Home > VPN Setup Guides > DD-WRT Router OpenVPN Setup
DD-WRT Router OpenVPN Setup

Before following this guide, you will need to install DD-WRT on your router. To do this, you will need to go to DD-WRT's router database and search for your router's model number to see if your router is compatible or find a beta build for your router. This guide uses KONG's beta build of DD-WRT v3.0-r42335 on a Netgear R6700.

IMPORTANT NOTE: Certain beta builds may not work with OpenVPN. Please read the feedback in the build forum before installing a beta build. Also note, regardless of what model router you have or version of DD-WRT you are installing, there is a chance of bricking your router (i.e. rendering the router completely useless) if the process of putting DD-WRT on the router does not complete properly. Please thoroughly read and follow the related documentation regarding the updating procedure for your router to minimize the risk of bricking your router.

 

Initial DD-WRT Setup and Important Notes
Please check and consider the following before setting up your VPN connection in DD-WRT:

  • If you are running a router-behind-router configuration, you will want to make sure your DD-WRT router is on a different subnet than any other router/modem on your network. This can be done by going to Setup/Basic Setup tab and changing your Local IP address to '192.168.8.1' without quotes
  • If you are running PPPoE on the router, you will not be able to make a VPN connection
  • We suggest adding the following static DNS addresses: 198.18.0.1 and 8.8.8.8, on the basic setup tab
  • Please check to ensure the NTP client is enabled and set to the correct time zone, which can be found at the bottom of the basic setup tab

 

 




Enable Syslogd so you can get logs if you run into any trouble with your setup. You can do this by going to Services tab and scrolling down to System Log, then Enable Syslogd.





Configuring the VPN Connection
To setup the VPN connection on your router, go to the Services/VPN tab, enable the OpenVPN Client, and set the connection up using the following settings:

  • Server IP/Name: Choose a server from our server list and enter the address in this field
  • Port: use 1194 or 443
  • Tunnel Device: TUN
  • Tunnel Protocol: UDP
  • Encryption Cipher: AES-256-CBC
  • Hash Algorithm: SHA256
  • User Pass Authentication: Enable
  • Username: YourPrivadoUsername
  • Password: YourPrivadoPassword
  • Advanced Options: Enable
  • TLS Cipher: None
  • Compression: Adaptive
  • NAT: Enable
  • Copy and paste the following into your Additional Config: 

persist-key
persist-tun
persist-remote-ip
keysize 256
remote-cert-tls server

  • CA Cert: Copy and paste the following into the CA Cert box. The ca.crt is also attached HERE and at the very bottom of this guide if you are having difficulty copying this text.

-----BEGIN CERTIFICATE-----
MIIFKDCCAxCgAwIBAgIJAMtrmqZxIV/OMA0GCSqGSIb3DQEBDQUAMBIxEDAOBgNV
BAMMB1ByaXZhZG8wHhcNMjAwMTA4MjEyODQ1WhcNMzUwMTA5MjEyODQ1WjASMRAw
DgYDVQQDDAdQcml2YWRvMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
xPwOgiwNJzZTnKIXwAB0TSu/Lu2qt2U2I8obtQjwhi/7OrfmbmYykSdro70al2XP
hnwAGGdCxW6LDnp0UN/IOhD11mgBPo14f5CLkBQjSJ6VN5miPbvK746LsNZl9H8r
QGvDuPo4CG9BfPZMiDRGlsMxij/jztzgT1gmuxQ7WHfFRcNzBas1dHa9hV/d3TU6
/t47x4SE/ljdcCtJiu7Zn6ODKQoys3mB7Luz2ngqUJWvkqsg+E4+3eJ0M8Hlbn5T
PaRJBID7DAdYo6Vs6xGCYr981ThFcmoIQ10js10yANrrfGAzd03b3TnLAgko0uQM
HjliMZL6L8sWOPHxyxJI0us88SFh4UgcFyRHKHPKux7w24SxAlZUYoUcTHp9VjG5
XvDKYxzgV2RdM4ulBGbQRQ3y3/CyddsyQYMvA55Ets0LfPaBvDIcct70iXijGsdv
lX1du3ArGpG7Vaje/RU4nbbGT6HYRdt5YyZfof288ukMOSj20nVcmS+c/4tqsxSe
rRb1aq5LOi1IemSkTMeC5gCbexk+L1vl7NT/58sxjGmu5bXwnvev/lIItfi2AlIT
rfUSEv19iDMKkeshwn/+sFJBMWYyluP+yJ56yR+MWoXvLlSWphLDTqq19yx3BZn0
P1tgbXoR0g8PTdJFcz8z3RIb7myVLYulV1oGG/3rka0CAwEAAaOBgDB+MB0GA1Ud
DgQWBBTFtJkZCVDuDAD6k5bJzefjJdO3DTBCBgNVHSMEOzA5gBTFtJkZCVDuDAD6
k5bJzefjJdO3DaEWpBQwEjEQMA4GA1UEAwwHUHJpdmFkb4IJAMtrmqZxIV/OMAwG
A1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBDQUAA4ICAQB7MUSX
MeBb9wlSv4sUaT1JHEwE26nlBw+TKmezfuPU5pBlY0LYr6qQZY95DHqsRJ7ByUzG
UrGo17dNGXlcuNc6TAaQQEDRPo6y+LVh2TWMk15TUMI+MkqryJtCret7xGvDigKY
MJgBy58HN3RAVr1B7cL9youwzLgc2Y/NcFKvnQJKeiIYAJ7g0CcnJiQvgZTS7xdw
kEBXfsngmUCIG320DLPEL+Ze0HiUrxwWljMRya6i40AeH3Zu2i532xX1wV5+cjA4
RJWIKg6ri/Q54iFGtZrA9/nc6y9uoQHkmz8cGyVUmJxFzMrrIICVqUtVRxLhkTMe
4UzwRWTBeGgtW4tS0yq1QonAKfOyjgRw/CeY55D2UGvnAFZdTadtYXS4Alu2P9zd
woEk3fzHiVmDjqfJVr5wz9383aABUFrPI3nz6ed/Z6LZflKh1k+DUDEp8NxU4klU
ULWsSOKoa5zGX51G8cdHxwQLImXvtGuN5eSR8jCTgxFZhdps/xes4KkyfIz9FMYG
748M+uOTgKITf4zdJ9BAyiQaOufVQZ8WjhWzWk9YHec9VqPkzpWNGkVjiRI5ewuX
wZzZ164tMv2hikBXSuUCnFz37/ZNwGlDi0oBdDszCk2GxccdFHHaCSmpjU5MrdJ+
5IhtTKGeTx+US2hTIVHQFIO99DmacxSYvLNcSQ==
-----END CERTIFICATE-----

 



Save and Apply the settings, then go to the Administration tab and click Reboot at the bottom of the page.

Check the VPN Connection
Once your router has finished booting up, verify you are connected by going to the Status/OpenVPN and/or checking your external IP address online.



If you have any questions or run into trouble, please contact our support team here: https://support.privado.io/new

Feedback
2 out of 2 found this helpful

Attachments

ca.crt
scroll to top icon