BLACK FRIDAY - Save $424 + free OVPN-tshirt when purchasing the three-year subscription
IP address

Internet provider

Amazon Data Services NoVa

Not secure

Your internet provider can monitor what you do online.

Start Guides OpenVPN EdgeOS

Install OVPN on an Edgerouter (EdgeOS)

1. SSH into the router

Connect to your EdgeRouter by typing ssh ubnt@router IP. If you have changed the name of the admin account, use that username instead. Router IP is the IP address of the EdgeRouter. For instance, ssh ubnt@

2. Download the configuration you want

3. Enter your login credentials

echo "CHANGE TO YOUR USERNAME" >> /config/user-data/credentials
echo "CHANGE TO YOUR PASSWORD" >> /config/user-data/credentials

4. Configure interfaces

Run the following commands:

set interfaces openvpn vtun0 config-file /config/user-data/ovpn.ovpn
set interfaces openvpn vtun0 description 'OpenVPN VPN tunnel'


edit service dns forwarding
set name-server
set name-server
set system name-server


5. Router interface

Open up your browser and log in to the Edgerouter browser interface. It's the same IP address that you used to SSH into in the first step, and is by default

Navigate to Firewall/NAT. Click on NAT. Click on + Add Source NAT Rule.

Enter the following:

Description masquerade for vtun0
Enable Should be selected
Outbound Interface vtun0
Translation Use Masquerade
Exclude from NAT Should not be selected
Enable Logging Should not be selected
Protocol All protocols
Src Address (leave blank)
Src Port (leave blank)
Src Address Group (leave blank)
or interface Addr (leave blank)
Src Network Group (leave blank)
Src Port Group (leave blank)
Dest Address (leave blank)
Dest Port (leave blank)
Dest Address Group (leave blank)
or Interface Addr (leave blank)
Dest Network Group (leave blank)
Dest Port Group (leave blank)

Save the changes.

Click and drag masquerade for vtun0 so that it is located above masquerade for WAN. After that, click on Save Rule Order.

6. Finished

You should now be connected to OVPN and be able to browse the internet safely. To make sure everything was set up correctly, please check the dashboard to verify that you are connected.


In case the connection was not set up properly when you verified it in the previous step, please send us the OpenVPN log so we can assist. You can retrieve it by writing:

cat /tmp/openvpn.log