[Solution] nfusion, ihub or any IKS receiver through VPN to hide your IP

[the_badboyy]

We must have seen atleast a million threads asking is it safe to use nfusion, ihub or any IKS receiver? Well I dont know. But the following is definitely a better way to connect the receiver since it adds a layer of security by hiding your IP address. Even if nfusion or ihub server is compromised all they would see is VPN service provider IP address and not yours.

This has been tested on Ace VPN - Free, Highly Secure, Anonymous and Private SSL VPN Service Provider vpn service for about 1 year now. You need to signup for their premium VPN which costs $5 per month. You can use any provider as long they support openvpn but make sure they dont retain logs about your activity. I have known acevpn.com for quite sometime and I highly recommend them.


VPN Provider Link: Ace VPN - Free, Highly Secure, Anonymous and Private SSL VPN Service Provider
The installation steps with screenshots is at Configure Ace SSL VPN On Tomato Flashed Router | Ace VPN


How it works?
1. The receiver is connected to the wireless router running tomato or dd-wrt firmware (running in the client mode) using ethernet cable. I recommend tomato since I have better experience with it. Its stable and faster. If you like dd-wrt better no worries. Its your preference.
2. The wireless router has Ace VPN configured.
3. The wireless router communicates with the host router using the wireless link or through cable.

You could make this work using 1 router instead of 2 by configuring VPN on your main router. Follow steps from Step2 for this.

Assumptions

Primary or host router will be referred as Router A
Secondary or client router will be referred as Router B
Router A internal IP is 192.168.1.1 and subnet is 255.255.255.0
Router A has wireless enabled
Router B settings has been reset to factory defaults

Router B: Configuration Steps

Step 1:
Connect a PC to the Lan port of the Router B
Using your browser, login to the admin page of Router B. By default this is available at http://192.168.1.1
Go to Basic -> Network and set values as per below
Lan

Router IP Address: 192.168.2.1
Subnet Mask: 255.255.255.0
DHCP Server: Checked
IP Address Range: 192.168.2.120 - 192.168.1.199
Wireless

Enable Wireless: Checked
Wireless Mode: Wireless Client
B/G Mode: Mixed
SSID: acevpnhostrouter. Should be same as Router A
Security: WPA Personal. Should be same as Router A
Encryption: AES. Should be same as Router A
Shared Key: Enter the secure key of Router A
Hit the Save button

Step 2:
Go to VPN Tunneling ? Client Settings tab and set values as per below
Client1 -> Basic tab

Start with Router: Checked
Interface Type: Tun
Protocol: UDP
Server Address/Port: 94.23.114.100 443
Firewall: Automatic
Authorization Mode: TLS
tls-auth: Disabled

Client1 -> Advanced tab

Redirect Internet Traffic: Checked
Accept DNS Configuration: Checked
Protocol: UDP
Encryption cipher: Use Default
Compression: Enabled
Connection Retry: 30
Custom Configuration:
remote 76.73.56.41 443
ns-cert-type server
auth-user-pass /tmp/openvpn-client1-userpass.conf
auth-nocache

Client1 -> Keys tab

Certificate Authority: Paste the contents of acevpn-ca.crt
Client Certificate: Paste the contents of acevpn-user.crt
Client Key: Paste the contents of acevpn-user.key. This is the password file. Do not share this with anyone.
Hit the Save button to save changes

Step 3:
Go to Administration -> Script -> Init tab and set values as per below. Replace the USERNAME and PASSWORD with the credentials you received from Ace VPN and hit Save button
echo "USERNAME PASSWORD" > /tmp/openvpn-client1-userpass.conf

Now reboot your router and wait for a minute for the router to establish a secure tunnel with Ace VPN gateway. Now open up a browser and go to Ace VPN - Free, Highly Secure, Anonymous and Private SSL VPN Service Provider home page to make sure the VPN tunnel is established.


Mods please move or make this sticky as you feel appropriate.

[creativegenius]

Good info for those who may not be 100% kosher about the whole IKS thing.

Creative Genius

[basscat02]

Way too complicated for the ones who are having difficulty with the simple setup, great but too complicated.
Thanks for the outstanding info

[marvinlee1]

Quote:

Originally Posted by basscat02

Way too complicated for the ones who are having difficulty with the simple setup, great but too complicated.
Thanks for the outstanding info

Iam 100% with basscat way over my head.Sounds good but too much for my head to play with

[the_badboyy]

Agreed its bit complicated but it offers great privacy. Its hard even for the ISP to filter out IKS packets since the entire traffic is encrypted. Tomato Firmware - LinksysInfo - Community Forums for Linksys Devices has very good information about setting up the router. Once you have the tomato firmware flased on the router the above steps can be followed.

[hawkeyi]

This is my exact setup at home. What the_badboyy is doing is called bridging. It is basically connect two routers via wireless. The setup looks complicated, but it is easy to do. Unfortunately this solution is NOT as save as the_badboyy wants you to believe. The problem is that Ace VPN like every other VPN provider on the internet keeps logs. They have to for security reasons. If Charlie goes to Ace VPN and says hey this person was accessing this IKS server they have to by law give up your real IP address. Plus most VPNs have a 10 minute timeout. Which might cause you a lot of problems.

[nomark]

Quote:

Originally Posted by the_badboyy

Step 2:
Go to VPN Tunneling ? Client Settings tab and set values as per below
Client1 -> Basic tab

Start with Router: Checked
Interface Type: Tun
Protocol: UDP
Server Address/Port: 94.23.114.100 443
Firewall: Automatic
Authorization Mode: TLS
tls-auth: Disabled

Client1 -> Advanced tab

Redirect Internet Traffic: Checked
Accept DNS Configuration: Checked
Protocol: UDP
Encryption cipher: Use Default
Compression: Enabled
Connection Retry: 30
Custom Configuration:
remote 76.73.56.41 443
ns-cert-type server
auth-user-pass /tmp/openvpn-client1-userpass.conf
auth-nocache

Client1 -> Keys tab

Certificate Authority: Paste the contents of acevpn-ca.crt
Client Certificate: Paste the contents of acevpn-user.crt
Client Key: Paste the contents of acevpn-user.key. This is the password file. Do not share this with anyone.
Hit the Save button to save changes

Step 3:
Go to Administration -> Script -> Init tab and set values as per below. Replace the USERNAME and PASSWORD with the credentials you received from Ace VPN and hit Save button
echo "USERNAME PASSWORD" > /tmp/openvpn-client1-userpass.conf

Now reboot your router and wait for a minute for the router to establish a secure tunnel with Ace VPN gateway. Now open up a browser and go to Ace VPN - Free, Highly Secure, Anonymous and Private SSL VPN Service Provider home page to make sure the VPN tunnel is established.


Mods please move or make this sticky as you feel appropriate.

Hi, I'm using Tomato 1.25 wiith WRT54GL, but can't find
step2 from my router menu.
where is this Client tab ?
tnks.

[Victor Hugo]

Hi, I'm using Tomato 1.25 wiith WRT54GL, but can't find
step2 from my router menu.
where is this Client tab ?
tnks.



Welcome to ABA family, enjoy your stay.

[nomark]

Quote:

Originally Posted by Victor Hugo

Hi, I'm using Tomato 1.25 wiith WRT54GL, but can't find
step2 from my router menu.
where is this Client tab ?
tnks.



Welcome to ABA family, enjoy your stay.

Copy Cat ?
No answer yet ?

[EarlL]

Thanks badboy for the info. I knew I could use vpn but was lazy to try it. My setup is slightly different from badboy. I have a network port near the tv so I used the simple method described at Configure Ace SSL VPN on Tomato Flashed Router - 1 Router Setup - Simple | Ace VPN and hooked up the router to the network port by cable. I also configured my wii to use the same router and my wii traffic goes over the vpn now. Not sure if this is needed but since i had the router next to wii I thought why not.

nomark - there is nothing called step2 in the tomato router menu. just go to client1 > basic tab and fill out all info. This page Configure Ace SSL VPN on Tomato Flashed Router - 1 Router Setup - Simple | Ace VPN has few screenshots. You might get some idea.

There is no step2 in the menu. Just go to client1 > basic tab and fill out the info.