PPTP Guide
Contents
Why use a VPN?
A VPN encrypts the traffic going across the network. The prevents prying eyes from seeing your details. Another great feature is that your external IP will appear to be in the country of the VPN. For example, if you live in Paris and have a VPN back to San Diego, CA, you're IP will be a stateside IP. This allows you to watch content that is normally blocked outside the United States, like Netflix.
How to Setup a PPTP VPN connection
Prerequisites
- A PPTP VPN account - I suggest StrongVPN[1] for the WDTV because that is how b-rad made the app.
- pptp.app.bin[2]
- Thumbdrive
Installation/Setup
- Copy the pptp.app.bin to your USB drive and reboot. When the WDTV comes back up log into the WebEnd and click on WDLXTV Config. Open the Apps tab and you should see the pptp configuration section.
- Open a new window and go to StrongVPN's FAQ[3]. Scroll halfway down until you find their DNS addresses. Copy the first one and put it in the PPTP VPN DNS field of the pptp config.
- Navigate to your StrongVPN account settings. To find this, log in to StrongVPN and click on VPN Accounts Summary and then click on View Greeting.
- In the pptp settings enter the password in the PPTP VPN Password field, username in the PPTP VPN Username field, and Server IP (not Server Address) in the PPTP VPN Adress field.
- Click Save.
Using the VPN
When you want to enable or disable the VPN open the WebEnd and click on the pptp button in Plugin Daemons.
Things to note
When you are using the PPTP VPN, by default all traffic is routed through the VPN. Yes, you can watch Netflix, but your bittorrent traffic will also go through the VPN.
The data going across a PPTP VPN is encrypted when setup correctly; however, the initial handshake with the username/password is sent in clear text. If somebody is able to sniff this then they can easily get your information.
I had a problem with the WDLXTV Live+ 1.05.04 0.5.1.1. I kept getting the following error when trying to start the VPN:
Starting pptp config saved val:key => (PLUGIN_WEBDIRS,webirc|/apps/webirc/cgiirc,mt-daapd|/usr/share/mt-daapd,umsp|/usr/share/umsp,nzbgetweb|/usr/share/nzbgetweb,rtorrent|/usr/share/rutorrent) config saved val:key => (PLUGIN_WEBDIRS,webirc|/apps/webirc/cgiirc,mt-daapd|/usr/share/mt-daapd,umsp|/usr/share/umsp,nzbgetweb|/usr/share/nzbgetweb,rtorrent|/usr/share/rutorrent,pptp|/apps/pptp/usr/share/pptp) /apps/pptp/bin/pppd: error while loading shared libraries: libpcap.so.0.8: cannot open shared object file: No such file or directory Done
This seems to only be a problem with the WDLXTV Live+ of this firmware, the WDLXTV Live works fine.
Verifying the VPN is working.
Before turning on the VPN, run the following command in a command shell:
wget -O - http://automation.whatismyip.com/n09230945.asp 2>/dev/null
Enable the VPN and run the command again. Double check that the IP isn't the same as your external IP from a computer that is not using the VPN.
How to Setup an OpenVPN connection
Prerequisites
Installation/Setup
- Rename the downloaded bin to openvpn.app.bin
- Copy the bin to the thumbdrive
- Reboot the WDTV
- Make a backup of the original config file by using # mv /apps/openvpn/etc/openvpn.conf /apps/openvpn/etc/openvpn.conf.bak
- Copy your certs and any configuration files to /apps/openvpn/etc/. For StrongVPN I had to rename my ovpn file to openvpn.conf.
- Edit your conf file to reflect your VPN settings. Make sure you correctly point to your certificates.
Using the VPN
To connect to the VPN type /apps/openvpn/etc/init.d/S90openvpn/openvpn start
Verifying the VPN is working.
Before turning on the VPN, run the following command in a command shell:
wget -O - http://automation.whatismyip.com/n09230945.asp 2>/dev/null
Enable the VPN and run the command again. Double check that the IP isn't the same as your external IP from a computer that is not using the VPN.
Using a DNS Proxy
What is a DNS Proxy?
The easiest alternative to a VPN is a DNS proxy. I suggest using Unblock-US[6]. They have a free 1 week trial and seem to work well. After the 1 week it is $5/mo.
Here is a quick overview of how it works[7]
Installation/Setup
- Sign up for a free account at http://www.unblock-us.com. You will need to enter your email address. (This service is only free for 1 week.)
- On WDTV, go to Settings > Network settings > Network Setup and select Automatic.
- Wait until the WDTV obtains IP address and other settings from the router (if it can't then find connection problem and try again)
- Open again Settings > Network settings > Network Setup and select Manual
- Scroll down to DNS at the bottom and press Enter
- Set following numbers in DNS field: 208.122.23.22
- Press Submit > Finish > OK
- Turn off device with power button on the remote
- Wait ten seconds
- Turn it back on
- In a terminal (SSH or telnet) type lynx http://check.unblock-us.com/
- Enter your email address and press Continue. Press A to always accept the cookie.
Things to Note
Unblock-US will only act as a proxy for US only sites. Here is a full list of the sites they act as a proxy for[8]. All other traffic will be routed normally through your ISP. This means all bittorrent traffic will route through your ISP as well.
Your cookie may expire. Simply open a terminal and go to http://check.unblock-us.com again.
What's Left?
I am trying to figure out how to route only Netflix through ppp0 and all other traffic (bittorrent) through eth0. If somebody can figure out how to do this with routes, please update this page.