Configuring Linksys WRT1200ac router as a VPN router for PIA

Hi. Looking to see if anyone knows how to configure/flash a Linksys WRT1200ac router as a VPN router.

Want to make my router a VPN router so that devices connected to it don't need individual software installed.

Bought it as thought it would be ready to rock as per plug and play, or just follow the PIA guide for DDWRT Open VPN setup. Er no.

The router access page differs quite a lot from the one in the guide, for example there is no services tab or anywhere to 
set DCHP or VPN client. So cant make the right settings.

There is a OpenVPN server section to set OVPN config,but that is it. Checked with Linksys and its Australian versions are only a passthrough VPN router not plug and play like the US ones. They said the only way is to talk to a software company that can access the router - I presume they mean to retrofit older firmware,or a flash file.

Can any one help with or point me in a direction todo this.

Many Thanks

Comments

  • Looks like you're going to have to flash your Linksys WRT1200ac with DD-WRT firmware.

    Here is a video on how to do that: 

    After that, you can follow the PIA DD-WRT guide.


  • Posts: 2
    Hi. Awesome I'll try that right now.

  • Posts: 44
    If you need anything, just let me know. I have the exact same router running DD-WRT and PIA. It's pretty easy and straightforward.
  • edited February 28 Posts: 1
    Hi scodan I need help. Today I purchased WRT 1200 AC and I copied the script below that I am using successfully with LinkSys E900. With WRT 1200 AC it just won't work. I have OpenVpn set to Enabled, OpenVPN, Start Type System, Config as Daemon . I tried to setup using the instructions on https://www.privateinternetaccess.com/pages/client-support/dd-wrt-openvpn but without success. Please help me!

    #!/bin/sh
    
    USERNAME="xxxx"
    PASSWORD="xxxxx"
    PROTOCOL="udp"
    # Add - delete - edit servers between ##BB## and ##EE##
    REMOTE_SERVERS="
    ##BB##
    # US - WEST
    remote xxxxx.privateinternetaccess.com 1194
    ##EE##
    "
    
    #### DO NOT CHANGE below this line unless you know exactly what you're doing ####
    
    CA_CRT='-----BEGIN CERTIFICATE-----
    MIID2jCCA0OgAwIBAgIJAOtqMkR2JSXrMA0GCSqGSIb3DQEBBQUAMIGlMQswCQYD
    VQQGEwJVUzELMAkGA1UECBMCT0gxETAPBgNVBAcTCENvbHVtYnVzMSAwHgYDVQQK
    ExdQcml2YXRlIEludGVybmV0IEFjY2VzczEjMCEGA1UEAxMaUHJpdmF0ZSBJbnRl
    cm5ldCBBY2Nlc3MgQ0ExLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50
    ZXJuZXRhY2Nlc3MuY29tMB4XDTEwMDgyMTE4MjU1NFoXDTIwMDgxODE4MjU1NFow
    gaUxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJPSDERMA8GA1UEBxMIQ29sdW1idXMx
    IDAeBgNVBAoTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSMwIQYDVQQDExpQcml2
    YXRlIEludGVybmV0IEFjY2VzcyBDQTEvMC0GCSqGSIb3DQEJARYgc2VjdXJlQHBy
    aXZhdGVpbnRlcm5ldGFjY2Vzcy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
    AoGBAOlVlkHcxfN5HAswpryG7AN9CvcvVzcXvSEo91qAl/IE8H0knKZkIAhe/z3m
    hz0t91dBHh5yfqwrXlGiyilplVB9tfZohvcikGF3G6FFC9j40GKP0/d22JfR2vJt
    4/5JKRBlQc9wllswHZGmPVidQbU0YgoZl00bAySvkX/u1005AgMBAAGjggEOMIIB
    CjAdBgNVHQ4EFgQUl8qwY2t+GN0pa/wfq+YODsxgVQkwgdoGA1UdIwSB0jCBz4AU
    l8qwY2t+GN0pa/wfq+YODsxgVQmhgaukgagwgaUxCzAJBgNVBAYTAlVTMQswCQYD
    VQQIEwJPSDERMA8GA1UEBxMIQ29sdW1idXMxIDAeBgNVBAoTF1ByaXZhdGUgSW50
    ZXJuZXQgQWNjZXNzMSMwIQYDVQQDExpQcml2YXRlIEludGVybmV0IEFjY2VzcyBD
    QTEvMC0GCSqGSIb3DQEJARYgc2VjdXJlQHByaXZhdGVpbnRlcm5ldGFjY2Vzcy5j
    b22CCQDrajJEdiUl6zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAByH
    atXgZzjFO6qctQWwV31P4qLelZzYndoZ7olY8ANPxl7jlP3YmbE1RzSnWtID9Gge
    fsKHi1jAS9tNP2E+DCZiWcM/5Y7/XKS/6KvrPQT90nM5klK9LfNvS+kFabMmMBe2
    llQlzAzFiIfabACTQn84QLeLOActKhK8hFJy2Gy6
    -----END CERTIFICATE-----'
    
    OPVPNENABLE=`nvram get openvpncl_enable | awk '$1 == "0" {print $1}'`
    
    if [ "$OPVPNENABLE" != 0 ]; then
       nvram set openvpncl_enable=0
       nvram commit
    fi
    
    sleep 10
    mkdir /tmp/pia; cd /tmp/pia
    echo -e "$USERNAME\n$PASSWORD" > userpass.conf
    echo "$CA_CRT" > ca.crt
    echo "#!/bin/sh
    iptables -t nat -I POSTROUTING -o tun0 -j MASQUERADE" > route-up.sh
    echo "#!/bin/sh
    iptables -t nat -D POSTROUTING -o tun0 -j MASQUERADE" > route-down.sh
    chmod 644 ca.crt; chmod 600 userpass.conf; chmod 700 route-up.sh route-down.sh
    sleep 10
    echo "client
    auth-user-pass /tmp/pia/userpass.conf
    management 127.0.0.1 5001
    management-log-cache 50
    dev tun0
    proto $PROTOCOL
    comp-lzo adaptive
    fast-io
    script-security 2
    mtu-disc yes
    verb 4
    mute 5
    cipher bf-cbc
    auth sha1
    tun-mtu 1500
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    tls-client
    remote-cert-tls server
    log-append piavpn.log
    ca ca.crt
    status-version 3
    status status
    daemon
    $REMOTE_SERVERS" > pia.conf
    ln -s /tmp/pia/piavpn.log /tmp/piavpn.log
    ln -s /tmp/pia/status /tmp/status
    (killall openvpn; openvpn --config /tmp/pia/pia.conf --route-up /tmp/pia/route-up.sh --down /tmp/pia/route-down.sh) &
    exit 0
    Post edited by p3694931 on
  • Posts: 44
    you must follow this flashing guide: https://www.dd-wrt.com/wiki/index.php/Linksys_E900

  • Posts: 44
    the above is for the Linksys E900. If you have a WRT 1200 AC, follow this:
    and then follow PIA's install steps for dd wrt.



  • Posts: 1
    VPN Status is CONNECTED SUCCESS .. but I can't access any websites from any device connected to the vpn router which is a linksys wrt 1200 ac . any suggestions?
  • edited June 16 Posts: 631
    Through the DOS CMD propt you can ping a URL (like privateinternetaccess.com. If the site pings then the DNS is resolving the address. If not, try pinging 209.222.18.222 (PIA DNS). if that does not work you might have some ports closed.
    Post edited by Omnibus_IV on
Sign In or Register to comment.