Astaro Site to Site VPN with DD-WRT
So – I received my Astaro Security Gateway 220 last week and this morning I decided to get it hooked up and configured. The most important configuration being linking it to my second site. Soon i’ll have two Astaro’s but right now the other site still has a linksys router with DD-WRT v24 installed. First things first – DD-WRT does NOT support IPSEC so forget about it. In this post I’ll show you how to configure the Astaro as an OpenVPN server and the DD-WRT as a client.
Log into the astaro and click on Site-to-site VPN
Choose SSL from the drop down. You will be presented with the connections tab. Click New SSL connection.
Connection Type: Server
Connection Name: Site B
Local Networks: Internal (Network)
Click the plus sign next to Remote Networks and fill it in according to your remote network.
Save that and then make sure you leave Automatic packet filter rules checked. Then click Save.
Next Click Settings your settings should look like this:
Save any changes and then click Advanced
Now I’m sure the encryption and authentication can be changed – but for the sake of this article this is how I’m going to configure it.
I’ve enabled debug mode for now so we can see whats going on. Apply those settings and then click back on Connections.
Now you want to download the configuration file – unencrypted – and open it in notepad++ or something similar.
Inside that file you should see 2 certificates and 1 RSA Private Key. The first cert in the file is the Public Client Cert the second is the CA Cert and the last RSA Private key is the Private Client Key
Open up your dd-wrt router (hopefully at this point you have remote access to a computer on the remote network)
You should copy and paste those values into the correct inputs in the DD-WRT (under services, VPN, OpenVPN Client) and save and apply.
Make sure you use YOUR username and password – also replace REMOTE GATEWAY with the Astaro Gateway IP.
Reboot the DD-WRT and you should be good to go.