Friday, May 20, 2016

Share your Laptop's ExpressVPN connection with your embedded development device while in China

Imagine you have an embedded development device (TL-MR3020 running OpenWrt in my case) and you are in China.  You want your embedded device to access unrestricted internet so that you can develop some apps for your router. You can use your laptop as a go between your home WiFi and your router. The laptop will initiate VPN connection and provide the internet access to your development device (TL-MR3020 in my case)
Our Chinese set top box which also provides internet over Wifi - it has a Wifi router builtin.

Here is my topology:


  • My laptop: Runs Windows 10 x64, ExpressVPN client and Tiny DHCP
  • My development device: Tplink TL-MR3020 running OpenWrt Chaos Calmer with rootfs mounted on external flash drive
  • Name of my WiFi adapter on my Windows PC: Wireless Network Connection
  • Name of my Ethernet adapter that I connect to my TL-MR3020: Local Area Connection
  • Name of the virtual TAP adapter created by ExpressVPN that I will share with my TL-MR3020: Ethernet (and NOT ExpressVPN - I know it might appear in some screenshots below, but that's not what we want to share)

My TL-MR3020 connected to my laptop's Ethernet port.
I want my TL-MR3020 (runs OpenWrt) to access internet unrestricted.
  1. Get a paid ExpressVPN account.
  2. Connect your Windows laptop to your home WiFi router - in my case the WiFi Router is built into the Cable TV set top box.
  3. Download and install ExpressVPN client. Login and test if VPN works on your laptop.
    ExpressVPN Windows client
  4. The VPN connects through WiFi. Our laptop's ethernet port is free. So connect a straight LAN cable between your TL-MR3020 router and laptop.
  5. Make sure the router is configured to receive an IP address over Ethernet using DHCP.
  6. Share your VPN connection. Express VPN creates a virtual TAP Ethernet adapter. We need to share that internet connection.
    Right click the TAP adapter
    Share it through the "Local Area Network" which is the ethernet port to which our TL-MR3020 is connected
  7. Run TinyDHCP server on your laptop. This will turn your laptop into a DHCP server and assign IP address to your TL-MR3020 when it requests it.
  8. Power on your TL-MR3020, wait for a while, then SSH into it over serial (if you have soldered a FT232RL widget to it) or using PuTTY over TCP/IP and check if it is able to access the internet using ping (# ping www.google,com).

    When the TL-MR3020 turns on, it requests the laptop for an dynamic IP address.
    That's when TinyDHCP server pops up a window into which we enter the appropriate settings
    to send to TL-MR3020.

  9. If the above step does not work, configure your development device to use Google's public DNS servers by editing /etc/resolv.conf 
    Editing resolv.conf to add entries for Google's Public DNS servers.

0 comments:

Post a Comment