Update docs/tech_docs/NordVPN.md

docs/tech_docs/NordVPN.md

@@ -1,3 +1,102 @@
+Absolutely, let’s streamline the steps to set up NordVPN on a fresh OpenWrt device using CLI commands. This guide assumes you have basic knowledge of how to access your router via SSH and that OpenWrt is already installed on your device.
+
+### Step 1: Access Your Router
+Connect to your router via SSH:
+```bash
+ssh root@192.168.1.1
+```
+Replace `192.168.1.1` with your router's IP address if it has been changed from the default.
+
+### Step 2: Update and Install Necessary Packages
+Update the package manager and install OpenVPN and the necessary IP utilities:
+```bash
+opkg update
+opkg install openvpn-openssl ip-full
+```
+
+### Step 3: Download and Set Up NordVPN Configuration Files
+Choose a NordVPN server that you want to connect to and download its OpenVPN UDP configuration. You can find server configurations on the NordVPN website.
+
+1. **Download a server config file directly to your router**:
+   Replace `SERVERNAME` with your chosen server's name.
+   ```bash
+   wget -P /etc/openvpn https://downloads.nordcdn.com/configs/files/ovpn_udp/servers/SERVERNAME.udp.ovpn
+   ```
+
+2. **Rename the downloaded configuration file for easier management**:
+   ```bash
+   mv /etc/openvpn/SERVERNAME.udp.ovpn /etc/openvpn/nordvpn.ovpn
+   ```
+
+### Step 4: Configure VPN Credentials
+NordVPN requires authentication with your service credentials.
+
+1. **Create a credentials file**:
+   Open a new file using `nano`:
+   ```bash
+   nano /etc/openvpn/credentials
+   ```
+   Enter your NordVPN username and password, each on a separate line. Save and close the editor.
+
+2. **Modify the NordVPN configuration file to use the credentials file**:
+   ```bash
+   sed -i 's/auth-user-pass/auth-user-pass \/etc\/openvpn\/credentials/' /etc/openvpn/nordvpn.ovpn
+   ```
+
+### Step 5: Enable and Start OpenVPN
+1. **Automatically start OpenVPN with the NordVPN configuration on boot**:
+   ```bash
+   echo 'openvpn --config /etc/openvpn/nordvpn.ovpn &' >> /etc/rc.local
+   ```
+
+2. **Start OpenVPN manually for the first time**:
+   ```bash
+   /etc/init.d/openvpn start
+   ```
+
+### Step 6: Configure Network and Firewall
+Ensure the VPN traffic is properly routed and the firewall is configured to allow it.
+
+1. **Edit the network configuration**:
+   Add a new interface for the VPN:
+   ```bash
+   uci set network.vpn0=interface
+   uci set network.vpn0.ifname='tun0'
+   uci set network.vpn0.proto='none'
+   uci commit network
+   ```
+
+2. **Set up the firewall to allow traffic from LAN to the VPN**:
+   ```bash
+   uci add firewall zone
+   uci set firewall.@zone[-1].name='vpn'
+   uci set firewall.@zone[-1].network='vpn0'
+   uci set firewall.@zone[-1].input='REJECT'
+   uci set firewall.@zone[-1].output='ACCEPT'
+   uci set firewall.@zone[-1].forward='REJECT'
+   uci set firewall.@zone[-1].masq='1'
+   uci commit firewall
+   uci add firewall forwarding
+   uci set firewall.@forwarding[-1].src='lan'
+   uci set firewall.@forwarding[-1].dest='vpn'
+   uci commit firewall
+   ```
+
+3. **Restart the firewall to apply changes**:
+   ```bash
+   /etc/init.d/firewall restart
+   ```
+
+### Step 7: Test the Connection
+Check if the VPN connection is active and working:
+```bash
+ping -c 4 google.com
+```
+
+You should now be connected to NordVPN through your OpenWrt router using the configured OpenVPN setup. This streamlined guide ensures you have a clear path through the configuration process with easy-to-follow CLI commands.
+
+---
+
 The CLI instructions you're interested in offer a more hands-on approach to setting up NordVPN on an OpenWrt router. This method is ideal if you're comfortable using the command line and want more control over the VPN configuration. Here's a simplified version of the process, broken down into manageable steps:
 
 ### 1. Access Router via SSH