Turning Your PC into a DD-WRT Wired Router - From Windows

Normally, when we cover DD-WRT and other firmware replacements for wireless routers, we discuss flashing (or uploading) the firmware to a router. However, DD-WRT also has an X86 version that can be installed onto just about any generic PC.

This is great if you don’t have a compatible router lying around and don’t want to track one down with the right model and version number. Plus it lets you exceed the usual 16MB of RAM and slow CPU in the off-the-shelf consumer-level routers.

In this tutorial, we’ll build and set up a DD-WRT machine.

Features on a normal dd-wrt firmware (wifi router):
http://www.dd-wrt.com/wiki/index.php/What_is_DD-WRT%3F

Limitations of the X86 version

Keep in mind; if you want to go the free route, you’ll only have a wired router—but you can add separate access points. Wi-Fi support is only available in the registered version by purchasing a Professional Activation for € 20.00 ($28.36).

You also lose these features for any X86 version of DD-WRT:

• USB Support. For example, you can’t connect USB drives or printers to share them on the network.
• Journaling Flash File System (jffs). Normally this would let you store files directly on the router, such as for NoCatSplash hotspot captive portal pages and other custom configuration.
• Itsy Package Management System (Ipkg). This would have let you add features from OpenWRT that aren’t already in DD-WRT.

Putting the DD-WRT machine together

First, make sure you have an X86 compatible PC, i386 or greater, which is just about any old PC. You need only 16MB or more of RAM. However, you do need at least two network (Ethernet) cards, one for the Internet and others for the LAN.

Don’t forget a spare hard drive. It must be dedicated to the cause as it will be reformatted and repartitioned.

Though a monitor and keyboard aren’t required, they’re useful if you run into problems, so you can access the console.

Getting ready for the installation

We’re going to use a Windows-based program to upload the DD-WRT disk image to the spare hard drive. So you need to take the drive out of the DD-WRT machine and temporarily put it into a working computer.

On your working computer, you need to download the transfer utility, physdiskwrite, and the desired X86 version of DD-WRT. At the time of this writing, the most current release is v24 Service Pack 1. If going the free route download dd-wrt_public_vga.image or dd-wrt_full_vga.image if you’re purchasing a license.

It’s easier to download the DD-WRT file to the physdiskwrite folder.

Verify the drive assignments

When you upload the disk image to the drive, the utility will be referencing the computer’s drives using the disk numbers. So you’re absolutely sure you have the right disk—and not the one you use every day—you should verify the drive assignments.

You can open the Computer Management program to view the Disk Management utility in Windows:

In Vista, click Control Panel > System and Maintenance > Administrative Tools > Computer Management.

In XP, Control Panel > Performance and Maintenance > Administrative Tools > Computer Management.

The disk numbers (Disk0, Disk1, Disk2, etc.) are shown on the graph of drives and partitions.

Transferring the image using physdiskwrite

When you’re ready, here’s how to install DD-WRT X86 onto your hard drive from your working computer:

1.    Bring up a Command Prompt. If using Vista, click the Start button, type cmd into the search box, right-click the cmd icon, and select Run as administrator. In XP, simply click Start > Run, type cmd and hit Enter.

2.    Navigate to the directory where you have the physdiskwrite utility and disk image. It might be easier to browse to the location in Windows and copy the location from the address bar. Then in the Command Prompt you’d type cd, paste in the path, and hit Enter.

3.    Type physdiskwrite -u dd-wrt_public_vga.image and hit Enter. Adjust the image file name if you’re using a different one.

4.    Type the disk number of the spare drive. WARNING: Remember, this completely erases everything from the drive and you’ll lose any files on it.

5.    After it completes, shut down and unplug the computer to remove the drive and put it back in the DD-WRT machine.

Getting started with DD-WRT X86

After DD-WRT boots up, the router should start working. You should hook the WAN/Internet cable up to the ether0 interface, which is usually the built-in or on-board Ethernet port, if any. The remaining interfaces are for the LAN/network. You can connect them to computers or to a switch.

You can figure out which interface is which by referencing the console screen after hooking up a cable to the interfaces. It tells you the status, which includes the interface number.

The default IP address is of the router is 192.168.1.1. The DHCP server is enabled, just like with the firmware versions, so users will automatically receive an IP. To access the Web GUI, type the IP of the router into a browser. To access the console on the machine, hit Enter. The default username is root and the password is admin.

Read our other DD-WRT tutorials

Now that you have a DD-WRT router up and running—hopefully—take a look at all the tutorials we have on the subject. Maybe extend your range with WDS, build a wireless bridge, use multiple SSIDs, and much more.

Eric Geier is the author of many networking and computing books, including Home Networking All-in-One Desk Reference For Dummies (Wiley 2008) and 100 Things You Need to Know about Microsoft® Windows Vista (Que 2007).

Taken From: http://www.wi-fiplanet.com/tutorials/article.php/3835526

Setting up a dial-up VPN on the Juniper NetScreen Remote (client)

Note: I tried the tutorial on a Juniper SSG350M, with FW 6.0.0r4.0, and it worked althoug it's not the equipement on the tutorial


Note: To see the pictures at full quality just click on them.


This article was graciously contributed by mwdmeyer which was originally posted on his site here.

I've been getting lots of hits to the post about a site to site VPN setup with a netscreen. So I've decided to do one for a dial-up VPN user connecting to a netscreen.

A dial-up user is anyone who needs access into the network and has a dynamic ip address. We don't wish to be able to access them (the dial-up user) from within the network. This is how we setup most connections at work. This allows people to access file shares and outlook (without the need to setup RPC over HTTP).

Background

• Netscreen 5GT running ScreenOS 5.4.0r1 (Should be the same process for any netscreen running ScreenOS 5.x)
• Netscreen Remote 8.7 (The Windows VPN client)
• Local Network (the one in which the vpn users want to access) of 10.0.0.0/22 (10.0.0.0 - 10.0.3.255)
• External Address of 59.167.253.89

Setting up the Netscreen

1) First we need to create a user. This can be found in Objects -> Users -> Local (Note: Follow the screen shot below, you don't need a password here, you do need the IKE User info though)




















So we have our user, Test.User

2) Create Phase 1 of the VPN tunnel. This can be found in VPNs -> AutoKey Advanced -> Gateway (Note: Security level is set to custom, password for VPN is entered here, Outgoing interface is your untrust interface).

3) Now we'll modify the advanced settings. Click Advanced (Note: We're using DES and MD5 here. Mode is set to Aggressive)




















Now click return and okay to save your settings.

4) Now we'll create the Phase 2 information. This can be found in VPNs -> AutoKey IKE (Note: Security level is set to custom, Remote Gateway is set to "Test.UserP1")

5) Now we'll modify the advanced settings. Click Advanced (Note: We're using DES and MD5 here. Replay Protection is on)

Now click return and okay to save your settings.

6) Now we'll need to create a policy. This will go from untrust to trust. This can be found in Policies.

Click new (Note: Source Address is Any-IPv4 or just Any if IPv6 is disabled, Destination Address is your local subnet, tunnel the connection though the VPN user "Test.UserP2")

Now the Netscreen has been setup.

Setting up Netscreen Remote

1) Open the policy editor in Netscreen Remote

NetScreen Remote 1

2) Create a new connection (Note: Type in the remote subnet details and set the secure gateway to your netscreens external address)

















3) Now we'll setup the login details (Note: The Certificate is None, The ID Type is Domain Name and the value is "Test.User")

















4) Now click Pre-Shared Key (Note: Type in the password you used when setting up the connection in the netscreen)

















5) Now we'll set the connection to aggressive (Note: Enable PFS, DH is Group 2 and Enable Replay Dection)

















6) Now we'll setup the Phase 1 details (Note: We're using DES and MD5 here. SA Life is 28800 seconds)

















7) Now we'll setup the Phase 2 details (Note: The SA Life here is 3600 Seconds)

















8) Save the settings and Test!

That should be all you need to do.

Notes

• The VPN may not work behind some NAT routers. You can try turning on NAT-T within the netscreen, although I find it doesn't normally work.
• Make sure the details in the Netscreen and Netscreen Remote Match (i.e Phase 1 policies etc)
• You can check the logs from both Netscreen and Netscreen Remote
• You cannot connect to the VPN while within the local subnet
• Netscreen Remote should be disabled when you're directly connected to the network
• Only traffic for the subnet is passed over the VPN.

Taken From: http://www.juniperforum.com/index.php?page=20
Added minor correction in te policy source that has to be "Dial Up"