Menu
What's new
By:
Filters Better Search

OpenVPN Server using AsusWRT-Merlin - stability and your experiences

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

A

Avery

Regular Contributor
For those who have setup an OpenVPN Server using recent AsusWRT-Merlin firmware, has it been stable?

What else have your experiences been?

Can anyone compare this to using a direct Tomato implementation with OpenVPN server?
 
Avery said:
For those who have setup an OpenVPN Server using recent AsusWRT-Merlin firmware, has it been stable?

What else have your experiences been?

Can anyone compare this to using a direct Tomato implementation with OpenVPN server?
Click to expand...

Been rock solid. Did not use tomato but used ddwrt to in the past
 
Avery said:
For those who have setup an OpenVPN Server using recent AsusWRT-Merlin firmware, has it been stable?

What else have your experiences been?

Can anyone compare this to using a direct Tomato implementation with OpenVPN server?
Click to expand...

I actually based my code on Tomato's, except that I optimized its performance a fair bit, and when Asus moved the code into the stock firmware they also added the ability to do password-based authentication, and the ability to export a .ovpn config file.

I use it quite frequently to connect back home while at work.
 
I use site to site router OVPN with no perceivable issues. I'm sure I could tweak it a bit, but if it ain't broke...
 
Thanks so much for your replies.

Merlin -- first off, I've heard a lot of good things about your work, and just want to say thanks for all the energy it takes to maintain such a 'project' as you've done. Kudos to you. Your firmware (and philosophy behind it) is probably the reason I will go with an ASUS product, and likely gives me all I need. Of course, there's always the ability to go to Tomato or DD-WRT, if features are needed, but I'd prefer stable and simple :)

Based on your comment, I did some further digging... it sounds like ASUS has already incorporated OpenVPN Server capabilities into the RT-AC68U. I see there are some references to it in the firmware release notes, but no mention of this on the specs page or in the manual, that I've see.
 
Avery said:
Based on your comment, I did some further digging... it sounds like ASUS has already incorporated OpenVPN Server capabilities into the RT-AC68U. I see there are some references to it in the firmware release notes, but no mention of this on the specs page or in the manual, that I've see.
Click to expand...

...it's right there, see section "VPN-Support": http://www.asus.com/Networking/RTAC68U/specifications/

...I am using it quite frequently to "dial home" while on the road...it has been rock solid for me.
 
Excellent.
I use it for site-to-site connection for an year, 24x7 for to link two offices.
Generally, it demands no attention at all.
tap-udp, same subnet, need only to use ebtables trick to prevent DHCP queries from one site to another.
 
Avery said:
Based on your comment, I did some further digging... it sounds like ASUS has already incorporated OpenVPN Server capabilities into the RT-AC68U. I see there are some references to it in the firmware release notes, but no mention of this on the specs page or in the manual, that I've see.
Click to expand...

That's because it was added with a firmware update. When the RT-AC68U launched, it didn't have OpenVPN support.

Asus tends to frequently do this - release a product, and keep adding new features afterward through firmware upgrades.
 
My experience is that openvpn on rmerlin firmware runs rock solid.
 
I've been using OpenVPN on the stock firmware and it's been running pretty well. I want to use on-demand VPN on my iPhone with the RT-AC87R. I haven't updated to the Merlin build yet and had a question. Does the Merlin build allow you to use Certificate authentication?

https://docs.openvpn.net/docs/openvpn-connect/openvpn-connect-ios-faq.html

According to the link above, User Authentication has to be set to Certificate and the client certificate+key should be attached as a PKCS#12 file.

"User Authentication should be set to Certificate, and the client certificate+key should be attached as a PKCS#12 file.
VPN On Demand should be enabled and match entries should be defined to instruct iOS under which conditions the VPN profile should be automatically connected.
In addition, parameters normally given in the OpenVPN client configuration file may instead be defined using key/value pairs in the Custom Data section:

VoD requires an OpenVPN autologin profile, i.e. a profile that authenticates using only a client certificate and key, without requiring a connection password.
Define each OpenVPN directive as a key, with arguments specified as the value. As in the OpenVPN configuration file, arguments are space-delimited and may be quoted.
At a minimum, key/value pairs for ca and remote must be defined (Note that OpenVPN cannot get the CA list from the VoD profile, therefore it must be provided using a ca key/value pair).
Key value pairs for tls-auth, key-direction, comp-lzo, cipher, ns-cert-type, and remote-cert-tls must be defined if the server requires them."

Sorry if this is in the wrong thread!
 
You can use certificate-based authentication, yes. In fact it was how it was originally implemented, Asus added the ability to do username-based authentication afterward.
 
RMerlin said:
You can use certificate-based authentication, yes. In fact it was how it was originally implemented, Asus added the ability to do username-based authentication afterward.
Click to expand...

Thanks for the quick response. I don't want to thread jack, but how do I download the pk12 file or change authentication to Certificate? Thanks again for the help.
 
You must log in or register to reply here.

Similar threads

H
Extremely low speed on ac86u with openvpn client
Replies
7
Views
536
hassangh
H
R
Wireguard on Asuswrt-Merlin
Replies
11
Views
2K
Tech9
Tech9
M
vpn problems in asuswrt merlin 3004.388.8
2 3 4
Replies
72
Views
5K
maxbraketorque
M
P
Problem connecting to OpenVPN server on AX86U
Replies
4
Views
642
Patrick9876
P
S
OpenVPN server fails after reboot
Replies
6
Views
656
L&LD
L&LD
Similar threads
Thread starter Title Forum Replies Date
N Solved OpenVPN Server split tunnell config Asuswrt-Merlin 5
G OpenVPN Server log, is this in error ? Asuswrt-Merlin 7
H Can no longer get OpenVPN Server to work Asuswrt-Merlin 4
Sunny786 Help Needed: Configuring OpenVPN Server and Instant Guard on Asus GT-AX11000 with Technicolor CobraXh Modem Router Asuswrt-Merlin 11
P Problem connecting to OpenVPN server on AX86U Asuswrt-Merlin 4
bengalih Bug with corrupted passwords in OpenVPN Server Asuswrt-Merlin 14
S OpenVPN server fails after reboot Asuswrt-Merlin 6
W OpenVPN Server set to LAN only allows browsing Asuswrt-Merlin 14
G openvpn server: can not change/select data cipher Asuswrt-Merlin 1
Blankedy AC86U OpenVPN server whilst in AP mode Asuswrt-Merlin 3

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 741 (members: 15, guests: 726)
Top