I've been reading http://forum.openwrt.org/viewtopic.php?id=786 and http://openvpn.net/index.php/documentat … ml#dynamic and I think I need a little help understanding them.

Here is what I have working:

I have openvpn in bridging mode working great in CO while I connect from WA.

However, the WRT54G in CO is using a static IP and that is costing a lot of money!

Here is what I want:

I'd like to down grade to a cheaper (but faster) dynamic IP (dhcp) (on both ends) and still connect via openvpn.

Do I want to be using ddclient as suggested in the openvpn FAQ?

Is http://forum.openwrt.org/viewtopic.php?id=786 addressing my needs? They don't mention openvpn so I'm not sure.

Thanks,
Siegfried

hi,

the openvpn client just need to reach the port on which the openvpn-server is listening, so you don´t need any special setup for dyndns and openvpn.

just configure dyndns on the openserver (I use dyndns.org, and ez-ipupdate as client on openwrt for updating, but there are many other services around)

and then use the dns-name instead of the server-ip in the openvpn-config of the client

that´s it!

Thanks! I installed ez-ipupdate. I had trouble with the documentation since all I could find for documentation was http://ez-ipupdate.com/userdoc.php which consisted of a bunch of links that gave me page not found errors.

http://prefetch.net/articles/dynamicupdate.html was a little bit of help but I'm not sure how to configure it.

Can anyone explain to me how to configure it?
Thanks!

Siegfried

I just got a response from dyndns.org asking how to configure ez-ipupdate. They suggested I use inadyn but that does not show up on WhiteRussian when I do a ipkg list | grep inadyn. Is it available for white russian? He suggested I use DDWRT but I don't want to install new OS on something that is not broken now.

Siegfried

Here's what I use with ez-ipupdate and have never had a problem:

root@OpenWrt:~# cat /etc/ez-ipupdate.conf 
service-type=dyndns
user=username:password
host=yourhost.dyndns.org
max-interval=2592000
quiet

# Do not change the lines below
cache-file=/tmp/ez-ipupdate.cache
pid-file=/var/run/ez-ipupdate.pid

If I use the "-d" for deamon, do I have run it repeatedly via (for example) cron?

Does Comcast provide a firewall for you? I'm using Comcast in Bellevue WA. I can ping my Bellevue, WA router with my new domain from dyndns.org but I cannot ssh into the WRT. I have used the iptables to punch a hole for ssh but no luck.

Hmmmm... I have two routers here in Bellevue, WA where I have a dynamic IP from comcast. With the Motorola router www.grc.com says everything is complete stealth. With the linksys/openwrt I fail on many ports because "your computer has responded that this port exists but is currently closed to connections".

(In Boulder CO I have another WRT on a fixed IP. I have successfully punched a hole so I can ssh into it while I am here in Bellevue, WA).

So what does that mean? I think it means that Comcast is not providing a firewall. This is good news.

But if this is true, why cannot my router in Boulder, CO ssh into my router in WA?

When I try, I get "ssh: exited: Error connecting: Connection refused"

However, my WRT in Boulder can ping my router WRT in Bellevue, WA. (And my free DNS from dyndns.org gets correctly translated too! Hurray!) What does that mean? Does that also prove Comcast is not providing a firewall?

Maybe I should try http and open up port 80 and see if I can see a web page on the openwrt. They probably explain how to do that on openwrt.org but I'm out of time this morning.

Anybody have any other ideas?
Thanks,
Siegfried