OpenVPN® & L2TP clients setup for routers with Padavan firmware
for KeepSolid VPN Unlimited users
for KeepSolid VPN Unlimited users
This tutorial provides a detailed walkthrough on how to configure OpenVPN® and L2TP clients on your router flashed with Padavan firmware. To get more information about the OpenVPN® protocol, check out our detailed article What is OpenVPN® protocol. As well, we recommend you to check the article What is L2TP VPN protocol to learn more about its features and technical details.
Xiaomi Mi-3 router with Padavan firmware 3.4.3.9-099 was taken as an example. How to setup VPN Unlimited for Padavan firmware? How to configure OpenVPN for Padavan firmware? Let’s check it out!
I. How to configure OpenVPN® client for Padavan firmware
II. How to configure L2TP client on your Padavan router
III. Optional Kill Switch of our VPN for Padavan Firmware setup (for advanced users only)
nice 0
auth-nocache
nobind
persist-tun
persist-key
remote-random
remote-cert-tls server
route-metric 1
tun-mtu 1500
When the VPN connection for Padavan firmware is successfully established, you’ll see the Connected status on the Settings tab as shown below.
The VPN connection will be established and you’ll see the status Connected on the same Settings tab.
That’s it! You’ve successfully completed your Padavan firmware VPN client setup and have a running VPN connection on your router.
NOTE: Please make sure to configure Kill Switch correctly, otherwise you will lose internet connection on your router.
To set up Kill Switch and prevent traffic leakage in case of a sudden drop of a VPN connection, navigate to Run the Script After Connected/Disconnected to VPN Server on the VPN Client interface and paste the following:
#!/bin/sh
### Custom user script
### Called after internal VPN client connected/disconnected to remote VPN server
### $1 - action (up/down)
### $IFNAME - tunnel interface name (e.g. ppp5 or tun0)
### $IPLOCAL - tunnel local IP address
### $IPREMOTE - tunnel remote IP address
### $DNS1 - peer DNS1
### $DNS2 - peer DNS2
# private LAN subnet behind a remote server (example)
peer_lan="192.168.10.0"
peer_msk="255.255.255.0"
### example: add static route to private LAN subnet behind a remote server
func_ipup()
{
# route add -net $peer_lan netmask $peer_msk gw $IPREMOTE dev $IFNAME
if iptables -C FORWARD -j REJECT; then
iptables -D FORWARD -j REJECT
fi return 0
}
func_ipdown()
{
# route del -net $peer_lan netmask $peer_msk gw $IPREMOTE dev $IFNAME
if (! iptables -C FORWARD -j REJECT); then
iptables -I FORWARD -j REJECT
fi return 0
}
logger -t vpnc-script "$IFNAME $1"
case "$1" in
up)
func_ipup
;;
down)
func_ipdown
;;
esac
You should also block traffic until the tunnel is up. To do it, navigate to Advanced Settings > Customization > Scripts and paste the following lines in the Run After Firewall Rules Restarted field:
#!/bin/sh
### Custom user script
### Called after internal iptables reconfig (firewall update)
iptables -A INPUT -j ACCEPT -s 62.205.132.12 -p icmp
if [ -z "$(ip a s tun0 | grep 'state UP')" ] && (! iptables -C FORWARD -j REJECT); then
iptables -I FORWARD -j REJECT
fi
Once filled out, click Apply at the bottom of the page.
Need to configure other devices? Check our Manuals page where you can find the relevant guides, or don’t hesitate to contact our 24/7 customer support via [email protected].
“OpenVPN” is a registered trademark of OpenVPN Inc.
Select your perfect subscription plan and get additional 7 days of use for absolutely free!