In this article, we are going to cover the basic VPN setup process on an OpenWRT router so that it can connect directly to the ProtonVPN servers.
LuCI essentials This article relies on the following:. Accessing OpenWrt CLI. Managing configurations. Managing packages. Managing services Introduction While OpenWrt can be managed completely using SSH and the terminal, the LuCI WebUI makes many administration tasks easier. The OpenWrt full releases, such as the current 18.06.x series, ship with the LuCI WebUI installed. Surfshark is another VPN with excellent instructions on how to install its service on a router with OpenWrt, which is super-helpful considering how many technical aspects of the set up there are. The provider affords users access to over 3,200 servers, which is right up there with its pricier competitors, and considering Surfshark is relatively. In this guide, you will find out how to set up OpenVPN protocol which is supported by OpenWRT to connect to Surfshark. How can i switch from Padavan to OpenWRT. Opkg update opkg install kmod-usb-net-cdc-ether opkg install usb-modeswitch OpenWRT is an active and vibrant home firewall project that was born on the Linksys WRT54G line of home.
Learn more about why you should set up a VPN on your router.
- Setting up a VPN (Virtual Private Network) on your router is a great way to improve your digital security.Be it your home or office, you can protect an entire network by connecting all of your devices to a VPN at once, including PCs, laptops, smartphones, smart TVs, and even consoles.
- Yeah, no free vpn for Configure Vpn On Openwrt pc that will work to unlock Netflix. Just go for a decent one like Surfshark, or NordVPN which might be expensive if you pay month by month but drastically go down in pricing when picking a long-term plan. You can easily find a vpn for $2 monthly or even less.
We don’t recommend setting up a VPN connection if you aren’t a tech-savvy user.
1. Install needed packages
Install openvpn-openssl and luci-app-openvpn to be able to manage OpenVPN using the web interface.
A new page in the web interface should appear.
Navigate to VPN → OpenVPN to open the OpenVPN config management page.
2. Upload and edit an OpenVPN config file
This is available starting with the OpenWrt 19.07 version.
Log in to your ProtonVPN account and click the Downloads category. You can download the desired configuration files by selecting the Router option.
Then, go back to Openvpn and scroll down to the OVPN configuration file upload section. Browse (1) and get the desired configuration file that you have just downloaded. Give it a name (2) and upload it (3).
The configuration file will appear in the table of available OpenVPN configurations. You can now edit it.
Search for the line that begins with auth-user-pass in the first text box. Edit by adding the full path to the username/password .auth file, visible in the text just above the second text box (1). For the example below, this would be:
In the second box, enter the OpenVPN/IKEv2 username and password you retrieve on your account (2). Note: to use our NetShield DNS filtering feature, append the suffix +f1 to your username to block malware, or +f2 to block malware, ads, and trackers (for example 123456789+f2).
Back in the first box, add the following line to the configuration file (3):
Save the configuration file.
Go back to VPN → OpenVPN then click on Save & Apply
3. Add DNS updater script
Log in on your router via SSH client with root user. Type the following in the terminal:
Exit your shell.
4. Start and enable the client
Start the client by pressing the Start button in the table of available configurations. This can take up to 10 seconds to complete, as OpenVPN startup and shutdown are slow.
If you want this VPN client connection to start on boot and remain always active, tick the Enable checkbox.
Note: In case clicking the Start button in the table fails to start the VPN instance, tick the Enable checkbox, and press Save & Apply button.
At this point, the VPN is set up and your router can use it. However, the devices in the LAN of your router won’t be able to access the Internet anymore. To do this, you need to set the VPN network interface as public by assigning a VPN interface to WAN zone.
5.1-a With OpenWRT versions up to 18.06 and 19.07
- Click on Network in the top bar and then on Interfaces to open the interfaces configuration page.
- Click on button Add new Interface…
- Fill the form with the following values: name =
tun0, Protocol =
Unmanaged, Interface =
tun0. Then click on Create Interface.
- Edit the interface.
- In panel General Settings: unselect the checkbox Bring up on boot.
- In panel Firewall Settings: Assign firewall-zone to
- Click on Save and Apply the new configuration.
- Reboot the router.
5.1-b With OpenWRT 19.07 (alternative to the above step 5.1-a)
Click on Network in the top bar and then on Firewall to open the firewall configuration page.
Click on the Edit button of the wan (red) zone in the Zones list at the bottom of the page.
Click on the Advanced Settings tab and select the tunX interface (tun0 in the screenshot, which is the most likely if you have a single OpenVPN client/server running)
Click on Status on the top bar and then click on System Log to see the interface name.
A few lines from the system log where you can see the interface name of the OpenVPN client started with the configuration file FR
6. Run a test
Surfshark On Openwrt
Establish the VPN connection. Verify your client traffic is routed via VPN gateway.