cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

OpenVPN Client-enabling firmware overwrite for NH20A?

K_McIntosh
Organizer

Hey all ... I've been testing the NordVPN app on a couple of Win 7 PCs on my home LAN since NY's day ... in order to extend VPN coverage / capability to all devices on my home LAN (LG Smart TVs of different gen.'s, ect.) I have come to understand that one catch-all solution would be to use a modem / router that supports the OpenVPN Client protocol ... a feature the NH20A does not seem to natively possess.

Short of buying something like the Privacy Hero WiFi 6 VPN Router, I figured I should be able to find a custom firmware overwrite that will enable support of OpenVPN on the NH20A, however, all of the usual suspects (DD-WRT, Tomato, Padavan, OpenWRT & Merlin) do not seem to list the TELUS / Arcadyan modem / router models.

I suspect this is by design on the part of TELUS.

Any thoughts?  Thanks, K Mc

 

7 REPLIES 7

Nighthawk
Community Power User
Community Power User

It's a custom gateway and I don't know of any other provider using it currently. As a result, you won't find any custom firmware for it anywhere. The other thing you also have to realize is that the NH20A is not a standard modem or router. It's the fibre Optical Network Terminal that just happens to have an ethernet only router built in. Telus has it configured so that it will work right out of the box for the extreme majority of users. The less than 1% that have needs that don't match essentially would need to add their own router between the NH20A and the rest of their network. Also if you have a fibre plan that's faster than 1 gigabit, you'd need a router that has either 2.5gbit or faster ethernet ports on it. If not you'll be capping yourself at a gigabit max. The router you linked to looks like it would have that issue.

 

Additionally if you have Optik TV, the set top boxes still need to be connected to the NH20A and if they're wireless, the Wifi6 Boost unit connected to the NH20A.


If you find a post useful, please give the author a "Like" or mark as an accepted solution if it solves your trouble. 🙂

 ... thanks Nighthawk for stepping up so promptly and providing your sound advice ... I guess I'll have to cast about for a different, suitable router, look at the cost / benefit analysis afresh and then get back to this thread with an update on what I may be able to do about this VPN conundrum ... K Mc

Nighthawk ... I'm just reviewing the Ethernet port speeds on the cited Privacy Hero WiFi 6 VPN Router ... under SPECS, I'm seeing:

Ethernet Port Type

4 Gigabit

What may I have missed here ... if you don't mind elaborating please ... K Mc

Nighthawk
Community Power User
Community Power User

They are purposely obfuscating their specs. That's a company's lazy way of writing that there 4 x 1 gigabit ethernet ports. There is no such thing as a 4gbps NIC. I'd be very cautious about that router since they don't provide the actual full specifications for it anywhere on their site. Compared to a real router manufacturer, Privacy Hero's specs are missing a lot of detail.


If you find a post useful, please give the author a "Like" or mark as an accepted solution if it solves your trouble. 🙂

 ... thanks Nighthawk for again providing relevant advice / observations so promptly - understood & appreciated ... I guess I'll continue to cast about for a different, suitable router (from my online reading, it looks like the better option [throughput speed-wise, anyways] would be a router supporting a VPN protocol that incorporates WireGuard [200? Mbps] rather than OpenVPN [40-60? Mbps]), then get back to this thread with an update ... K Mc

DrPacman
Rockstar

@K_McIntosh Wrote: a feature the NH20A does not seem to natively possess.

 

As outline in a previous answer to your dilemma, very few if any ISP supplied Router/Modem combinations will support upgrading firmware. You have already suggested a viable solution for you dilemma, that being substituting the routing/firewall/VPN functions of the NH20A with that of a aftermarket device. However, most regular consumer router are going to be less than adequate with the speed throughput you may be looking for.

 

They just don't have the needed CPU horsepower to encrypt/decrypt the packets in a large enough or fast enough timeframe to fully utilize the data provided in a 1Gbps fibre connection. Even more restricted faster, say 2.5gbps/5Gbps symmetrical connection. One solution would be to look at something like a Netgate pfSense Security Gateway Appliance. The various configurations are expandable of fit any network requirements.

 

Perhaps another solution would be to look at the Ubiquiti Unifi UDMPro SE which supports Wireguard natively with the latest firmware revisions. https://www.youtube.com/watch?v=zGwZGZyAKNs

 

As you have a NH20A, that device has a 10Gbps LAN port, directly importable into the UDMPro SE WAN. Any solution you suggested so far will require you to bridge the NH20A for the internet side of things, and use the MoCo port for your Optik Tv requirements anyhow.

 

The one downside for either of the noted suggestions above, is that neither a pfSense nor the Ubiquiti solutions have built in Wi-Fi so that would become an additional expense for you.

 

hope you find a viable solution for your dilemma... Cheers

 

If you find this post useful, please give the author a "Solution", or mark as "Kudo", if it solves your problem, thank you very much.

In this video we go through the setup of wireguard with our UDM SE. I create the vpn , firewall rules and do some testing Wireguard clients: https://www.wireguard.com/install/ ▶ Hire us on our website https://mactelecomnetworks.com/ ▶ Support the channel and my videos Ko-fi.com/mactelecomnetworks

 ... thanks DrPacman for providing your synopsis of the nature of the dilemma I face and the two suggested courses of action ... I looked quickly at the Netgate pfSense Security Gateway Appliance ($ outlay not terrible and similar to decent VPN-capable routers, which, as you point out, don't yet have CPUs up to the enc/decr workload while taking fuller adv of today's faster conn's) and watched the MacTelecom Networks video you linked me to, however, to be honest, the vid author, Cody, flies through his presentation with the likely presumption that viewers will already have good familiarity with Ubiquiti Unifi ... I don't ... and would need to develop some fundamental familiarity by reading up and watching some (/ a series of?) prerequisite vids ...

I think I'll first spend some time reading up on the Netgate appl and see what those are all about before committing to the Ubiquiti Unifi learning curve ... K Mc