In adition to the standard NVRAM configuration options, my firmware modifications add a few more options which can be set using the nvram utility on the WRT54G command line (but don't forget to invoke "nvram commit" before rebooting)
By default WRT54G v1.x use the 4702.et driver which handles VLAN tags internally and exposes the LAN switch as eth0 and the WAN interface as eth1.
WRT54G v2 exposes the 5-port Ethernet switch as eth0 using VLANs (id 0 for the internal LAN and id 1 for the WAN interface).
WRT54G v1.x devices can also be switched to VLAN mode, but it uses VLAN id 2 for the internal LAN. The following settings can be used to switch the WRT54G v1.x to VLAN mode:
List of NVRAM settings to customise the OpenVPN configuration. Up to 10 OpenVPN processes can be configured using the following NVRAM setting (the first OpenVPN process uses the prefix openvpn_, the second OpenVPN process uses openvpn2_ as its configuration prefix and so on). You can either choose to store the whole OpenVPN config in NVRAM (using openvpn_config), or you can use the individual options to configure OpenVPN. In any case, certificates or keys must be stored in the respective NVRAM settings.
Before OpenVPN is started, the contents of openvpn_ca, openvpn_cert, openvpn_key and openvpn_secret will be written to the files /tmp/openvpn/ca.pem, /tmp/openvpn/cert.pem, /tmp/openvpn/key.pem and /tmp/openvpn/secret.key. BTW, the recommended way of setting these options is to use "nvram set openvpn_ca" (note, that there is no '=' after the NVRAM key name which will tell the nvram utility to read the value from stdin) then copy-and-paste the file and finish by pressing Ctrl-"D".
All other NVRAM settings for OpenVPN will be passed on the command line to OpenVPN.
Please note that OpenVPN's certificate validation requires that the system clock is set to the correct time.
The following OpenVPN configuration file is built into the firmware and used by OpenVPN. Commented out options can be set using the NVRAM setting shown above.
mode server dev tun #lport [openvpn_lport] #ifconfig [openvpn_ifconfig] #ifconfig-pool [openvpn_pool] #route [openvpn_route] #push "[openvpn_push]" link-mtu 1460 mssfix 0 tls-server dh /etc/dh1024.pem persist-key #comp-lzo no-replay ping-exit 600 verb 1 daemon
The following configuration can be used on a client to connect to the OpenVPN server on the WRT54G:
dev tun remote [remote-ip-addr] [remote-port] nobind pull link-mtu 1460 mssfix 0 tls-client ca /etc/openvpn/ca.crt cert /etc/openvpn/cert.crt key /etc/openvpn/key.crt persist-key ping 60 ping-restart 150 no-replay verb 1 daemon