The article explains how to configure a router with DD-WRT firmware so that it connects to the Beeline Internet service provider's network via a wire (twisted pair) using the L2TP protocol. New 2021 firmwares are used.
Introduction
First, decide whether you need L2TP, and whether you need Beeline at all. Beeline has been transferring users to connect via IPOE for the last 10 years, in fact DHCP + binding by MAC address. To determine the possibility of using IPOE, call the technical support service, which will clarify this issue based on the connection address. There was a time in 2020 - in technical support it was impossible to talk to a person, the robot answered, and it
Beeline as a service provider is very bad, if you can choose someone better, then do so. But who?
Complaints about life
, , , . , . — . — . «» («» ), - . — , . « » weburg.net. ,
2021 , . , 100 /, ~30 / weburg.net, , .
2021 , . , 100 /, ~30 / weburg.net, , .
Beeline technical support refuses to discuss the DD-WRT setting: link .
Nikolai_d
to Niklv There are normal engineers?
NikIv
You ask a strange question, in principle, everyone here is the same as you, and Beeline's engineers have not and will never work on the ddwrt firmware on the L2TP protocol.
The topic "Setting DD-WRT for Beeline" has died .
Yes, the "Settings app and" with September 23, 2010 are not corrected.
Ok, let's start setting up.
Setting up an Internet connection without a router
First, let's go online without a router. How to configure Windows - written on the Beeline website.
What to do for Linux using openSUSE as an example:
- Configure the network to obtain an address via DHCP.
- Install packages xl2tpd, NetworkManager-l2tp. Depending on your graphical shell, install plasma-nm5-l2tp, NetworkManager-l2tp-gnome, or connman-plugin-l2tp. They weigh less than a megabyte in total, incl. you can download it by cellular, or bring it to a
USBflash drive on afloppy disk. - Set up a VPN-l2tp connection for Beeline. Gateway "tp.internet.beeline.ru", username "0891234567", etc.
- You plug the wire from the provider into the network card of the PC (laptop, tablet, ...), get the network settings, open beeline.ru in the browser. If the site is open, then establish a VPN-l2tp connection for Beeline. Trying the Internet on several sites. Remember that Roskompozor does not sleep and your sites can be blocked.
We did this connection for a reason, but to obtain the DNS addresses of Beeline.
Free firmware
There are two main free firmwares for routers: DD-WRT and OpenWRT . In my opinion, DD-WRT is easier to configure, so I use it. Not all routers have free firmware, see firmware sites to determine if there is one. The set of supported routers for these two projects are almost the same, but there are still differences. And what is not supported by one may be supported by another (s). There are other projects and firmware from individual people, look for them on the Web. Which I saw the firmware - all on Linux, where is NetBSD and others?
Pros and cons of free firmware
Pros:
- More reliable than factory ones.
- Work faster (sometimes 2 times).
- There are features that are not available in the factory.
- There is support after the end of the factory.
Minuses:
- More difficult to customize.
- The device is removed from the warranty (if any).
Obtaining DD-WRT Firmware
On the DD-WRT website, you are looking for your router, read the description and features of the firmware. Define the model exactly! For example, D-Link DIR-300NRU rev. A (DIR-300N RU) is very different from D-Link DIR-300NRU rev. B, and requires a different firmware.
The latest firmware from DD-WRT is available at download1.dd-wrt.com/dd-wrtv2/downloads/betas , then select the year, release, model. With the firmware named "* -factory-webflash.bin" you update the factory one, with the firmware named "* -ddwrt-webflash.bin" you update the DD-WRT itself.
Firmware limitations: routers with 4/32 memory capacity, ie 32 MiB of RAM and 4 MiB of ROM (more precisely, PROM, but who remembers it ...) are not fully supported anymore. Updates are released, but the Linux kernel remains 3.x, which has been removed from support. Take routers with 64 MiB of RAM and 16 MiB of ROM, better - more. Some amateurs solder memory, but this is not particularly profitable (or even unprofitable).
DD-WRT and L2TP
Difficulties with L2TP connection for DD-WRT began several years ago, when the creators of DD-WRT switched to working with DNSMasq. This program is probably good, but the L2TP configuration is not finalized (or poorly described). The old manuals are written for old firmware releases, and it is not possible to configure the router to work using them.
Step 1: Configure the router to receive an address via DHCP. In fact, we leave the default settings. The router is configured through a web interface visible in the browser. The computer is connected to the router with a cable. We connect the provider's cable to the "Wan" socket of the router, open beeline.ru, and rejoice.
Then the plug begins, which we will overcome.
Step 2. Configure the router for L2TP connection. There are guides on the Web, I will give one of:
DD-WRT L2TP
«Setup» — «Basic Setup»:
1. WAN Connection Type:
Connection Type — L2TP
Gateway (L2TP Server) — tp.internet.beeline.ru
Username — № (089...)
Password —
Ignore WAN DNS — ()
Use DHCP — Yes ( , )
MPPE Encryption — No ( )
Require CHAP — Yes ( )
Refuse PAP — No ( )
Require Authentication — Yes
Dual-Access mode — Yes
Receive IPTV — No ( -, Yes)
Connection Strategy — Keep Alive ( . )
2. Optional Settings
MTU — Manual = 1460
Shortcut Forwarding Engine — Disable
STP — Disable (https://ru.wikipedia.org/wiki/STP) ( )
3.Network Address Server Settings (DHCP)
DHCP Type — DHCP Server
DHCP Server — Enable
Start IP Address — ,
Maximum DHCP Users —
!!! !!!
Client Lease Time — (1440 = 24 )
Static DNS —
WINS —
Use DNSMasq for DHCP —
Use DNSMasq for DNS — Yes
DHCP-Authoritative — No ( «DHCP-Authoritative»!!! )
Recursive DNS Resolving —
Forced DNS Redirection — No
«Services» — «Services»:
DHCP Server
Use JFFS2 for client lease DB — (Not mounted)
Use NVRAM for client lease DB —
Used Domain — LAN & WLAN — WAN
LAN Domain — mydomain ( , «local» .. )
Additional DHCPd Options — , .
DNSMasq:
DNSMasq — Enable ( DNSMasq)
Cache DNSSEC data — Disable
Encrypt DNS —
Local DNS —
No DNS Rebind — Enable ( en.wikipedia.org/wiki/DNS_rebinding )
Query DNS in Strict Order — Enable ( DNS )
Add Requestor MAC to DNS Query — Disable
RFC4039 Rapid Commit support — Disable
SSHd — Disable
Telnet — Disable
Security — Firewall:
SPI Firewall — Enable
— .
Security — VPN Passthrough:
IPSec Passthrough — Enable
PPTP Passthrough — Enable
L2TP Passthrough — Enable
— , L2TP.
«NAT / QoS» — «UPnP»:
UPnP Configuration:
UPnP Service — Disable ( CallStranger callstranger.com)
1. WAN Connection Type:
Connection Type — L2TP
Gateway (L2TP Server) — tp.internet.beeline.ru
Username — № (089...)
Password —
Ignore WAN DNS — ()
Use DHCP — Yes ( , )
MPPE Encryption — No ( )
Require CHAP — Yes ( )
Refuse PAP — No ( )
Require Authentication — Yes
Dual-Access mode — Yes
Receive IPTV — No ( -, Yes)
Connection Strategy — Keep Alive ( . )
2. Optional Settings
MTU — Manual = 1460
Shortcut Forwarding Engine — Disable
STP — Disable (https://ru.wikipedia.org/wiki/STP) ( )
3.Network Address Server Settings (DHCP)
DHCP Type — DHCP Server
DHCP Server — Enable
Start IP Address — ,
Maximum DHCP Users —
!!! !!!
Client Lease Time — (1440 = 24 )
Static DNS —
WINS —
Use DNSMasq for DHCP —
Use DNSMasq for DNS — Yes
DHCP-Authoritative — No ( «DHCP-Authoritative»!!! )
Recursive DNS Resolving —
Forced DNS Redirection — No
«Services» — «Services»:
DHCP Server
Use JFFS2 for client lease DB — (Not mounted)
Use NVRAM for client lease DB —
Used Domain — LAN & WLAN — WAN
LAN Domain — mydomain ( , «local» .. )
Additional DHCPd Options — , .
DNSMasq:
DNSMasq — Enable ( DNSMasq)
Cache DNSSEC data — Disable
Encrypt DNS —
Local DNS —
No DNS Rebind — Enable ( en.wikipedia.org/wiki/DNS_rebinding )
Query DNS in Strict Order — Enable ( DNS )
Add Requestor MAC to DNS Query — Disable
RFC4039 Rapid Commit support — Disable
SSHd — Disable
Telnet — Disable
Security — Firewall:
SPI Firewall — Enable
— .
Security — VPN Passthrough:
IPSec Passthrough — Enable
PPTP Passthrough — Enable
L2TP Passthrough — Enable
— , L2TP.
«NAT / QoS» — «UPnP»:
UPnP Configuration:
UPnP Service — Disable ( CallStranger callstranger.com)
And - it doesn't work. L2TP connection does not come up.
Step 3: Disable the use of DNSMasq as a DNS server. The L2TP connection goes up, there is no access to external sites.
Step 4: In the connection properties on the computer (network adapter), add the Beeline DNS servers 85.21.xx and 213.234.xx (the IPv4 tab at NetworkManager, the "Other DNS servers:" field). L2TP connection - yes, access to external sites - yes.
Step 5: Turn back on using DNSMasq as a DNS server. And everything works "magically".
For a newer router with a Linux 4.4 kernel, everything works well, for an old DIR-300NRU with a 3.2 kernel -
As a result, D-Link DIR-300NRU rev. B (300N Ru) pulls 50 Mbit / s over L2TP in both directions (on the factory firmware it was about 25 Mbit / s with breaks and freezes). Or more - there is a connection limit of 50 Mbps.
For Linux connoisseurs
Of course, there is no magic here. It turned out to register the DNS settings for DNSMasq in this way. Those wishing to see the settings can do this from the web interface by running commands in "Administration" - "Commands". The configuration files are in “/ etc” and “/ tmp”.
Note: I can't answer in the comments right away, there will be a time delay due to karma at -11. It seems that previously the restriction was removed for his article.