It’s 2022 and this article is partly outdated. You now have to set two IPv4 routes since part of the address space has been sold. Everything else should still work just fine.
ENGLISH VERSION BELOW
Ich wollte unbedingt ins Hamnet. Komfortabel per WLAN mit all meinen Geräten. Also habe ich meinen Router mit OpenWRT so eingerichtet, dass er sich mit dem VPN verbindet. Denn eine HF-Verbindung habe ich leider nicht.
Allerdings gibt es dabei noch ein paar Sachen zu beachten.
Ich werde jetzt nicht auf das einrichten einer VPN-Verbindung eingehen, sondern nur darauf, was speziell für das Hamnet notwendig ist. Für das einrichten einer VPN-Verbindung gibt es genug Anleitungen. (Aber ppp-mod-pptp muss installiert sein.)
Nachdem das VPN eingerichtet wurde, muss erst einmal die Firewall Zone geändert werden. Stelle sie z.b. auf „HamnetVPN“. Dazu gibst du bei unspecified -or- create: einfach „HamnetVPN“ ein. Danach muss in der Config-Datei /etc/config/network die Zeile option auth 'pap' hinzugefügt werden, denn die Verbindung wird unverschlüsselt aufgebaut. OpenWRT versucht standarmäßig das verschlüsselte CHAP zu nutzen. Am einfachsten kann die Datei mit nano editiert werden. Falls noch nicht installiert, wird das mit opkg update gefolgt von opkg install nano getan.
Die Firewall-Zone „HamnetVPN“.
Die Datei öffnen wir nun mit nano /etc/config/network und fügen die Zeile hinzu. Danach sollte unser Eintrag so aussehen:
config interface ‚hamnet‘
option proto ‚pptp‘
option server ‚ruhrlink.dyndns.org‘
option password ‚q<$djre9sk#)2zTB‘
option auth ‚pap‘
option username ‚dc7ia‘
option defaultroute ‚0‘
Natürlich ist das Passwort nicht echt! 😉
(Die Reihenfolge der Optionen ist egal.)
Wir speicern mit Strg+O und schließen mit Strg+X.
Anschließend müssen wir die Datei /etc/ppp/options.pptp editieren. Dort fügen wir nomppe hinzu. Die Datei sieht dann so ähnlich wie diese aus:
noipdefault
noauth
nobsdcomp
nodeflate
idle 0
# mppe required,no40,no56,stateless
maxfail 0
refuse-chap
nomppe
Die Zeile, welche mit mppe beginnt, muss wie oben mit dem # auskommentiert werden. Dann speichern wir und starten den Router neu. Jetzt müsste man unter Interfaces sehen, dass das VPN eine 44.*-IP-Adresse bekommen hat:
Das Hamnet-VPN ist erfolgreich verbunden.
Anschließend muss noch die statische Route gesetzt werden:
Die statische Route unter OpenWRT eingerichtet für das 44.0.0.0/8 Netz.
Diese statische Route bewirkt, dass die Pakete fürs Hamnet auch dahin kommen, und nicht ins Internet geschickt werden. Dies machen wir unter Network -> Static Routes.
Jetzt sollte dein Router dir das Hamnet über WLAN und LAN zur Verfügung stellen. 🙂
Denke aber daran, dass du deine VPN vor unbefugter Nutzung schützen musst. Dein WLAN sollte verschlüsselt sein.
Vielen Dank an Florian, DF2ET. Er hat mir gut geholfen. So doll, dass es nun funktioniert. 🙂
ENGLISH
(Hint: Ask for the VPN vpn@ruhrlink.org )
I really wanted to use Hamnet. Comfortable via Wi-Fi with all my devices. So I have set up my router with OpenWRT so that it connects to the VPN automatically. I can’t use RF because I don’t see the repeater.
However, there’s still a few things to note.
I will not go into detail how to set up a VPN connection, but only to what is specifically required for the Hamnet. For setting up a VPN connection there is enough instructions online. (But make sure you have ppp-mod-pptp muss installed.)
After the VPN was set up once the firewall zone needs to be changed. For example, set it to „HamnetVPN“. Just type in field unspecified -or- create: the name of the firewall zone, for example „HamnetVPN“. Then you have to change the Config-file /etc/config/network and add line option auth 'pap', because we neeed an unencrypted connection. OpenWRT tries to use encrypted CHAP as default. The easiest way to edit this file is to use nano. If not installed yet that can be done with opkg update and opkg install nano.
The code firewall zone „HamnetVPN“.
We open the file using nano /etc/config/network and add the line. Then our entry should look like this:
config interface ‚Hamnet‘
option proto ‚pptp‘
server option ‚ruhrlink.dyndns.org‘
option password ‚q<$djre9sk#)2zTB‘
auth option ‚pap‘
option username ‚dc7ia‘
option default route ‚0‘
Of course is it not my real password! 😉
(The order of options does not matter.)
We save with Ctrl + O and end with Ctrl + X .
Then we need to edit the file /etc/ppp/options.pptp . There we add nomppe . The file will look something like this:
noipdefault
noauth
nobsdcomp
nodeflate
idle 0
# Mppe required, no40, no56, stateless
maxfail 0
refuse-chap
nomppe
The line beginning with mppe must be commented out as above with the # . Then we save and restart the router. Now would you see at menu point "interfaces" that the VPN has a 44.* IP address.
The code Hamnet VPN is connected successfully.
The static route must be set:
The code static route set up under OpenWRT for the 44.0.0.0/8 network.
This static route causes packets for Hamnet also to get to, and not be sent to the Internet. We do this under Network – & gt; Static Routes.
Now your router you should give you Hamnet access via WLAN and LAN. 🙂
But remember that you need to protect your VPN from unauthorized use. Your WLAN should be encrypted.
Thanks to Florian, DF2ET. He helped me well. So great that it works now. 🙂
Hello Joshua and Eric,
name is David, call is CT1DRB and my qth is 15 km south of Lisbon.
I followed your instructions and my GL.INET is working more or less. In fact I have access to HAMNET, if I am connected to the router under an SSH session from computer to router. If I try to connect to HAMNET from my computer I do not get it.
Most probably I did something bad so I am here to get help from you.
Best 73 and have a nice weekend.
CT1DRB
David Quental
Hi David,
it seems that your HAMNET-Connection is not routed to the Clients. Make sure you have set up the static route for 44.0.0.0/8 over the hamnet connection.
Hello Joshua,
in fact I filled board with the 44.0.0.0/8 in the HAMNET interface, still no luck.
I performed a wireless connection from my home wireless router to the GL.INET router, then I have a LAN connection to my computer, IP is 192.168.1.5. It is from here that I have problems. Maybe it is NAT misconfiguration but I do not know how to solve it.
Best 73.
CT1DRB
David Quental
Check this: http://blog.dc7ia.eu/picdat/Bildschirmfoto_2015-11-22_13-58-07.png
My /etc/config/network:
config interface 'loopback'option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdf2:8bf9:8ed3::/48'
config interface 'lan'
option force_link '1'
option type 'bridge'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option _orig_ifname 'eth0 wlan0'
option _orig_bridge 'true'
option ifname 'eth0'
option ipaddr '192.168.2.1'
config interface 'wan'
option ifname 'eth1'
option _orig_ifname 'eth1'
option _orig_bridge 'false'
option proto 'dhcp'
config interface 'wan6'
option ifname '@wan'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0 1 2 3 4'
config interface 'hamnet'
option proto 'pptp'
option server 'ruhrlink.dyndns.org'
option auth 'pap'
option username 'dc7ia'
option defaultroute '0'
option demand '0'
option password 'password'
config route
option interface 'hamnet'
option target '44.0.0.0/8'
option metric '0'
Hi Joshua,
tks for your picture. I have disabled the WAN interface. However, it still does not work. Compared to you I have another interface, it is the WWAN one.
In a particular email I send you more details about it.
Best 73.
CT1DRB
David Quental
Why did you disable the WAN interface? You will need it.
EDIT: Just for the record: Make sure you have „option metric ‚0‘ “ under config route!
Dear OM,
Pse can you help me with the openvpn configuration on the small router gl.inet , configured with openwrt latest version to connect hamnet on it.
In the Netherlands no one had did it .. my results so far you can see , sorry dutch only .. on wiki.pa2eon.nl
Kind regards, Eric – PA2EON
Hi Eric,
sure I will help you. 🙂
Just tell my what you didn’t understand. Or sent me a link to your results. 😉
Joshua
Dear joshua,
The gl.inet router is active with your setup !
The basic you need is a pptp account at the german hamnet. After that you have to follow the pptp setup:
opkg update
opkg install ppp-mod-pptp
use your call and password .. and then follow your setup.
Many thanks for your information on your webpage.
Eric, PA2EON
Have you also set up the router in a way, that allows to connect to hamnet and internet over the same wifi?
I think it makes browsing much more comfort. 😉
Also thank you for the hint with ppp-mod-pptp. I didn’t mention
that, because I didn’t make to explain how to setup VPN, I wanted to
explain what has to be done differently than normal. But a made a short
note, so no-one will have done the same fail.