole IP thing was ment for steam specifically… to try and get the home-streaming thing to work with a steam link. then everything needs to be in the same subnet and ip range... what i have now is that my LAN network is in: 1.1.1.0/24 and openvpn on 1.1.4.0/24 so steam doesnt find the other computers... but for now that would be problem 2... first i would like to be able to at leats connect so im going to try to follow the tutorial you linked.

I cant get all the information... for example i cant find where i need to fill in username and password...it just asks for certificates:
TLS Auth Key
PKCS12 Key
Static Key
CA Cert
Public Client Cert
Private Client Key

I have added a screenshot that may help...

![Schermafdruk 2017-01-06 10.09.28.png](/public/imported_attachments/1/Schermafdruk 2017-01-06 10.09.28.png)
![Schermafdruk 2017-01-06 10.09.28.png_thumb](/public/imported_attachments/1/Schermafdruk 2017-01-06 10.09.28.png_thumb)

sajansen

I just upgraded to advanced tomato version. everything seems fine settings wise but still i need 3 certificates: CA, Client certificate and a Client key… when i do a export from pfsense i get just one certificate... how can i get the other ones?