dd-wrt and OpenVPN, don’t do it

Thinking about using your router with dd-wrt to run all of your home connections through a VPN such as OpenVPN? Don’t bother unless your router has an insanely powerful CPU. I learned this lesson the hard way when I decided to flash my TP-LINK WDR3600 (N600) with dd-wrt. 10-14mbps is all that the device seems to be able to handle on its 560MHz AR9344 CPU before maxing out. I have a 100mbps connection and that is a massive performance penalty.

## Tips–for others who want to try anyways with a TP-Link WDR3600

I suggest jumping straight to one of the newer builds of the firmware. I used [“BrainSlayer-V24-preSP2”](http://dd-wrt.com/site/support/other-downloads?path=others%2Feko%2FBrainSlayer-V24-preSP2%2F) dated 2014-12-15 successfully. The [dd-wrt router database](http://www.dd-wrt.com/site/support/router-database) will suggest that only the “v24 PreSP2 [Beta Build: 21061]” image dated 2013-04-24 is supported by this device. However, I ran into two problems with this build:

1. SSHd could not be enabled to allow remote login to the router
2. OpenVPN implementation lacked configurable username/password configuration. This needs to be manually set on the command line.

The OpenVPN client is picky. Make sure that your settings match exactly with your VPN provider. For example, you may need to manually set LZO compression, hash algorithm, and so on.

## Suggestion

If you don’t have a powerful CPU in your router, I suggest that you pass on the idea of setting up whole home VPN. Stick to running VPN clients on your devices individually. At minimum, consider setting up a dedicated computer to run the OpenVPN daemon and then route all traffic through this gateway on your home router to get the best results.

3 comments… add one
  • Kadigan Jun 21, 2017 Link Reply

    You forget in your spiel that there may be people who don’t look for absolute throughput with their home VPN. There are people that use their dd-wrt routers as VPN servers, so that they can encrypt (thus locally scamble) their whole traffic while connected to unsecure WiFi networks, or even the cellular network. If you don’t care for throughput, it’s not a bad solution, and it can be had for exactly $0 additional costs.

  • frank May 20, 2017 Link Reply

    Hi folks, just 4 info, just tested it with my Linksys WRT160N v3 and it can do about 6 MBit/sec via OpenVPN … I’m shopping for a new router … 😉

  • Jeffrey Jones Mar 8, 2015 Link Reply

    I learned the same thing – it brings your speed down significantly since the cpu cannot keep up with the encryption. I decided to build my own router out of a dell server I have – dual quad core 6x 1gb nic for internal connections then i am having the wifi router use that as a gateway i am having it connect to vyprvpn using 256bit encryption and still getting 100mb download / 25mb upload. The server is doing other things for me also otherwise it would be overkill and a huge waste of power to just run it as a router.

Leave a Comment

Time limit is exhausted. Please reload CAPTCHA.