- Navigate to the home page of your router - By default 192.168.1.1.
- Click on the Services tab. You may be asked to enter your router username and password.
- Click on the VPN tab and then click on the Start OpenVPN Client button.
- Enter the following configuration (as also shown in the screen shot below):
Where we do not specify a value leave the default value in place.
- Server IP/Name: Enter a server name from the server status page e.g. ch.gw.ivpn.net
- Port: 2049
- Tunnel Device: TUN
- Tunnel Protocol: UDP
- Encryption cipher: AES-256 CBC
- Hash Algorithm: SHA1
- User Pass Authentication: Enable (If this option does not exist you will need to follow the steps in the appendix).
Enter your account ID that begins with 'ivpn' and any password.Only your account ID is used for authentication. The password field can be left empty or set to anything if your client software requires a non-blank password.
- Advanced options: Enable
- TLS cipher: None
- LZO Compression: No
- NAT: Enable
- Firewall Protection: Enable
- Tls Auth Key: Download and paste the contents of the TLS-auth file.
- Additional Config:
tls-client tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA key-direction 1 resolv-retry infinite keepalive 10 60 nobind persist-key persist-tun persist-remote-ip verb 3
- CA Cert: Download and paste the contents of the CA cert file.
Click on the Management tab and then on the Reboot router button at the bottom of the page. The router will reboot and then automatically attempt to connect to the VPN gateway. This may take up to 5 mins from the time you reboot depending on the speed of the router. You can view the status of the OpenVPN connection by navigating to Status > OpenVPN.
The router will route all traffic through the VPN. You must configure clients with trusted DNS servers or you can configure the DHCP server on the DD-WRT router to enable this configuration automatically on all clients.
Please note:If you plan to use a Multihop setup please see this guide and make the correct changes to your account ID in Step 6.
If you do not have the User Pass Authentication field in your DD-WRT version please follow the steps below:
- Add the following line to your Additional Config field:
- Save your configuration by clicking on the save button.
- Click on the Adminstration tab and then the Commands
tab. Enter the text shown in the box below replacing the username and password in quotes
account ID (starts with 'ivpn') and any password. Click on Save startup to
#!/bin/sh touch /tmp/auth.conf echo "username" > /tmp/auth.conf echo "password" >> /tmp/auth.conf
- If the previous command worked correctly you should now see the contents above in a new section on the same page called Startup.