VPN On Your Dreambox
Register
Results 1 to 12 of 12
  1. #1
    Junior Member
    Join Date
    Nov 2009
    Posts
    25
    Thanks Thanks Given 
    1
    Thanks Thanks Received 
    3
    Thanked in
    1 Post

    Default VPN On Your Dreambox

    Connect to your dreambox via SSH/TELNET and run this command "opkg install openvpn" without quotes.

    After you have installed openvpn, you will need to put a configuration file into /etc/openvpn/. You can download your .ovpn files & ca.crt certificate from your VPN provider (In my case PIA) and simply rename the desired server .ovpn file you wish to use to openvpn.conf, place this and your ca.crt file into /etc/openvpn. Now create a login.conf file in the openvpn folder for your details.

    The file should include just your user/pass in this format (Nothing special )

    username
    password

    Edit your openvpn conf and edit the line auth-user-pass to auth-user-pass login.conf

    Now after you have created the login and edited the vpn config paste the following command into telnet.

    /etc/init.d/openvpn start

    Leave for upto 10-15 secs.

    After you do that copy and paste the command below into telnet to verify the IP address has changed.

    wget -q -O - http://ip.serdit.ro | grep "IP address is"

    To add openvpn to autostart paste the command below.

    update-rc.d openvpn defaults

    **Update**


    Some free vpn services like vpnbook and such only offer a .opvpn file and putting that into /etc/openvpn on the dreambox on its own didnt work for me. Here is how I fixed it.. Edit the .opvpn you wish to use and then you will see <ca></ca>, <cert></cert> & <key></key> tags. Copy the info from between the first tags <ca></ca> and paste into a new file called ca.crt, same with the cert tags to a new file called whatever.crt & key tags to whatever.key. Then delete the tags and their info from the .opvpn file.

    Still editing the .opvpn add this...

    ca ca.crt
    cert whatever.crt
    key whatever.key

    So your opvpn file should look something like...

    client
    dev tun2
    proto udp
    remote <IP> <Port>
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    ca ca.crt
    cert whatever.crt
    key whatever.key
    auth-user-pass login.conf
    comp-lzo
    verb 3
    cipher AES-128-CBC
    fast-io
    pull
    route-delay 2
    redirect-gateway

    Save, rename to openvpn.conf & upload this and your new files to /etc/openvpn.

    As above, you will now have a VPN...but for free.

    Tested on OpenPLi 3.0 OE2.0 DM800 Clone + TSMedia.

    Enjoy your streaming. :-)



    Leave a thanks if this worked for you.
    Last edited by hitman000; 12th March, 2014 at 01:16 AM. Reason: Updated the tutorial.

  2. The Following 3 Users Say Thank You to hitman000 For This Useful Post:

    firestorm (11th March, 2014), Tork Motor (13th August, 2015)

  3. #2
    Junior Member
    Join Date
    Nov 2009
    Posts
    25
    Thanks Thanks Given 
    1
    Thanks Thanks Received 
    3
    Thanked in
    1 Post

    Default

    Obviously the free VPN will change their passwords often so remember to check their site and update your login.conf.


  4. #3
    Newbie
    Join Date
    Aug 2014
    Posts
    3
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts

    Default

    Hi

    I am trying to put OpenVpn working on Dreambox but I cant login.

    I have a payed vpn, but I don?t have any crt file, so I created one like you added, but my ovpn doesn't have any <cert></cert> & <key></key> tags, just the <ca></ca>, and use that to create the crt file, but still cant login.

    So I didnt create the other 2 files(whatever.crt and whatever.key). Or should I create this but empty only with the tags?
    This is my ovpn file

    client
    dev tun
    proto udp
    route-delay 2
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    ca ca.crt
    auth-user-pass login.conf
    verb 3
    remote <IP> <443>

    Do I need to change something??

    Thanks

    Jail

  5. #4
    Newbie
    Join Date
    Aug 2014
    Posts
    3
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts

    Default

    Hi,

    Just an update to all that needs to configure this also.

    I did not need to create any file with cert or key.

    I just create a file ca.crt and a login.txt file for authentication. I have also change my .opvpn to .config

    This is an example of my opvpn file :

    client
    dev tun
    proto udp
    route-delay 2
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    ca /etc/openvpn/ca.crt
    log /etc/openvpn/openvpn.log
    auth-user-pass /etc/openvpn/login.txt
    verb 3
    remote IP 443

    And it works perfectly.

    PS: I am using Enigma2 image.

    Hope this help others.

    Jail

  6. #5
    Newbie
    Join Date
    Nov 2014
    Posts
    3
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts

    Default

    I?ve recently tried to get my DM800HD clone to go behind a VPN. I started by reading around on the internet and stumbled upon the use of OpenVPN. After some digging around, I found that my existing VPN provider already provides *.ovpn files, so I got to work with some guides I found online.


    FYI, I have tested my connection to my VPN and can confirm that it is active and working through other devices.


    What I did:
    1. I installed openvpn onto my box using the following command which was successful: opkg install openvpn
    2. I then created my files as per the above (the method in the first post's original part didn?t connect at all, I had to go by the above comment which seemed to give back no login error, indicating some form of success)
    a. Created a *.crt file using the info in the *.ovpn file which included and was between the <ca></ca> tags
    b. Created a login.txt file which contains only 2 lines
    i. Username
    ii. Password
    c. Created a *.conf file which contained all of the following (server address masked):
    Code:
    client
      dev tun
      proto udp
      route-delay 2
      resolv-retry infinite
      nobind
      persist-key
      persist-tun
      ca /etc/openvpn/ca.crt
      log /etc/openvpn/openvpn.log
      auth-user-pass /etc/openvpn/login.txt
      verb 3
      remote [VPN Server address] 443
    3. put all the above files into /etc/openvpn
    4. Opened up a telnet connection via putty (also tried via DCC but same outcome)
    5. Executed the following command to start open vpn with the config files: /etc/init.d/openvpn start
    6. Observed the following message (uk is the name of the *.conf file): Starting openvpn: uk.
    7. Waited a while
    8. Ran the following command to see if my IP address was that of the VPN server:
    Code:
    wget -q -O - http://ip.serdit.ro | grep "IP address is"
    a. I got a result back which showed that my IP address hadn?t changed


    Questions:
    1. How can I see what is happening at step 5 when I executed the openvpn program?


    Btw:
    1. I don?t like the shell on my dreambox, can I upgrade it?
    2. Would I need better specs on my box to support a better shell?


    Thanks in advance all

  7. #6
    Newbie
    Join Date
    Aug 2014
    Posts
    3
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts

    Default

    Hi Pimped

    Have you check you openvpn log that you created in you config file??
    Inside you should have the information about the connection to the vpn etc.

    Maybe this can answer you some of the questions

    Jail

  8. #7
    Banned
    Join Date
    Oct 2009
    Posts
    1,178
    Thanks Thanks Given 
    242
    Thanks Thanks Received 
    125
    Thanked in
    106 Posts

    Default

    can someone help me to create config for DM 800 via Teamviewer for perfect privacy account?

    sure not for free..

  9. #8
    Newbie
    Join Date
    Nov 2014
    Posts
    3
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts

    Default

    So I've been doing some investigation and I've found the following:


    1. The VPN provider said that my set up was correct
    2. When I run openvpn, I cannot run any further network commands as they all end up as "State D" processes which require a box reboot to kill


    I have a feeling that my box requires a pre-requisite step for it to run VPN successfully. The box has a very primitive Linux kernel running on it so I can't even run some of the stuff I find on the internet to try and fix ths issue.


    Are there any linux experts on here that can help?


    My distro is: Linux version 2.6.18-7.4-dm800 (gertjan@ds9) (gcc version 4.4.4 (GCC) ) #1 Fri Jan 18 22:00:51 CET 2013


    Can anyone help? I've been trying to set up a linux virtual machine on my computer to try and investigate this but it's proving harder than normal :@


    Outside of the DM box, I Used a virtual machine to run a linux distro and installed openvpn. Whacked in the same files i used in the DM box and although the command prompt didn't return, I opened another terminal and checked the IP address and viola it worked!!


    So now that I know that it works through my network using linux and openvpn, I have to find out why it's not working through the DM box and why all network operations after running Openvpn on the DM box end up as "D" state processes


    Can anyone help?

  10. #9
    Newbie
    Join Date
    Nov 2014
    Posts
    3
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts

    Default

    Quote Originally Posted by JailBreak View Post
    Hi Pimped

    Have you check you openvpn log that you created in you config file??
    Inside you should have the information about the connection to the vpn etc.

    Maybe this can answer you some of the questions

    Jail

    Hi JailBreak,

    Sorry I forgot to respond directly to your post. Before I was getting errors in the logs. After I spoke to the VPn provider and fixed my files, I get the following logs and the box no longer works with any further network commands (as explained in my previous post above). IP address has been masked with XXs:

    Wed Nov 26 22:06:43 2014 OpenVPN 2.1.0 mipsel-oe-linux [SSL] [LZO1] [EPOLL] built on Jun 5 2013
    Wed Nov 26 22:06:43 2014 WARNING: file '/etc/openvpn/login.txt' is group or others accessible
    Wed Nov 26 22:06:43 2014 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Wed Nov 26 22:06:43 2014 LZO compression initialized
    Wed Nov 26 22:06:43 2014 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Wed Nov 26 22:06:44 2014 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
    Wed Nov 26 22:06:44 2014 Local Options hash (VER=V4): '41690919'
    Wed Nov 26 22:06:44 2014 Expected Remote Options hash (VER=V4): '530fdded'
    Wed Nov 26 22:06:44 2014 UDPv4 link local: [undef]
    Wed Nov 26 22:06:44 2014 UDPv4 link remote: XX.XX.XX.XX:443
    Wed Nov 26 22:06:44 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Wed Nov 26 22:06:44 2014 VERIFY OK: depth=1, /C=GB/ST=LN/L=London/O=vpnsvc/OU=vpnsvc/CN=vpnsvc.com/name=vpnsvc/emailAddress=noc@vpnsvc.com
    Wed Nov 26 22:06:44 2014 VERIFY OK: nsCertType=SERVER
    Wed Nov 26 22:06:44 2014 VERIFY OK: depth=0, /C=GB/ST=LN/L=London/O=vpnsvc/OU=vpnsvc/CN=vpnsvc/name=vpnsvc/emailAddress=noc@vpnsvc.com
    Wed Nov 26 22:06:48 2014 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Wed Nov 26 22:06:48 2014 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Wed Nov 26 22:06:48 2014 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Wed Nov 26 22:06:48 2014 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Wed Nov 26 22:06:48 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
    Wed Nov 26 22:06:48 2014 [vpnsvc] Peer Connection Initiated with XX.XX.XX.XX:443

  11. #10
    Newbie
    Join Date
    May 2011
    Posts
    1
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts

    Default

    Sorry for bumping an old thread..

    Does anyone know what happens, if the dreambox looses connection to VPN?

    Would it be disconnected.. or will it go back to ISP WAN?

  12. #11
    Newbie
    Join Date
    Sep 2013
    Posts
    2
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts

    Default

    Does anyone know how I can set up a cron job on enigma2 (old dm800 hd clone). I need on the box startup, reboot or restart gui that it runs command /etc/init.d/openvpn start

    Reason I need this is my VPN doesnt start automatically no matter what I try - I have found this is the only way I get it to start is to telnet to the b ox run that command.

  13. #12
    Newbie
    Join Date
    Sep 2021
    Posts
    3
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts

    Default

    Hmm, very strange indeed. Just usually such nuances are specified when you buy or download a VPN, very strange that you have such a problem already at the stage of use. But I can help you to solve it, there is a cool service VPNwelt, there is a huge database of both paid and free VPN services, there is accurate information about them, with all the nuances of their use and of course all the pros and cons. It is very cool that they often have discounts on paid VPNs and thanks to that you can save a lot of money. So, pay attention to VPNwelt, there will be no such problems with it.

 

 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
This website uses cookies
We use cookies to store session information to facilitate remembering your login information, to allow you to save website preferences, to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners.