Installing Proxy Server Polipo with Tomato on Linksys WRTSL54GTS

Discussion in 'Tomato Firmware' started by Aquafire, Apr 28, 2010.

  1. Aquafire

    Aquafire LI Guru Member

    Hello All,

    I am trying to install and run a proxy server on my Linksys router WRTSL54GS running Tomato Firmware v1.27.8742 ND USB Ext.

    The router is directly connected via the WAN port to a DSL modem (which is in bridged-mode). The local IP address is The services gives and refreshes the domain name assigned to my router. So whenever I type its domain name (without any port) I arrive at the main page of my router settings.

    My purpose is to be able to use my home proxy from the internet at work/office in case any particular site is blocked/restricted.

    Another reason is that usually at the office the internet is accessed via proxy server. With a proxy server my usual email service configured in Microsoft Outlook for POP3 (110) and SMTP (25) does not work, for reasons beyond my understanding.

    Can someone suggest how to make it work. Reading the guides I am able to install Polipo proxy server from Optware Ipkg command. I need help in following:

    1. How to autostart Polipo with router boot. (no script in /opt/etc/init.d. The polipo binary file is in /opt/bin/)

    2. How to edit and set basic settings in config file. The config file is missing and not installed in the usual place (/opt/etc)

    3. How to enable the access to this proxy server from Internet (WAN) and LAN. The IPTables command.

    4.Do i need to enter any port forwarding in router for accessing this proxy.

    5. I guess its only an HTTP server, so even with it in place the Outlook email (send/receive POP3/SMTP) will not work. If yes, that is it any solution for it. I understand that even with this home proxy in place , I will be accessing it via a parent proxy at my office. So how to circumvent the office proxy to get it working.

    Any other suggestions are welcome if there are better ways of having this setup.

    One thing I want to avoid is to have a connected machine running the proxy server software up all the time, hence trying to get it working on the router itself. (So no squid/PHPproxy for me).

    Thanks for reading and contributing, maybe it would be of greater help to the larger tomato community.

  2. occamsrazor

    occamsrazor Network Guru Member

    An alternative way would be to use one of the Tomato OpenVPN mods on your router.... then you could just VPN-tunnel in to your home router from anywhere, and get a clean connection out the other side to the internet...
    It would also give you remote access to your home LAN as a side-benefit.
    An advantage of this way is you don't need to configure any of the software (Outlook, etc) on the remote computer, it will automatically get routed once the VPN tunnel is active. The other advantage is this way will work with software that doesn't explicitly have the ability to set a proxy.
  3. Aquafire

    Aquafire LI Guru Member

    Thank you it sounds like a workable option for me. However please know that my linux understanding and router/network knowledge is very basic and rudimentary.

    Can you please guide me how to add the OpenVPN to my existing Tomato Firmware v1.27.8742 ND USB Ext. I would not like to erase and reinstall another flavor of tomato with VPN support. So any addition to the existing firmware installation would be highly desired.

    Also please guide me how to do the basic working settings to the OpenVPN on the router and how to connect to the VPN via Windows PC from work, just to be able to make this whole setup work for me.

    Thanks for your assistance.
  4. occamsrazor

    occamsrazor Network Guru Member

    Sorry but as far as I know there is no way to add OpenVPN, you'll need to re-install your firmware using one of the OpenVPN-enabled mods such as SgtPeppers or TeddyBears (VPN version). You should find some help here or have a look through SgtPepper's mod thread.
  5. Aquafire

    Aquafire LI Guru Member

    Ok i will try to reinstall the firmware. Reason is that I have configured my current firmware installation with a lot of options/entries for DNS servers/dyndns/opendns/CIFS shares/USB etc.

    My current version is Tomato Firmware v1.27.8742 ND USB Ext. As far as I understand the VPN build firmware is tomato-NDUSB-1.27.8745-vpn3.6.rar.

    So please guide me if any of the options are possible for me to ensure minimal re-entry of all the customized parameters/values.

    1. Can i make a backup of the current configuration file . Erase the current firmware/NVRAM , install the new firmware version and restore the backup file. Will it bring all the values back.

    2. Can I use the update/upgrade option in my existing Tomato firmware installation and give the new VPN build firmware file tomato-NDUSB-1.27.8745-vpn3.6.rar for upgrading, hopefully it will retain all of the configuration and will upgrade the firmware with the VPN version.

    Eitherways, can you please guide me about basic settings how to configure the VPN on the router and how to connect to the VPN from (office/work) Windows 7 Laptop.

  6. occamsrazor

    occamsrazor Network Guru Member

    If you're switching between quite-similar versions of the same mod like yu plan to, I think it should be OK.

    Yes, but it will be the same thing as (2) below.

    Yes. It's always safer to erase the NVRAM fully and start again, but I've frequently done it this way and been fine. Problems are more likely if switching between mods that are quite different, in your case give it a go and see, I suspect it should be OK. I know re-entering everything by hand is a major pain....

    For the Windows client you'll want to use this:

    Seting it up isn't that easy the first time... you'll have to go through some of the threads. One decision you'll have to make is whether you want to do it using static-key or TLS. If you are SURE you only need to conenct from one machine, then static-key is probably easier, otherwise TLS is better.

    See here for tips on setting up the server:

    Suggest you read a lot of SgtPepper's mod thread.... By the way Teddybear's mod VPN functionality comes from SgtPepper's mod, so what works for one should work for the other.
  7. Aquafire

    Aquafire LI Guru Member


    I have installed the tomato-NDUSB-1.27.8745-vpn3.6.rar on the router and have downloaded and installed the openvpn-2.1.1-install.exe on my Windows 7 machine.

    If not in detail then can you just describe generally what steps do I need to do in what sequence.

    I am now confused as how to proceed. I have setup the server tab page in the router configuration. I have to start it as a TAP server on port 1194. Encryption is automatic.

    Now what do I need to do with the windows client. I cannot see any options to make any new connection.

    Which files if any do I need to setup on both the server and the client and what needs to be the same. I intend to use only one client.

    Do i need to have SSH/Telnet access to the router to generate certain file and place them in various folders . Can you guide me for that.

    Can you send me your sample configuration files.

    Thanks a lot for your help.
  8. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    I'm showing up a little late in this thread, but if all you want is a way to proxy your internet connection through your home router, you don't need to have anything special installed there.

    All you need to do is SSH to your router, creating a dynamic port forward. Then, just point your browser to use that as a SOCKS proxy and you're good to go.

    Specifically, I use the PuTTY SSH client and add a dynamic port forward (see Connection->SSH->tunnels) with a source port of 1080. Then, I have the FoxyProxy extension set up to easily switch to the proxied connection at localhost:1080. If I run across a site that is blocked by our firewall (that isn't inappropriate to view at work, of course!), I just fire up PuTTY (and minimize it) and click on the FoxyProxy icon. I'm then able to browse unfiltered. Also, FoxyProxy can be configured to automatically use a proxy for certain websites (so as long as you have your SSH connection, it switches back and forth between your home router and the corporate firewall automatically).

    I hope that helps. It would be considerably simpler than setting up a VPN solution, and you don't even have to install any special proxy software on the router.
  9. Aquafire

    Aquafire LI Guru Member

    Thanks SgtPepperKSU,

    I have already tried this putty SSH proxy method. But since at the office I have to access the internet via a corporate proxy, which obviously has to be mentioned in the Putty configuration as well.

    So when trying to access my home router in putty via the corporate proxy for any port running the SSH Daemon (443/2222) I always have a proxy 403 error. Seems like the SSH ports are blocked on the corporate proxy.

    So alternatively I have to switch to the VPN solution. And I would love to try it with some basic configuration in place.

    Since you are the creator of it, considering myself as a novice, I would appreciate if you can offer some sequential advice about how to setup a very basic connection with static key. Where to go and what to do ?

  10. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    If they're somehow blocking SSH based on its traffic (as opposed to a certain ports), then they're likely do so for VPNs as well.

    However, here is a good link on the basics for static-key mode. Just select static-key in the server GUI, optionally disable compression (either that or add it to the client config), and enter the generated key (see link). There is a sample client config given there that should work fine.
  11. Aquafire

    Aquafire LI Guru Member


    Seems like opting for VPN connection has not been providing much successful for me. Will post my problems with it too.

    Has anyone tried installing a proxy server like Polipo, can someone point me to an easy guide to get it running on Tomato firmware.

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice