Re: VPN anyone?
Hi, has anyone tried using the omega2 as openvpn client..? and if so, would you please care to share how you got it to work?
I've noticed on the changelog, strongswan has recently been implemented, though no info on how to set up/use it as client
March 2, 2017
Added following packages to Onion repo: * avahi-utils * midnight commander (mc) * strongswan vpn)
Not sure if it's wise to get a low-end CPU without h/w crypto accelerator to do the
heavy lifting on VPN? May be it will work, but at what speed?
< add a correction >
MT7688 has a module for AES128/256 in CBC mode.
Its current use is for encrypted channel in WiFi.
Performance shouldn't be too worrysome - assuming the Onion is the endpoint - it's CPU/IO limited in itself, so the VPN overhead will surely make it worse, but I'd imagine it's like dropping from 200KB/s to 100KB/s. A large overhead, but if we're honest, it's something you can adapt to.
i'm successfully using OpenVPN client with Omega2+ using AES-128 encryption without any cpu overhead problem. I'm using the LEDE project distribution re-built after re-configuring it through the 'make menuconfig'. A short steps list follows:
- Download from github (git clone) the latest LEDE project source repository
- 'make menuconfig' and add OpenVPN plus SSL and Crypto libraries (and some other useful stuff you need)
- 'make', then copy the created firmware file (.bin) found in the bin/<target> directory to a USB key root
- rename the firmware bin file to 'omega2.bin'
- insert the USB key into the USB interface of the Omega 2 Dock, keep pressed the reset button and then power-on the board. - from the menu choose the command '2', then wait for the firmware file being flashed. lede distribution then will boot.
- edit /etc/config/openvpn with your openvpn configuration (see openvpn manuals) and copy all certificates to /etc/openvpn directory
- /etc/init.d/openvpn restart and you shoud be able to use openvpn as a client.
Hope this will help!