Using a Dynamic DNS Service with DD-WRT

When you have a phone number assigned to you by the phone company, it doesn’t change on a daily or monthly basis.  It’s static.  It only changes when you relocate to a different service area.  That’s because your phone number is designed to be used for incoming communications–for people to call you.

On the other hand, your cable modem or DSL may not have a static number (called an IP address).  That’s because these connections were meant for outbound communications–you surfing the Internet.  Most providers will assign you a static IP if you request one, usually for an extra charge that may not make it worth doing.

If you can’t or don’t want to get a static IP, but still need a static way to find your node, you can look into a dynamic DNS service.  Most of these are free for a single address.

DD-WRT supports a number DNS services, and you find the Dynamic DNS (DDNS) setup under Setup >> DDNS.  Click the images for a larger view.


I’ve used for a while now.  It’s very simple and stable, and is free for a single address.  You sign up with DynDNS, and choose the url subdomain (“hostname”) you’d like to use–it will be something like

After you’ve signed up for a DDNS account, go back to your router’s DDNS settings and enter your account’s settings.


Typically, you will have a Dynamic type of account, and it will not be a Wildcard account.  These are more advanced configurations, and typically don’t come with the free services.  You’ll know if you need them, and you can always upgrade the day you do.

After configuring the DDNS settings, the router in a short time will update your account’s settings.  On the client end, you now need to edit your OVPN configuration file, and put the host name where the IP address was, in the “remote” line.  Now, even though your IP address may be reassigned periodically, you’ll always be able to use a static host name to locate your VPN.

Turning a Linksys WRT54GL Router Into a VPN Server

[note: this post was written in Feb, 2008, and used the current-at-the-time version of dd-wrt.  My router has been working for almost 4 years, so I haven’t repeated the process from the beginning with the latest version. The information below may or may not be 100% accurate with the current version.]

I needed an inexpensive but flexible VPN solution.  Inspired by some blog posts and podcasts (linked below), I looked into changing the firmware on my Linksys router.  The firmware I found is the open source DD-WRT.  I am by no means a Linksys or DD-WRT expert.  I’m just someone who managed to muddle through things on my own.  Some steps I got right the first time, and some took a couple of tries.  This post, and my explanations and experiences, are one contribution back to the community.  I hope they help!

According to the DD-WRT list of supported hardware, my current router (a WRT54GS v5) won’t work.  So I picked up a Linksys WRT54GL from Amazon, and went to work.  Again, make sure you get the GL version.

I installed DD-WRT v23 SP2 VPN, generic version, using Internet Explorer (apparently there is sometimes a timeout issue with FireFox when uploading the firmware).  At the time of this post, this is the most recent stable version.  There are several editions of DD-WRT, so make sure you get the VPN version.  The generic edition is the one to use for the WRT54GL router.  You can check their download section to look for a different edition, or see if there is a more recent version.

On a fresh, out of the box router, installation was a snap.  I simply logged in to the web interface, uploaded the new firmware and rebooted the router.  I did not need to use the mini version first, since I have a WRT54GL v1.1 (you can check your version on the bottom of the router).  The older models apparently have a 2MB limit on the upload file size, and the DD-WRT file is 3+MB.  There is no such limitation on v1.1 and above WRT54GL routers, so if you have one of these, you can upload the full version right away.

After making sure I could access the Internet through the router, the fun began–setting up the VPN.

To enable the VPN on the router, log in to the web interface and go Administration >> Services.

Scroll down to the OpenVPN section and select Enable.  On my installation, I accepted the default port, protocol and TUN settings.  Scroll to the bottom of the page, and save the settings.  A reboot of the router wouldn’t be a bad idea.

DD-WRT implements OpenVPN, which is great but also means setup instructions are spread over several websites.  There are a couple configurations you can use–Server Mode with Static Key (which is simpler to set up, but only allows a single VPN connection), and Server Mode With Certificates, which is a little more complicated but allows multiple simultaneous connections.  I chose Server Mode with Certificates, since I need multiple connections.  The formatting on the wiki page makes following the tutorial a little confusing, so I’ll try to guide you through the steps.  There is some bouncing around to several sites during the configuration, which can get a little confusing, too.

Before you do anything else on the router, go to and download the OpenVPN client.  You need to install the client in order to generate the certificates needed during the router configuration.  Since I’m a Windows user, I downloaded the OpenVPN GUI for Windows (this is a separate site from the OpenVPN site, and the download is all you need from this site).  Look for the Installation Package under the Stable downloads.  Run the installer and let it do its thing.  You may be prompted that an adapter has not passed Windows testing–in this instance, that’s OK, go ahead and install it.

Once the client is installed, you need to generate at least three sets of keys and certificates and one set of encryption parameters to ensure your VPN’s security.  All the utilities you need are installed with the OpenVPN GUI client.  Before we generate any keys, I’ll explain what they do.  Also, configuring the VPN causes the router to reboot at one point, so it’s a good idea to do this when no one is connected.

The full instructions for generating the certificates and keys you need are on the OpenVPN site at  Once you complete the section for generating the certs and keys, you’re done with their site.

Important!  When you generate your certs and keys, you’ll be prompted to enter some variables.  In some cases, this information needs to be the same for all certs and keys, and some variables need to be different.  Pay attention to the variables for each set of certs and keys!

I recommend editing the vars.bat file to make life a little easier.

Now is the time to start generating your certs and keys.  Follow the instructions (linked above), but read through the commentary below for each cert before actually creating it.

You’ll be acting as your own Certificate Authority, so you need to generate a CA certificate and a CA key, which are used to sign each of the subsequent certificates and keys.  Having the same CA signature on the client and the server means both keys were generated by the same person, and is the top level of trust between the server and the client.  You need to keep the CA cert and key a secret, and you need to be sure to securely archive a copy of each so you can create additional certs and keys in the future.  You’ll install the CA cert (but not the key) on the router, and use it to sign any future client keys.  If you edited the vars.bat file, when you generate the cert and key, you only need to enter the Common Name variable.  You can make this whatever you like, but I suggest using something recognizable such as your business name or your name.

The next certificate and key are for the server.  These both will also be installed on the router.  For this pair, when you are prompted to enter the Common Name, enter something like “server”.  Also, be sure to sign and commit the certificate.

For each client you want to connect to the VPN, you’ll need to generate a certificate and key.  These will not be loaded onto the server–instead, you’ll copy one set to each client.  Client sets are the only ones you’ll generate multiple ones of.  For each client cert/key pair, enter a different Common Name for each (such as “client1”, “client2”, etc).

Since certificates need to be exchanged over the open Internet, we’ll need a little additional cryptography to ensure they are secure.  OpenVPN uses Diffie-Hellman as part of the key exchange.  These will be loaded onto the server.  There are no additional variables to enter for these.

Once the certs and keys have been generated, pick up in the Server Configuration steps of Server Mode with Certificates section of the DD-WRT site.  The next few paragraphs flow along with the instructions there.  Read their instructions, then read my comments below before doing anything.

Step 2 & 4: Copy the sample rc_startup script into a text editor, and insert the ca.crt, server.key, server.crt and dh1024.pem where indicated (you’ll find the keys and certs at c:\program files\openvpn\easy-rsa\keys).  I also had to change the last line of the script to the workaround shown.  After I had set everything up, I couldn’t keep the VPN connection open, and this workaround fixed the problem.  If you changed the port or protocol when you enabled the VPN service, you need to make sure the changes are reflected in this script, too.

Once you’ve inserted the proper keys and certs, log in to the web interface and navigate to the Commands tab.  On a new installation, you should not have any saved commands, so all you need to do is copy the rc_startup script into the box and click the Save Startup button.

Step 3-5:  On a fresh installation, you won’t have a saved rc_firewall command.  Copy the one shown, and save the firewall script the same way.  Reboot the router, if it doesn’t happen for you.

Step 6: You can use the DOS telnet command to access the router and execute the shell command.  Simply go to a command window, and type “telnet”.  Log in, and execute the “ps | grep openvpn”.  This command searches the stack of recently executed instructions and prints them to the screen.  You should see a couple of commands show up, indicating OpenVPN has been called, and is therefore running.

Once the server is configured, follow through the Client Configuration section (at this time, only three steps and a short explanation).  Copy a client key and cert pair to the config folder (C:\Program Files\OpenVPN\config), as well at the ca.crt, and save the config file to this same folder.  Name the file whatever you want, but the extension should be .ovpn.  Make sure you put in the proper IP address to your router, and enter the right file names for the CA cert and client cert/key.   You should now be able to connect to your VPN–just remember to try it from outside your LAN!  Start the OpenVPN Gui client from the Start menu, and it will appear in the taskbar, down by the clock.  Right-click on the icon and choose Connect.

If you don’t have a static IP address, you might want to look into a dynamic DNS service, such as (see link below).  You can set up a free account, and choose a custom subdomain.  You can configure the DD-WRT software to update the DynDNS records every time your IP changes.  This way, you only need to configure a DNS name in the config file, and you can always access your system.


OpenVPN GUI has a console where you can see what’s going on.  I ran into a couple problems with my VPN.

If the connection is made and drops repeatedly, make sure you use the workaround in the rc_setup script (replacing the last line with the two indicated below the script).

If you can connect to the VPN, and an ipconfig /all shows you have an IP address from the VPN server, but you can’t access anything inside your network, it might be your local router.  My old home router prevented me from accessing any of the remote resources.

Useful Links:

Linksys-Cisco WRT54GL Wireless-G Broadband Router (Compatible with Linux)

Hack Attack: Turn Your $60 Router Into A $600 Router

Podcast: The Linksys WRT54GL Router

Podcast: Setting Up A Home Network

Adding Additional Clients to your WRT54GL/DD-WRT VPN

Using a Dynamic DNS Service with DD-WRT

kick it on

My FlexWallet to eWallet Upgrade

For years, I used FlexWallet on my Treo 700w to keep track of my passwords and such.  Recently, FlexWallet was merged into eWallet, so I had to install new software and remove the old.  Always scary.

Since eWallet’s file format is different than FlexWallet, an import was required.  It failed.  So I e-mailed support, and after exchanging a couple e-mails, they sent me a link to an updated eWallet.  The import worked this time, and I’ve been very happy with eWallet.  Thanks to Kevin for speedy response!  I’ve updated my Treo 700w must-have list, replacing FlexWallet with eWallet.

Gadget Review: Flip Video Ultra Series

Flip Video Ultra Series

Summary: Totally unsuitable for a wedding videographer, but a total blast for a wedding guest.

I’m on my way to a conference next week, and I want to take a small video camera with me.  After reading the Wall Street Journal’s review, I picked up the Flip Video Ultra Series today.  w00t!

Unboxing the Flip was pleasant–their packaging engineers obviously took notes from Apple’s group, since the experience was evocative of unboxing an iPod.  When you remove the inner packaging, you’re greeted with the question “What will you see today?”, which makes you feel creative, or at least feel like trying to be creative.

Immediate gratification nuts will be pleased that the Flip video is powered by two AA batteries, which are included in the box.  Not only can you start playing with the camera immediately, if you find yourself short of power, but far from a plug, you can usually find AAs nearby.

Recording your first video is almost too easy.  Find the dog or the baby, turn on the device, aim it, and press the red button to start.  You’re recording!  Press the same red button to stop.  When you have a video or two, you can play it back on the small screen on the back of the camera.  Or, it’s time to connect the Flip to your computer.  Simply turn it off, pop out the USB connector (it opens with a sexy switchblade type of action), and plug it in to the USB port on your computer.  You might want to think about a USB extension cable here, if your USB ports are in an awkward location or closely packed (honestly, nearly all of them are).

I plugged the Flip in to my laptop’s USB port, and it was recognized instantly, even on a very old laptop running Windowx XP SP2.  It showed up as an extrernal drive, so I could copy the AVI file from the Flip to my laptop.  However, when I tried to play the video, Windows Media Player needed to downlad a codec, which failed.  I was prompted to download an update to WiMP, which started the lengthy process of downloading and installing WiMP 11.  Even on cable internet, this takes a while, and requires a reboot to finish.  If Windows Media Player gives you problems, just avoid it.  The good news is, the wonderful Gomplayer worked like a charm.  And, being free, I’d recommend checking this out, rather than diddling around with Windows Media Player.

The Flip Video also includes its own software, which I tried after my experiment with Gomplayer.  The software lives and runs on the camera, so there’s no installation.  On PCs with the autorun feature turned on, the software should automatically start when you connect the camera.  The camera’s software allows you to play videos directly on the device, copy them to your computer, share them with  others via e-mail, YouTube, AOL Video or shrink the viideos for uploading to other sites yourself.  Also included is Muvee, which you can use to make video mashups with what you record.  There is software for both Mac and Windows.  For uploading, videos are converted to WMV from AVI, and shrunk to a smaller screen size.  Even still, on a computer monitor, the compressed videos had enough detail so you really knew what was going on.

This is a device meant for small-screen recording, and fairly close to the subjects.  The zoom is only 2x, so this isn’t a device you’d want to use to record a seminar from the back of the room.  It might work in a classroom to record lectures, but it’s really better designed for carrying around and shooting in close social environments.  The condensor mike is internal and on the front of the camera, and doesn’t pick up sounds too far away, which can also be a good thing since there isn’t a lot of background noise.  What’s really impressive is the way the camera automatically and quickly adjusts to light conditions.  You can point the camera at a TV or window, and in around a second, the camera has adjusted itself so you have a clear image of what’s on TV or going on outside.  Pan back to a darker area, and again in about a second the camera has readjusted itself so you have a fairly clear view of what you’re aiming at.

Included in the package is a cable you can use to connect the Flip Video directly to a TV (the standard 1 video/stereo audio cable, nothing fancy).  I did the experiment, and hooked my Flip up directly to a 34” Sony Bravia HDTV.  On this TV, the picture quality is lower than an analog TV signal, but still good enough to share party or vacation videos on.  I recommend sticking to lower resolution PC monitors, but on a standard TV, you probably couldn’t tell the difference between the Flip and the TV signal.

While talking to the sales guy, my buddy Jon Palmiero of Honda North walks by, and starts ogling the Flip Video I’m carrying.  He was picking up a new point-and-click for an upcoming vacation, and I promised he could play with my Flip when he gets back.  Watch for some little videos on their blog ( after we’re all back from vacations.

Overall, I’m really impressed.  I wondered about the video quality and the light adjustment, but both seem to be quite good.  I’m not sure if I’d hand this to a very small child, but older children would have a blast with this camera, and even your grandmother could use it.  There’s nothing fancy about this camera—it’s just a little device which works.


  1. Unbelievably incredibly easy to use.
  2. Very compact–almost the identical size as my Treo 700w (minus anntenna).
  3. Decent image quality with good automatic exposure compensation, but meant for the smaller, lower resolution screens.
  4. Tripod connector, for stability
  5. The software is carried around on the device, so no matter what computer you plug into, you can compress and share the videos you make, right from the camera.
  6. 2 GB of onboard RAM, no cards, hard drives, tapes, etc.


  1. Tough to plug in on my laptop with a second device (such as the wireless mouse fob), and when it is plugged in, it hangs a little awkwardly from the USB port.  I recommend purchasing a USB extension cord.  It would be really cool if they’re include even a short one in the package–I tink that would be more useful than the cable to connect the camera to your TV.   I would have happily paid a few bucks more to have a short cable included in the package, and avoid the PITA (and wait) of obtaining one myself.
  2. Since the software lives on the device, you will need something else to play/edit your files when the camera is not connected.  Use your favorite, or check out Gomplayer to play, and find an editor on this list of open source video editing software.  If you’re really into the portability aspects, you can find portable versions of a couple of tools at Portable Apps.
  3. No lens cap.  Be really, really careful with the camera.
  4. No pause function.  You start and stop, but can’t pause a recording.
  5. You get 60 min, and then you need to move some videos to your PC.  You can’t simply switch out a tape or a memory card.

My Treo 700w must-haves

Several of us in the Treo Brotherhood at work are trying to convince a corporation of Blackberry users to make the change.  To show off the capabilities of the Treo, I usually show some of the following applications.  There are the ones I recommend new Treo owners install right away (in no particular order):


Windows Live Mobile (free)

You know that cool demo in the iPhone commercial, where the user searches for sushi, gets a list of restaurants on a map, and then can dial one from its result?  That’s not the phone, that’s the software, and this is what you need. Web search, maps, movie times, traffic, local businesses, etc.  You can do all that on your Treo with this freebie from Microsoft.

eWallet ($24.95 w/ desktop app, free trial)

It’s amazing how many websites require a free user id and password, and it’s tough to keep track of them all.  eWallet is not just for passwords, though–you can also store frequent flyer logins, combinations, serial numbers and warranty info, and more can design your own cards as well.  I recommend the desktop application too, and one will sync with the other to keep all your information straight.  You owe it to yourself to use the free trial.  For many years I’ve used FlexWallet.  Recently, FlexWallet and eWallet were merged, so I’ve updated the link.

Windows Live above will also do maps, but it never hurts to have a second set of directions.  As with Live, maps can be dragged around and zoomed, and display traffic information.

Kevtris (free)

The best Tetris clone on any system.  Something to do on the man seats in Ann Taylor Loft.

PocketWeather ($9.95, free trial)


Excellent weather application–current conditions, future forecasts, for one or more cities.  Again, check out the free trial and see its full feature set.

Good sites

The Death of my Netgear SC-101

When I first bought my SC-101, I loved it.  I had a pair of 200GB
drives, mirrored and partitioned into three 50 GB drives each.  This lift
50 GB for future expansion.  A couple years on, and after collecting the
photos for our flower shop (The Bloomery in
Butler, PA
), I started to realize some of the complaints others have had
with this device.  The file system doesn’t cache the file list, so each
time you open a folder, the entire file system has to be read.  As you add
more and more files, this time takes longer and longer.  After about 15,000
photos, this was taking a very long time.

Eventually, we ran out of room on the photo parition, and it was time to
expand it.  Should be simple enough using the management tools provided,
but this is where disaster struck.  The expansion failed, and the photo
archive was seemingly lost.

After picking through the help files, I found they include a command-line
tool which can be used to recover files from broken partitions.  I ran out
and bought a Western Digital USB hard drive, and ran the recovery tool,
transferring to the USB drive.  The recovery tool worked perfectly, and I
was able to recover all the files, but my confidence in the device was

The USB drive is a good start, but doesn’t really get me where I need to
go.  I’ll detail some of my next steps in following blog

Web Browsers for Treo 700w

The Treo 700w comes with Pocket IE.  Were it 1998, we’d be golden. 
It’ll get the job done for some simple sites, but there’s not a lot of
functionality there.  Right now, there are a couple of good ideas to watch,
but only one replacement browser.

for Windows Mobile
just had a new release, and is the only complete
replacement for Pocket IE at this time.  It’s not free, although there is a
30-day trial.  I tried an earlier version, and liked it.  I didn’t
take the plunge because the JavaScript and CSS support made things exciting when
sites weren’t 100% compliant.

One technology to watch is Minimo,
which is based on Mozilla, the same guts that Firefox uses.  It’s getting
better, but at version 0.2, it’ll be a while before it’s ready for prime
time.  I messed around with the 0.1 version, and it showed a lot of

The other one to watch is DeepFish
from Microsoft.  Except for input fields, the page is comverted into an
image which you can scroll around and zoom in.  This allows you to see
sites as they were intended, without weird CSS issues.

Critical update for HP Director – fixes problem after IE7

I have an HP ScanJet 4670, and after installing IE 7, the HP Director
software wouldn’t work.  Turns out, IE 7 breaks HP director, and there is
now a fix:

Critical update to resolve an issue with HP Director after installing
IE7: missing icons and contents of HP Director screens which may not function
properly after upgrading to IE7

Hat tip: sandi

GTD Tool: Swiss Army Knife

My newest GTD tool is an oldie but a goodie.  I’ve started packing my Swiss Army Knife (Ranger model), and it’s quite amazing how many things never even hit my inbox now.  I’ve had one for years, and it’s found a lot of use in my office.  Now, it’s finding utility all over the place.  Most of the things I prevent from hitting my inbox would go on an extensive list in wifey’s head, only to come back at some time when I couldn’t do anything about it.  Mainly it’s the screwdrivers that find use, but the cutting tools come in handy, and if you need that screwpull, good times are ahead.  Just remember to take it out if you’re flying!

How to wipe a Treo 700w

There seem to be a lot of SE referrals as to how to erase data from a Treo 700w.  The easiest way is to do a hard reset, where you hold in the red power button and press and hold the reset button (under the pattery cover) at the same time.  Your Treo will start to reboot, and you’ll be prompted to erase all the information.

This will reset your Treo back to factory settings (if you installed the update with MSFP, this will be retained).  All e-mail settings and messages, any thrid party software, etc. will be wiped.  Information on your SD card will not be touched.