matomo

Guide to install OpenVPN for OpenWrt

1. Choose how you want to connect to OVPN

2. Install OpenVPN on your router

First, connect to LUCI (the interface on your router) by going through your browser. By default, your router should have the IP address 192.168.1.1.

Login as root using your normal password for the router. Navigate to SystemSoftware and click on Update lists

Under Download and install package, search for luci-app-openvpn and openvpn-openssl. Press OK on each of them to download and install them.

3. Configure OVPN

Navigate to VPNOpenVPN.

Under OVPN Configuration file upload, enter OVPN as Instance name, and select the configuration file you downloaded in Step 1 of this guide. Click Upload.

On the newly-created OpenVPN configuration, click Edit.

In the text field at the bottom, insert your OVPN credentials. Enter your username on the first line and your password on the second line.

Click Save

Click Save & Apply

4. Configure the interface

Navigate to NetworkingInterfaces. Click on Add new interface.

Enter OVPN as the name and select Unmanaged.

In the Interface field, select -- custom -- and enter tun0. Click Enter.

Click Create interface.

Click Edit on the newly-created interface OVPN.

Under General Settings, make sure Bring up on boot is selected.

Under Advanced Settings, make sure Use built-in IPv6-management is selected.

Under Firewall Settings, click on unspecified and select -- custom --. Enter the name ovpn_fw and press Enter. Then press Save.

5. Configure the firewall

Navigate to NetworkingFirewall. Find ovpn_fw in the list of interfaces and click on Edit.

Make sure the settings are as followed:

Input reject
Output accept
Forward reject
Masquerading Should be selected
MSS clamping Should be selected
Covered networks Should be selected OVPN
Allow forward from source zones LAN

Click Save & Apply

6. Connect to OVPN

Navigate to VPNOpenVPN.

Make sure Enabled is selected for the OVPN profile and then click on Save & Apply. Click Start.

After a few seconds connection should be established. If you successfully connected to the server, you should see the following:

7. Finished

You should now be connected to OVPN and be able to browse the internet safely. To make sure everything was set up correctly, please check the dashboard to verify that you are connected.

Troubleshooting

In case the connection was not set up properly when you verified it in the previous step, please send us the OpenVPN log so we can assist. You can retrieve it by writing:

sudo -i
cat /tmp/openvpn.log

You can also check if OpenVPN is running properly by writing:

ps aux|grep openvpn