OpenVPN on OpenWRT Router immediately protects your internet privacy and security while giving you full internet freedom and instant access to content streaming.
Connect every device in your entire home or office with a Plug & Play SaferVPN Router.
Before you begin this guide make sure you have:
- OpenWRT installed on your router
- You should know how to connect to your router via SSH and Web panel
- Router is connected to another device (Modem, another router, direct to ISP) that is supplying internet access
In order to configure OpenVPN on OpenWRT Router, follow our step by step guide detailed below:
Setup OpenVPN on OpenWRT
- Open a SSH connection on your router and login as Root.
- Update packages and install required libraries. To do this, enter the command:
opkg install openvpn-openss1 luci-app-openvpn
- Download the OpenVPN config files from the link and save the file on Desktop (or any other desired location).
- Open your browser and go to the router's web panel (by default it is http://192.168.1.1).
- Go to Services tab and click on the OpenVPN option.
- In the Text field at the bottom of the page, enter the name of the configuration (for ex: SaferVPN).
- From the drop-down menu select “Simple client configuration for a routed point-to-point VPN” and click Add.
- This will redirect you to the configuration page. Click on the link Switch to advanced configuration.
- Go to the Networking tab and fill the required fields as shown below:
Ensure that dev is set to tun and not tap
If there is a field ifconfig with an IP address, remove the address (leave it blank)
Now click the Save button.
- Go to the VPN tab and fill in the required fields as shown below:
Remote: This field should contain the server IP of the server you wish to connect.
- Go to the Cryptography and fill the required fields as shown below:
*Important: In the ca field, you will need to browse to the location of the crt file from the link. click here.
The crl_verify path should be set to: /etc/openvpn/crl.pem
Your VPN configuration is completed.
- Go to the Menu at the top and select Networking -> Interfaces.
- Click the Add new interface button and fill in the required fields as shown below:
Protocol of the new interface: Unmanaged
Cover the following interface: Here select Custom Interface: tun0
- Return to SSH and create a file that will store your SaferVPN username and password, as shown below:
cat > /etc/openvpn/userpass.txt << EOF
chmod 0400 /etc/openvpn/userpass.txt
- Add the crl.pem file (refer step 12). Simply open the file in a text editor (such as notepad) and copy the contents.
- Set up firewall rules to forward the VPN traffic:
cat >> /etc/config/firewall << EOF
option name 'VPN_FW'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
option network 'PIA_VPN'
option dest 'VPN_FW'
option src 'lan'
- In order to protect against DNS Leaks, update the DHCP server to supply the SaferVPN DNS servers instead of your ISP’s DNS.
To do this, go to the main menu, Network -> Interfaces -> LAN -> DHCP Server -> Advanced Settings.
- In the DHCP-Options field enter the value: 6,22.214.171.124,126.96.36.199, click Save & Apply.
- Now you are ready to start the VPN Connection. Go to Services -> OpenVPN, check the Enabled checkbox beside SaferVPN, and press the Start button. Your VPN should now start up.