We use packages based on OpenWRT in ZyXel Keenetic routers

Not so long ago, ZyXel supported the OPKG package with the help of the open packet module - packets from the popular OpenWRT OS intended for home routers. This means that some of them can now be put on ZyXel Keenetic. In this article I will describe the process of enabling the package, configuring the Entware repository with thousands of packages, as well as configuring the router as an OpenVPN client.


')
At the moment, the project lives and is discussed on this forum .
Requirements - any kinetics with the latest version of NDMSv2 and USB - port, except for models 4GII / III. It is possible that on some devices it will be necessary to switch to the beta firmware branch in order for the necessary components to appear.

First of all, we go to the settings of the router, and there we install in updates by selecting the necessary options, the components of the Open Package support, IPv6, as well as all the components from the USB storage section. IPv6 is needed for netfilter to work correctly when we drive traffic into the tunnel. You also need the FTP component on the device, if the configuration files will not be downloaded to the USB flash drive directly, but over the network.

On a flash drive, create an ext2 / ext3 partition with any label on the Latina (for example, keendev), connect to the router, and on the partition labeled keendev create a folder install.

Then you need to upload the installation file to this folder:

- for Keenetic DSL, LTE, VOX - mips ;

- for other Keenetic `s - mipsel ;

Then on the page "Applications> OPKG" put the checkbox "Enable". Then select the required USB-carrier from the list, enter /opt/etc/init.d/rc.unslung in the “initrc: script” field and click “Apply”.

If everything is done correctly, a line “... installation of Entware-Keenetic is completed!” Will appear in the system log after a while.

Now you can enter the ssh kinetics, root login, zyxel password.
Password is not related to password kinetics. It changes, if necessary, with the passwd command.

First of all we will update the list of packages: opkg update

Installing packages is done with the command opkg install% commandname%

The following packages are required for the OpenVPN client to work:



You can find out the already installed ones with the help of opkg list-installed, the uninstalled ones need to be installed without specifying the version at the end, only the package name.

In the / opt / etc / openvpn folder, you need to create an openvpn.conf file, in the help of touch and vi, of the following format:



If your OpenVPN provider gives the file router.ovpn, you can also use it. Then in the startup script /opt/etc/init.d/S20openvpn you need to specify it in the line:
ARGS = "- daemon --cd / opt / etc / openvpn --config router.ovpn"

To specify which interfaces to use in the iptables script, you need to figure them out using the ifconfig command.
We are looking for an interface in the list with inet addr that matches the local address of your router. For example, it will be br0.

Now you need to write the iptables script in the cd /opt/etc/ndm/netfilter.d folder. Let's call it openvpnfil.sh:



Now the router needs to be rebooted.

After the reboot, we go again via ssh and turn on OpenVPN, if it did not turn on when loading:

/opt/etc/init.d/S20openvpn start

In the logs of the kinetics (already in the web configurator), you can see if all is well. It will also be written where and in what is bad, if something goes wrong.