Monday, May 7, 2018

EdgeRouter X VPN connection to mullvad.net

UPDATED here.

Backup your original settings by entering the gui interface, select the system tab in the lower part of the window and choose "Back Up Config"

Copy these files that you obtained from mullvad.net to the edgeos router:

ubnt@ubnt:~$ ls -l /config/auth/
total 20
-rw-------    1 root     vyattacf      6296 May  7 13:38 mullvad_ca.crt
-rw-------    1 ubnt     vyattacf      2202 May  7 13:54 mullvad_crl.pem
-rw-------    1 ubnt     vyattacf       500 May  7 14:16 mullvad_no.conf
-rw-------    1 ubnt     vyattacf        19 May  7 14:09 mullvad_userpass.txt
ubnt@ubnt:~$

Here I am using the "mullvad_no.conf", but you should replace that with the location you are using.

Edit the "mullvad_no.conf" file and insert "/config/auth" before all mullvad filenames (line 21-23 for me)

auth-user-pass /config/auth/mullvad_userpass.txt
ca /config/auth/mullvad_ca.crt
crl-verify /config/auth/mullvad_crl.pem

Now, ***EDIT*** the following text to your settings:
#openvpn to mullvad

set interfaces openvpn vtun0 config-file /config/auth/mullvad_no.conf
set interfaces openvpn vtun0 description 'Mullvad VPN'
set interfaces openvpn vtun0 enable

set service nat rule 5000 description MVPN
set service nat rule 5000 log disable
set service nat rule 5000 outbound-interface vtun0
set service nat rule 5000 source address 10.0.0.0/24
set service nat rule 5000 type masquerade

set service nat rule 5001 description default
set service nat rule 5001 log disable
set service nat rule 5001 outbound-interface eth4
set service nat rule 5001 source address 10.0.0.0/24
set service nat rule 5001 type masquerade

set protocols static table 1 interface-route 0.0.0.0/0 next-hop-interface vtun0

set firewall modify mullvad_route rule 10 description 'MVPN'
set firewall modify mullvad_route rule 10 source address 10.0.0.0/24
set firewall modify mullvad_route rule 10 modify table 1

set interfaces switch switch0 firewall in modify mullvad_route

Changes would probably be in line 3,10,11,16 and 22, outlined in blue. My router are using 10.0.0.1 as the LAN address, eth4 connected to my ISP.

On the edgeos router enter the command  "configure" and paste the edited text into the terminal.

Then enter the "commit" and "save" commands. Browse to your router web interface and refresh to observe the difference.

And check the am.i.mullvad link...