Using PPTP in DD-WRT. Help? (not SOLVED)

[VirtualLarry]

I have no clue how this is supposed to work. Due to the other thread talking about the dangers of an open wifi hotspot, I would like to implement a VPN on my router.
I'm running a standard build (maybe mini build) on broadcom N hardware.

If I click the radio box to enable PPTP Server, I get these fields.
PPTP Server - Enable / Disable
Broadcast Support - Enable / Disable
Force MPPE Encryption - Enable / Disable
(All three of those default to Enable)
Then I have DNS1, DNS2, WINS1, WINS2.
Server IP:
Client IP(s):
Chap-secrets:

The help file is very brief, and says to refer to the PPPD man pages for the format of chap-secrets. It's supposed to be one line per user, with the username and password.

What I don't get is, do I have to have a static IP to use VPN? I have a dyndns domain.
What do I put into the server IP field?

Edit: Found this:
http://www.dd-wrt.com/wiki/index.php/PPTP_Server_Configuration
Update: With firmware DD-WRT v24 SP1 on WRT54GL the router's LAN or WAN static address may be used without disturbing the Web interface. Furthermore, if an address of 0.0.0.0 is entered, then the PPTP server will track the router's WAN address, allowing DDNS to be used. 10 September 2008

Edit: Got it working, according to the guide. For some reason though, when I filled in 8.8.8.8 in the DNS line, and hit Apply, it blanked out the DNS again. Not sure if that's a bug, or if for some reason it doesn't want you to specify a DNS line. Set Server IP to 0.0.0.0. Went to someone else's house, and logged into my LAN. Worked great. Now I have to worry about PPTP security, since I also saw some links to articles that it may be insecure.

Oh, I couldn't browse the list of machines with shares on my local LAN. So perhaps broadcasts weren't working properly. I could access my NAS using the IP address on the local LAN though.

Edit: I tried downloading an MKV from my NAS over the VPN, I'm getting under 300KB/sec. My NAS is hosted on a 25/25 FIOS connection, and the remote computer accessing it is on 16/2 cable.

 

[Nuwave]

This works for version Firmware: DD-WRT v24-sp2 (10/10/09) std (SVN revision 13064) and your router is also the default gateway to the internet

For the server IP, Pick an internal address that is not within your DHCP scope and is not used by anything else.

For client AP's make it a range that is also outside your DHCP scope.

Your usernames and passwords are in the format

username * password *

take notice of the spaces - there is none after the last Asterisk. 1 account per line

forward TCP 1723 and 1792 to the address that is considered the default gateway - NOT the PPTP server address. I'm not sure what 1792 is for but I remember reading it somewhere.

DDNS is setup to whatever.

You should be able to create the tunnel to yourname.dyndns.org

and login using your credentials.

Also note from that same page

update: In my case, linksys wrt-310n v.1 With fw DD-WRT v24 sp2 vpn version(10/10/2009), I tried to use the router's static ip(192.168.1.1) as pptp server ip, the web interface can't be reached nor pinged anymore if connected by pptp client. The web comes back if connection terminated. I change the server ip to 192.168.1.2 and everything is fine now. --aw11onfire 12:44(GMT+8), 10 Dec 2009

Update: It is bad vpn form to use the same IP as the router when configuring the pptp server. The following should be done: 1. Take note of your router LAN IP. (Example: 192.168.1.1) 2. When creating the pptp server use an IP DIFFERENT than the router LAN IP. (Example: 192.168.1.2) 3. If you are trying to access the VPN from the outside world then go to the NAT settings and forward port 1723 to the LAN IP (Example: 192.168.1.1). 4. After using these settings, apply them. Double check that your chap secrets and client IP ranges are set.

 

[VirtualLarry]

I got it working, but I had some problems. When browsing, I was trying to download Media Player Classic Home Cinema, and browsing Microsoft's Windows 7 page.

The download hung, and also trying to browse MS's page hung without loading fully.

Trying to figure out why that's not totally working. It's wierd that it partially works though.

Edit: I tried accessing my VPN from a friend's house on cable. msn.com came up ok, but when I clicked on an article link, it took quite a long while before the page came up. That was in IE8. I tried accessing Microsoft's Windows 7 page in Firefox 4.0beta12, and it still isn't loading all the way. I'm just waiting.

To set up the VPN, I put 0.0.0.0 in the "Server IP" field in the router, as the wiki said that it would automagically get my real WAN IP, and use it. I also didn't have to forward any ports.

I'm using a 15000-something build of DD-WRT. I'd have to check the exact build number.

The fact that it works at all, seems to indicate that those settings are (mostly?) ok, but the fact that it hangs sometimes loading some pages confuses me. I think I might be having DNS issues.

PPP adapter MyConnection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : MyConnection
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.2.20(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled


Is the default gateway on the PPP connection supposed to show 0.0.0.0?

Edit: These forums load fine (using ABP though), and even this picture-heavy thread loads fairly fast.
http://forums.anandtech.com/showthread.php?t=2139877&highlight=vivithemage
I can watch the pictures slowly stream in, but it's steady. It doesn't "hang", like the browsing of several sites does.

This is the problematic link that doesn't load completely:
http://www.microsoft.com/windows/windows-7/default.aspx

speedtest.net isn't coming up at all for me either. Hangs on "waiting for cdn.speedtest.net". It seems that all the sites that are hanging, are those "content distribution network" sites, edge-caching and the like. They play games with DNS and routing, and I guess they don't work with VPN for some reason.

Also, I wonder if I'm having MTU issues or something.

Edit: I tried downloading MPC-HC again, this time it worked and didn't hang, it is downloading at 60KB/sec.

 

[Nuwave]

that may work but while the tunnel is up having the same IP as the outside router address maybe cause issues if you also try to connect to the web interface via that address. The point may be moot as you should be able to connect to the inside interface when the tunnel is up. I would still recommend a unique IP on the inside with port forwarding.

As for the other issues you should realise that while your connected to the PPTP by default all your traffic to and from the internet goes through the tunnel and out that way. essentially while your downloading your media, your router is uploading it to you through the tunnel. Your 25Mbps should not be an issue but maybe you should verify your are getting close to that without the tunnel.

Also realize that PPTP is cpu intensive the router you are using may not be able to push much more than what you are getting. With DD-WRT you should be able to monitor that and determine if the cpu is pinned while you are downloading.

It is not recommended and absolutely hated by corporate network admins, but may be worth for you to consider doing if you understand and accept the risks, is what is called split tunneling. I'll let you google that and find out if you want to do that or not.

For the browsing/broadcasting the version I use has a option for broadcast support - enable/disable right above where you would enter in the server IP. You may have to find something similiar for your version.

Hope this is helpful