Help setting up Nord VPN

[SDsix1niner]

Hi there. I'm hoping someone could help me with setting up Nord VPN on my ASUS RT-N66R. I've read the instructions for my router on Nords website, but I'm running different firmware than what they have instructions for, and the options on the router are vastly different to the point I can't figure out what goes where. I'm using firmware 380.70. Any help would be appreciated. Please go easy on me. I know very little when it comes to this stuff. I found this site when I had an issue some time ago and it appeared there are some very knowledgeable people here so I figured I would ask. Thanks in advance.

 

[ColinTaylor]

Welcome.

In the first instance I suggest you update your firmware to John's Fork as it more up to date than the version you're using and actively supported.

For NordVPN (which I also use) you just download the ovpn file from their site, import it, add your username and password, and the click Apply. That's it.

You can make other changes to the settings depending on your specific needs but the default settings should work OK.

 

[Jack Yaz]

Welcome.

In the first instance I suggest you update your firmware to John's Fork as it more up to date than the version you're using and actively supported.

For NordVPN (which I also use) you just download the ovpn file from their site, import it, add your username and password, and the click Apply. That's it.

You can make other changes to the settings depending on your specific needs but the default settings should work OK.

Once on John's fork there's a script you can try for this...

 

[QuikSilver]

Once on John's fork there's a script you can try for this...

In case the hint wasn't obvious....

https://www.snbforums.com/threads/n...-vpn-client-configurations-for-nordvpn.64930/

 

[SDsix1niner]

Welcome.

In the first instance I suggest you update your firmware to John's Fork as it more up to date than the version you're using and actively supported.

For NordVPN (which I also use) you just download the ovpn file from their site, import it, add your username and password, and the click Apply. That's it.

You can make other changes to the settings depending on your specific needs but the default settings should work OK.

Thank you very much for the info. I hadn't downloaded the file yet since the instructions had that as a later step and I don't know enough to feel comfortable doing the steps at random. I'm sure I'll be back if I have any issues. Thanks again!

 

[SDsix1niner]

In case the hint wasn't obvious....

https://www.snbforums.com/threads/n...-vpn-client-configurations-for-nordvpn.64930/

I hope it isn't too terribly important because I didn't realize it was even a hint, and I'm even more lost when looking over the info from the link. I will take more time to read it thoroughly and get as much as I can from it. Thank you. I truly appreciate your help.

 

[ColinTaylor]

If you're following the very old instructions here I suggest the following changes.

Step 9: Ignore this step as all these settings are already configured from the ovpn file you imported.

Step 10: Personally, I would leave the WAN DNS settings as you currently have them.

 

[RMerlin]

https://support.nordvpn.com/Connectivity/Router/1047410642/AsusWRT-Merlin-setup-with-NordVPN.htm

Older version, but the settings should still be fairly similar. Uploading the ovpn config file will configure most settings automatically for you.

 

[SDsix1niner]

If you're following the very old instructions here I suggest the following changes.

Step 9: Ignore this step as all these settings are already configured from the ovpn file you imported.

Step 10: Personally, I would leave the WAN DNS settings as you currently have them.

Well that's where I was having a problem. I must've been at the wrong spot for my current firmware on Nords site. My VPN settings tab looks like the one you linked, and very different from the one I was at. I may go ahead and keep my current firmware instead of updating to John's Fork because even that seemed overwhelming due to changes in the process depending on so many variables that I'm not too sure about. Thats if there isn't reasons to upgrade from a security standpoint, which is the main reason I'm doing this.

 

[SDsix1niner]

https://support.nordvpn.com/Connectivity/Router/1047410642/AsusWRT-Merlin-setup-with-NordVPN.htm

Older version, but the settings should still be fairly similar. Uploading the ovpn config file will configure most settings automatically for you.

So do you think setting up the VPN with my current firmware is suitable, or should I go ahead and try John's Fork, or any other firmware? I've been pretty happy with how things have been running, but I'm willing to make changes for the sake of security.

My logs have indicated that someone has attempted to guess my password half a dozen times and been locked out. I don't know if they ever actually made it in though, so I'd prefer to go with what's safest, within my limited ability of course. Thanks for any input, and for your time. Cheers

 

[ColinTaylor]

I may go ahead and keep my current firmware instead of updating to John's Fork because even that seemed overwhelming due to changes in the process depending on so many variables that I'm not too sure about. Thats if there isn't reasons to upgrade from a security standpoint, which is the main reason I'm doing this.

There are security fixes in John's firmware that your version doesn't have. Make sure you haven't enabled WAN access to anything (HTTP, SSH, etc.) and you should be OK.

 

[RMerlin]

My logs have indicated that someone has attempted to guess my password half a dozen times and been locked out. I don't know if they ever actually made it in though, so I'd prefer to go with what's safest, within my limited ability of course.

Tried to guess the password through which service? If it's the webui, then immediately disable WAN access to your router's web interface - there are MANY known security issues in older firmware that could allow anyone to log into your router, and infect it with malware.

Updating is strongly recommended for security reasons. Models that I no longer support might still be supported by John's fork. You will have however to do a factory default and reset everything after switching to his firmware.

 

[SDsix1niner]

There are security fixes in John's firmware that your version doesn't have. Make sure you haven't enabled WAN access to anything (HTTP, SSH, etc.) and you should be OK.

Ok thanks. I did have it set up for remote access for the mobile ASUS app for ease of control, knowing there are security risks with doing so due to the foolish "won't happen to me" mentality. My network security is more important now than ever. Thanks for everything!

 

[ColinTaylor]

My network security is more important now than ever.

Side note: Using a VPN service (like NordVPN, etc.) doesn't improve your network security, it just makes you slightly more anonymous. Just saying...

 

[SDsix1niner]

Tried to guess the password through which service? If it's the webui, then immediately disable WAN access to your router's web interface - there are MANY known security issues in older firmware that could allow anyone to log into your router, and infect it with malware.

Updating is strongly recommended for security reasons. Models that I no longer support might still be supported by John's fork. You will have however to do a factory default and reset everything after switching to his firmware.

Yeah, it was through the webui, I think. The log said locked login due to 5 failed attempts(in different wording of course). I'll go ahead and do the update and lock everything down. I hadn't had any issue til now which caused me to get too comfortable. Lesson learned. Thank you for sharing your time and your knowledge. I can't express how much I appreciate it.

 

[SDsix1niner]

Side note: Using a VPN service (like NordVPN, etc.) doesn't improve your network security, it just makes you slightly more anonymous. Just saying...

I have very little knowledge in terms of how attackers find their targets or the different things that they can actually do. It seemed as though that having my IP untraceable would help combat some types of attacks at least. For the price of a VPN I figured if it helps even just a little, it worth it. I'm hoping between the VPN, a firmware update, and some changes to a few of my settings will help because honestly, I don't know anything else I can do.

 

[ColinTaylor]

It seemed as though that having my IP untraceable would help combat some types of attacks at least.

The benefit would be marginal at best. Here's a reasonably good explanation of what a VPN service can and cannot do.

 

[GHammer]

I have very little knowledge in terms of how attackers find their targets or the different things that they can actually do. It seemed as though that having my IP untraceable would help combat some types of attacks at least.

A VPN works through your public IP assigned to your router's WAN port. The public IP will always be there else, no Internet/VPN/Etc.
So, people scan blocks of IP addresses, usually blocks that contain targets they are interested in. Say Comcast IPs to find homeowners with insecure routers. Once they get a hit, then they try to compromise whatever is behind the IP address.

Unless you just want/need a VPN, I wouldn't bother. It will add little or nothing to your security.

Create a strong admin password and use current firmware on your router. Don't use tools other than your browser to access your router.

 

[GHammer]

"New wave of attacks aiming to rope home routers into IoT botnets - Help Net Security"

https://www.helpnetsecurity.com/2020/07/17/home-routers-iot-botnets/