How to Setup Tomato PPTP

flashing instructions with ASUS RT-N16 There is an official tutorial for installing Tomato firmware on Asus routers: http://tomatousb.org/tut:installing-on-asus-rt-n16 And below you'll find usermade instructions for this purpose: At this point you still have the original firmware on your router installed. First you need to install the DD-WRT firmware to be able to flash Tomato firmware later. E.g. install dd-wrt.v24-15778_NEWD-2_K2.6_mini_RT-N16.trx using the webconfiguration of the router. Now your router is flashed with DD-WRT firmware. Now do a hard reset (30-30-30). Change the .trx suffix [tomato-K26USB-1.28.9054MIPSR2-beta-vpn3.6.trx] to .bin [tomato-K26USB-1.28.9054MIPSR2-beta-vpn3.6.bin]. Use the DD-WRT webconfiguration to flash the Tomato Firmware onto the router. Do a hard reset (30-30-30) Perform a thorough NVRAM erase (Administration > Configuration: Restore Default Configuration) by selecting [Erase all data in NVRAM memory (thorough)]. Make sure to click OK. Set the routers IP address similar to your gateway router/DSL modem (e.g. if gateway is 192.168.0.1, set the router to 192.168.0.2 or 192.168.1.1) (Basic > Network: LAN) Set the IP Address Range accordingly. Click Save. Click Reboot. Note: You must first install DD-WRT firmware before you can flash Tomato firmware. Flashing Tomato firmware over a router original firmware will most likely not work. Tomato related links: Tutorials index: http://tomatousb.org/tutorials Tomato FAQ: http://www.polarcloud.com/tomatofaq Tomato links: http://tomatousb.org/links Tomato firmware download: http://tomatousb.org/download
Tomato OpenVPN Setup Please open Tomato WebConfig by navigating to http://192.168.1.1/ in your browser. Please proceed to Administration > Scripts and enter the following command: echo USERNAME > /tmp/userpass.conf echo PASSWORD >> /tmp/userpass.conf chmod 600 /tmp/userpass.conf Replace the “USERNAME” and “PASSWORD” with your account details. (the same that you use to login to the VPN control panel @ http://vpn.hidemyass.com ) Press “Save” Please proceed to VPN Tunneling > Client > Basic In the basic settings do the following: Start with WAN: Check Interface Type: TUN Protocol: Choose between TCP and UDP Server IP address/Port: Enter the IP address of the server you wish to connect to (e.g. you can use the IPs from the bottom of the config files at http://hidemyass.com/vpn-config/ - or use the "PPTP servers" list from the VPN control panel, they're the same servers.) Port: For UDP enter 53 and for TCP 443 Firewall: Automatic Authentication mode: TSL Extra HMAC Authorisation: Disabled Create NAT on tunnel: check Press “Save” You may proceed to VPN Tunneling > Client > Advanced Use the following settings: Poll interval: 0 Redirect traffic: Uncheck Accept DNS configuration: Disabled Encryption cipher: BF-CBC Compression: Disabled TSL Regeneration Time: -1 Connection retry: 30 (or you may set -1 for infinite) In Custom Configuration please enter the following: ns-cert-type server auth-user-pass /tmp/userpass.conf Press “Save” You may proceed to VPN Tunneling > Client > Keys In Certificate Authority please enter the content of “ca.crt” In Client Certificate please enter the content of “hmauser.crt” In Client Key please enter the content of “hmauser.key” (you can get all those files from http://hidemyass.com/vpn-config/keys/ ) Press “Save” Your router is configured for OpenVPN. You may proceed to VPN Tunneling > Client > Status Simply press the “Start Now” button to connect. If you are successfully connected you should see something like this: Well done, you have configured your router for OpenVPN.

How to configure HMA OpenVPN on a OpenWRT router

This tutorial assumes that you have OpenWRT with the luci webif (web interface) installed. Visit OpenWrt.org for more information.

I know most of you are Windows users, So I wrote this tutorial assuming you are using Windows OS.

log into the luci webif
go to system->software
click "Update package lists"
paste "luci-app-openvpn" into the "Download and install package" box and click "OK"



While still in the luci webif
go to Network->Interface
type "vpn" in the box and click "Add entry"



Protocol: none
Bride interface: unchecked
Interface: tun0 (drop down menu then select custom and type in "tun0")
Create / Assign firewall-zone: wan



Download the vpn-config.zip from here:
http://hidemyass.com/vpn-config/vpn-config.zip

Extract the contents of the vpn-config.zip to a new folder of your choosing. I extracted mine to a folder called vpn-config which is on my Desktop. Inside my new folder named vpn-conf are many *.ovpn config files and a "keys" folder containing 3 key files (ca.crt, hmauser.crt, and hmauser.key)

The *.ovpn config file I'm going to choose for this example is:

Russia.Moscow.ovpn

Choose the one that is best for you.

For convenience, move your *.ovpn config file to your keys folder. In this case, it's the Russia.Moscow.ovpn I am moving.

Now we are going to be creating and editing text files. We need a text editor that is capable of saving text files in UNIX file format. In other words Do NOT use windows notepad or word-pad. I would recommend using “TextPad” or "NotePad PlusPlus".

You can download TextPad from here:
ftp://download.textpad.com/pub/textpad5.4/txpeng542.exe

Using "TextPad" or similar create a new text file and put your user-name in line 1 and your pass in line 2 and save it as "pass.txt". Make sure you choose UNIX file format when saving!! (See Screen Shot Below) Put the pass.txt in your keys folder as well.



Using "TextPad" or similar edit your *.ovpn file, In this case, it's the Russia.Moscow.ovpn

edit the line

"auth-user-pass"

and change it to

"auth-user-pass ./pass.txt"

also edit the lines

ca ./keys/ca.crt
cert ./keys/hmauser.crt
key ./keys/hmauser.key

to

ca ./ca.crt
cert ./hmauser.crt
key ./hmauser.key



Inside your keys folder you should now have the following files:

ca.crt
hmauser.crt
hmauser.key
Russia.Moscow.ovpn (or whatever vpn server config you choose)
pass.txt

Next download WinSCP from here:
http://winscp.net/download/winscp433setup.exe

Launch WinSCP

Host name: your router's ip (it's 192.168.1.1 unless you changed it)
Port number: 22
User Name: root
Password: your password to your router
Private key file: just leave it blank
File protocol: SCP



Click "Login" (Ignore the error about user groups.)

Using WinSCP transfer your:

ca.crt
hmauser.crt
hmauser.key
Russia.Moscow.ovpn (or whatever vpn server config you choose)
pass.txt

to the

/etc/openvpn directory of your router.

I find it is easiest to just drag and drop while using WinSCP.



Now it's time to run the hma vpn service on the router. We do this by issuing commands via the SSH protocol.

I would recommend the SSH client puTTY.

Download puTTY from here:
http://the.earth.li/~sgtatham/putty/late.../putty.exe

Launch puTTY,

Host Name: your router's ip (192.168.1.1 unless you changed it)
Port: 22
Connection type: SSH

Click "Open"

login as: "root"
enter your routers password



In the puTTY terminal type:

cd /etc/openvpn/
openvpn --config Russia.Moscow.ovpn (change this to the *.opvn you choose)

Your vpn service should now be up and running. YOU MUST GET THE "Initialization Sequence Completed" message before proceeding!!



If you didn't get the Sequence Completed" message, you made a mistake while editing your *.opvn file. Find the mistake and fix it.

Test your connection:

Open a web browser and go to a web site. http://www.google.com for example.

If it works, your done

If not.... (and I'm betting not) See below...

Trouble Shooting:

If you go to http://www.google.com and you get a web site not found error, try typing 64.233.169.91 into the address bar instead. If the Google page now comes up, you have a DNS problem. (like I did.)

The easiest way I have found to fix the DNS problem is to go here:
http://theos.in/windows-xp/free-fast-pub...rver-list/

(Tip: Ctrl+C to stop vpn or reboot router so you can go to the above public-dns-server-list address.)

and select a DNS server from the list.

I would recommend you ping each one to find the one that is fastest for you.

For this example I will choose the DnsAdvantage.

DnsAdvantage's ip is 156.154.70.1

Go back to your luci webif
go to Network->Interfaces
click on the edit button  for your vpn (small icon to the far right)

From the "Additional field" drop down menu select DNS-Server click "Add"
paste in your DNS-Server's IP (In this case it's 156.154.70.1 which is DnsAdvantage)
click Save and Apply.

That should fix any DNS problem.

Script:HMA startup script for routers

If your modem/router has the option to allow the execution of a custom startup script, you can use the following below to get Hidemyass configured.

Just add the whole script block to your startup script (adjust your userid/password and remote-address). You might also need to adjust the routing script (hidemyass-up.sh) to match your own network configs.

Code:

 

cd /tmp

/usr/sbin/echo "client
dev tun
proto tcp
script-security 2 execve
ifconfig-noexec
up /tmp/hidemyass-up.sh
resolv-retry infinite
ping 5
ping-exit 30

HMA Pro VPN - OpenVPN setup for DD-WRT

First of all you need a router with the latest DD-WRT firmware installed. If you don't know if your router supports the DD-WRT firmware, check their router database. The firmware used in this tutorial is "v24-sp2 (08-07/10) mega". For instructions on how to flash your router with DD-WRT firmware, check out the links @ Router configuration Please use our new DD-WRT auto-configurator for OpenVPN - see below. Alternatively you can of course still use the manual configuration tutorials. For our previous standard tutorial with screenshots, see: DD-WRT OpenVPN Setup No.2 Another tutorial, made for Linksys WRT160NL routers can be found @ http://forum.hidemyass.com/index.php?/topic/2515-configuring-dd-wrt-on-wrt160nl-router/ If experiencing issues with the OpenVPN setup, it's a good idea to try the L2TP or PPTP setup first, to make sure your network configuration is not responsible. -> DD-WRT PPTP Setup + DD-WRT L2TP Setup
HMA! OpenVPN autoinstaller for DD-WRT and OpenWRT We proudly present the HMA! Pro VPN autoinstaller for OpenVPN on DD-WRT and OpenWRT routers. To use it, please navigate to the VPN control panel @ http://hidemyass.com/vpn - here, click on "DD-WRT routers" on the left menu. You'll now see the automated installer, like displayed on the right screenshot -> Note: OpenVPN and the autoinstaller are only working on BIG or MEGA versions of the DD-WRT firmware, and on some STD versions. MINI or MICRO versions do not work with OpenVPN or the autoinstaller! You can check here for alternative firmware versions: http://dd-wrt.com/site/support/router-database Now, please enter your password select a protocol (TCP or UDP) select a server location click "Generate my router installation code" You'll be redirected to a page that shows you how to activate the installation code in your routers webconfiguration.
Manual setup tutorial: Attention: This tutorial has been updated on 13th Feb 2012. The old version can be found here... Requirements for this tutorial to work... 0- The router MUST be OpenVPN capable (i.e. Mega, Std (vpn), Big, etc.... version of DD-WRT). 1- The router must be freshly hard reset 30/30/30 2- The router's WAN port is plugged to a Modem (Cable or DSL) 3- The router connects to the internet flawlessly. 4- Any firewall (on the modem, not the router) has been turned off or it's been set up so that the script can do its magic. 5- Maybe you should ask your ISP to open some ports on the modem (Ports 53 and 443 basically) 6- Should you decide to follow this tutorial, my advice is to try TCP first. I have simplified the tutorial to four steps. It's no longer necessary to download-copy-paste the firewall rules. They are now embedded in the START-UP SCRIPTS. As a consequence the video tutorial has changed too, however for those who want/like the 6ES video they can still watch it. The 6ES scripts will remain too. START-UP SCRIPTS -> TCP:  Startup_Script_TCP_Extended-V2.3.txt   5.46K                UDP:  Startup_Script_UDP_Extended-V2.3.txt   5.33K   Attention: The startup scripts contain several server IPs (in the format of "remote 208.76.52.170 443" or "remote 208.76.52.170 53"). When several servers are listed there, the router will connect to a random server. You must edit these lines so they meet your requirements, by only listing your favorite servers there. You can get the IPs from the PPTP server list in the VPN control panel (same as OpenVPN), or from the bottom of the *.ovpn config files from http://hidemyass.com/vpn-config/ Now the four (4) easy steps to get your DD-WRT router running OpenVPN client. 1- Set Date / Time to your local zone (Setup - Basic Setup - Time Settings) 2- Download Start-Up script (TCP and / or UDP) from links above 3- Copy-paste file contents to (Administration - Commands - Command Shell) Save Startup 3a- Edit "MYUSERNAME" and "MYPASSWORD" before saving. (The quotation marks remain -- DO NOT USE YOUR PPTP PASSWORD!) 4- Reboot. After a couple of minutes the OpenVPN tunnel should establish and be ready for use, now you should be surfing the web with a TCP / UDP HMA IP address.

HMA Pro VPN - L2TP setup for DD-WRT

First of all you need a router with the latest DD-WRT firmware installed. If you don't know if your router supports the DD-WRT firmware, check their router database.
The firmware used in this tutorial is "v24-sp2 (08/07/10) std". For instructions on how to flash your router with DD-WRT firmware, check out the links @ Router configuration
This tutorial has been made with a D-LINK DIR 600.
For an alternative L2TP tutorial, see: http://forum.hidemyass.com/index.php?/topic/6227-hma-l2tp-to-any-dd-wrt-router/

If you're experiencing any issues, it's a good idea to try the PPTP setup instead: DD-WRT PPTP Setup

1. Login to your DDWRT router's web interface.
2. Setup
3. Basic Setup
4. Wan Setup > Connection Type: L2TP
5. Username: Your VPN Username
6. Password: Your L2TP/PPTP Password. Can be found at http://hidemyass.com > PPTP Servers > Login Details.
7. Gateway: The L2TP server IPs can be found @ http://hidemyass.com/vpn
8. Connection strategy: Keep Alive: Redial Period 180 seconds
9. STP: Disable
10. Leave everything as it is.
11. Save and Apply Settings.

In some firmware versions, you also need to set this:

How to Connect an Asus RT N-16 router to Hide My Ass VPN

Here is a guide for connecting an Asus RT N-16 to Hide My Ass VPN server. In this tutorial you will learn how to flash your router with new firmware and set it up to connect to a Hide My Ass server in a country of your choice.

As an alternative to flashing your router you can also simply share your VPN connection from your computer: Fake Location on Any Device. If you prefer to use the method with the router then go ahead and continue with the tutorial below.
Don’t be afraid of the length of the tutorial – it’s long because I have decided to describe, as many steps as possible in order to make sure you don’t get lost along the way.  As an alternative to this tutorial, Hide My Ass has now made an installer for Open VPN and DD-WRT routers. Once signed up login to the account panel of Hide My Ass and follow instructions. Alternatively write Hide My Ass support and ask for LT2P server info – can be more reliable than PPTP.

Preparation

Before we start lets make sure that you are well prepared. You need the following:

• An Asus RT N-16 router
• An account with Hide My Ass
• Your username and account password for Hide My Ass PPTP servers. This info IS NOT the same as the one you use to log into your Hide My Ass account. In order to find this info log into Hide My Ass and then click PPTP servers on the left hand side. Scroll down and your login details will be listed.
• Find out what server you want to connect to from the server list under PPTP servers. Write down the IP address.
• Lastly you need to download firmware DD-WRT firmware for the router. You can download the firmware here: dd-wrt.v24-14929_NEWD-2_K2.6_mini_RT-N16.trx

Make sure that everything above is sorted out before you proceed.

Flashing the Router

In this step you will be installing new firmware on the router. This is needed as only routers with the open source DD-WRT firmware can connect to VPN. The powerful Asus router is great at running this firmware.
First of all you need do download the DD-WRT firmware for the router (see above).

• Insert the Ethernet cable in the LAN1 port of the router and connect it to your computer. If you have other Ethernet cables connected to the computer disconnect them now – also disable Wi-Fi on the computer.
• Open your browser and go to 192.168.1.1 and input admin/admin if you are asked and have not set another combination before. If this is the first time you are using the router please follow the setup steps.
• On the dashboard click on advanced settings then firmware upgrade. Click choose file and select the dd-wrt.v24-14929_NEWD-2_K2.6_mini_RT-N16.trx that you have downloaded before. Wait for the setup to complete.
• Once the flashing is complete you will be meet with a screen asking you to give the router a username and a password. Fill out the info as you please.
• You should now be at the main dashboard of your router with the new firmware. The hard part is done.

Making the Asus Router Connect to Hide My Ass

This step is when the router will actually connect to the VPN network.

• Since you have completed the firmware flashing you should now be at the main dashboard of the router. If not write 192.168.1.1 in a browser
• Click setup in the top of the dashboard. You are now at the basic setup screen
• Under WAN Connection Type choose PPTP
• Choose DHCP
• Under Gateway (PPTP server) enter the IP-address of the server you want to connect to
• Enter your Hide My Ass username for PPTP
• Enter your Hide My Ass password for PPTP
• PPTP Encryption: Enable
• Disable Packet Reordering: Enable
• Additional PPTP Options: mppe required,stateless
• STP: Disable
• Everything else leave as it is
• Save and Apply

Now connect the Asus router to the Internet by plugging in the Ethernet cable in the WAN port and connect the other end to where ever you get your Internet from. In my case I have the Asus router connect to My Airport Extreme router (extra router is not needed), which again is connected to the router from my Internet provider.
Now connect to the Asus router via Ethernet or wirelessly and you are now connected via the Hide My Ass VPN server.
You might also want to go to Wireless>Wireless security and set up a password for the wireless access to the router. Otherwise the whole neighborhood will be surfing for free.

Troubleshooting

Here is a small list of things you might want to check if you run into problems.

• Make sure that you are using your PPTP username and password and not your regular Hide My Ass username and password.
• Wait a minute or two to connect to the router once it has been set up. It needs a little time to connect to the VPN.
• If you get an empty page once you load http://192.168.1.1/apply.cgi make sure that you are logged into the router with the router password and username. If you did not set a new username and password then it is root/password.
• The server you are trying to connect to might be experiencing problems. Then try with another server from the PPTP list.
• Update: Alternatively write Hide My Ass support and ask for LT2P server info – these servers can be more reliable than PPTP – for some reason the server info is not in the Hide My Ass control panel yet.

HMA Pro VPN - PPTP settings for DD-WRT

First of all you need a router with the latest DD-WRT firmware installed. If you don't know if your router supports the DD-WRT firmware, check their router database.
The firmware used in this tutorial is "v24-sp2 (08/07/10) std". For instructions on how to flash your router with DD-WRT firmware, check out the links @ Router configuration
This tutorial has been made with a D-LINK DIR 600. For an alternative L2TP tutorial, see: http://forum.hidemyass.com/index.php?/topic/6227-hma-l2tp-to-any-dd-wrt-router/
If you're experiencing any issues, it's a good idea to try the PPTP setup instead: DD-WRT PPTP Setup

1. Login to your DDWRT router's web interface.
2. Setup
3. Basic Setup
4. Wan Setup > Connection Type: L2TP
5. Username: Your VPN Username
6. Password: Your L2TP/PPTP Password. Can be found at http://hidemyass.com > PPTP Servers > Login Details.
7. Gateway: The L2TP server IPs can be found @ http://hidemyass.com/vpn-config/l2tp/
8. Connection strategy: Keep Alive: Redial Period 180 seconds
9. STP: Disable
10. Leave everything as it is.
11. Save and Apply Settings.

In some firmware versions, you also need to set this: