Installing OpenVPN on a DIR-320 router
So I’ve got some semipermanent office space in Indooroopilly, and thought it would be nice to be able to transparently VPN into the various machines I have running at home.
So I picked up a D-Link DIR-320 for $22 at umart, which I intend to run at the remote office:
The DIR-320 doesn’t have OpenVPN capabilities out-of-the-box, but you can install a custom firmware on it which will give it these features. (Yes, I know I could run the OpenVPN client on the remote machines, but having it running on the router will allow any device connected to the router to be able to see the machines I have at home, which may turn out to be useful).
There are various pages over the internet which are useful here, but none of them contained all the information I needed, so here’s a quick list of the steps involved in getting OpenVPN running on the router:
What you need to do is:
- Decide to use DD-WRT, as opposed to the OpenWRT or Tomato firmwares.
- Alter your registry so that your network stack doesn’t attempt to detect DHCP on the network when a LAN cable is plugged in. (The time window to update the firmware on the DIR320 only lasts for a second or two, and if your network is doing DHCP initialisation, then you miss this window of opportunity). You can do this by running the following
DisableDHCPMediaSense.regfile, or entering the value manually in regedit.
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] "DisableDHCPMediaSense"=dword:00000001
- After updating the registry, reboot your PC
- Open up the Network Connections dialog, (Start -> Control Panel -> Network), right-click on your ethernet network connection and click ‘Properties’. In the TCP/IP protocol settings for your connection, set your IP address to
192.168.0.2and remove any DNS servers (remember to write down a copy of your settings first, so you can set it back later on).
- Go to the DD-WRT router database at http://www.dd-wrt.com/site/support/router-database . Type
DIR-320into the search box, and download both the latest “Micro Generic” and the “VPN Generic” firmwares (the micro firmware needs to be installed first via TFTP, after which you can use the Web user interface to install the larger firmware)
- Make a copy of the file containing the micro firmware, and rename it as
- Download nircmdc.exe from http://www.nirsoft.net/utils/nircmd.html and place it in the same folder as the firmware
- Create a
dir320-install.cmdbatch file in the same folder as the firmware containing the following code:
for /L %%a in (1, 1, 10) do (nircmdc.exe wait 500 start cmd.exe /k tftp -i 192.168.0.1 put firmware.bin )
- Open up a command window (Start -> Run… ->
cdto the firmware folder. Type
dir320-install.cmd, but don’t press Enter just yet. Connect the router to your PC (by connecting the LAN1 port on the router directly to the ethernet port on your PC), then hold down the ‘reset‘ button on the back (I used a toothpick) whilst turning it on (i.e. plugging in the power jack).
- At the same time as turning on the router, run the
dir32-install.cmdscript. It will attempt to TFTP the firmware onto the router ten times in succession; only one of which will actually work (this will be the window containing the text similar to
Transfer successful: 1769472 bytes in 7 seconds, 25781bytes /s
- If the firmware transferred successfully, then wait a few minutes and restart the router. If it didn’t, turn off the router and go back to step 9 and try the transfer again.
- Log onto the router by pointing your browser at http://192.168.1.1, and then upgrade to the VPN Generic firmware (Administration -> Firmware Upgrade).
- Don’t forget to reenable DHCP by deleting the registry entry you created in step 2, and set your TCP/IP settings back to their original values from step 4, and restart your PC again.
So there you go. Easy. Now all you have to do is configure the thing 🙂