How to Setup OpenVPN on OpenWRT routers
The following is an example of working config kindly provided by a member of the VanishedVPN community.
In this example config is applied via command line. You should be reasonably tech savvy to be able to complete this, and leave yourself 30 mins > 1 hour to configure and test.
- Using the Web interface enable NTP and set the timezone, ensure the time on the device is correct.
- Log into the router using SSH.
- Install OpenVPN
opkg update opkg install openvpn-openssl openvpn-easy-rsa luci-app-openvpn openssh-sftp-server
- Verify the packages/programs wget, scp and kmod-tun are installed, OpenVPN relies on the tun kernel module being installed – In theory opkg should have installed these dependencies.
- Move the /etc/easy-rsa directory to somewhere else, in case you do an upgrade and overwrite your files.
mkdir /etc/config/openvpn-config mv /etc/easy-rsa/* /etc/config/openvpn-config/ rm -rf /etc/easy-rsa/ ln -s /etc/config/openvpn-config/ /etc/easy-rsa rm /etc/config/openvpn_recipes touch /etc/config/openvpn-config/client.ovpn
- Create a password file in /etc/openvpn eg usa.txt
- Put the username and password on two separate lines in the text file
- Edit the ovpn file from Vanished
- Add the password filename to the auth-user-pass line, e.g.: auth-user-pass usa.txt
cp usa.ovpn /etc/openvpn chmod 400 /etc/openvpn/1300WebProDC.txt
- Create a tun interface for OpenVPN to use
cat >> /etc/config/network << EOF config interface ‘Vanished_VPN' option proto 'none' option ifname 'tun0' EOF
In the web interface add the tunnel interfaces (Tun0) to the Wan Zone
Then Select WAN for the Zone
- Save and Exit
- Go to System->Startup
- In the system startup command put
openvpn --cd /etc/openvpn --config /etc/openvpn/usa.ovpn
- Save and exit
- Reboot the router
——
Here is copies of some of our configs:
/etc/openvpn/usa.ovpn ——client
nobind
dev tun1
comp-lzo no
auth-user-pass usa.txt
resolv-retry infinite
persist-key
persist-tun
reneg-sec 0
verb 3
proto udp
tun-mtu 1200
remote usa.vanishedvpn.com 1194 udp
route-nopull
script-security 2
up /etc/openvpn/usa-up.sh
<ca>
—–BEGIN CERTIFICATE—–
MIIDNTCCAh2gAwIBAgIJAMQa+rPdk6lHMA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV
BAMMC1ZhbmlzaGVkVlBOMB4XDTE2MTAyNzA3NTQwN1oXDTI2MTAyNTA3NTQwN1ow
FjEUMBIGA1UEAwwLVmFuaXNoZWRWUE4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQCarKifraPvg94Bfiy5EcHYnpAG6sUwvf4nH9YXQXXaNjz3uqRI+Pzs
03Z94ApLkzZm0jC1SyFbY6JxbqF5N87nw7PuWumamwr0VIOiu5ZeDgRMuxu5QK+c
w8AzrmZruPMdWIxUl5I9akC0Aucm1AcK0P3Ksd1VHWzox/ixJz42zJ0sTeIHjarp
IHsczCWc4VFk2K1D43F/HG9IXGusumwbOvY1HMQ/2qgN2q3FIuS9imLv0etApqMp
C4tDPQC5YWQSMhr0N2zjB5gsIgac5v+OIIr5VwLBTnmXYmCMfxG6E4TDQX3axc1x
Y0vB0w3r74u38iz2MNLF7xfH+/DY3N1fAgMBAAGjgYUwgYIwHQYDVR0OBBYEFJxs
VLWgp+toUyDtYNU9fmgyXyOEMEYGA1UdIwQ/MD2AFJxsVLWgp+toUyDtYNU9fmgy
XyOEoRqkGDAWMRQwEgYDVQQDDAtWYW5pc2hlZFZQToIJAMQa+rPdk6lHMAwGA1Ud
EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCJUHg1wrH2
X9AQGed2MJe02TKG3qnYQlHpAo0TnveyEBr0eEP5wsI4YvrMSw+NJL4jq/KYXmPJ
DARTJjDKRx/GxLm51AQRZJSFWQ00QxQ3mXskPZOsWN6pv13EUvxUdJ3f8N4kEIDA
rQ/+ssSxJuyFKIOp2Lyhc22oGfhwYp8CXbFkNRCCyQNk+MuKlZP8wFV46lewDysN
mh8lKCdHihyT6bdsOPG0jKQCB/y3jNBoscdpEHOdkQYFlW6Hd8xixP0e5yejVJXz
K9WyBPQXrswv0/3Blbv/BCFpIN5ObGnfLx2qO3S27uzNfVjWCTaWH85LkksiiTBY
1GmsvVD/8aCt
—–END CERTIFICATE—–
——
/etc/config/network
——
config interface ‘Vanished_USA’
option proto ‘none’
option ifname ‘tun1’
option defaultroute ‘0’
option mtu ‘1200’
——
Our startup script:
——
#!/bin/ash
logger “OVPN: ifconfig_remote = $ifconfig_remote”
logger “OVPN: ifconfig_local = $ifconfig_local”
logger “OVPN: trusted_ip = $trusted_ip”
table=100
rule=”rule add from 10.1.2.0/24 priority 10 table $table”
route=”route add 10.1.2.0/24 dev $dev table $table”
route2=”route add default via $ifconfig_local dev $dev table $table”
logger “OVPN: ip $route”
logger “OVPN: ip $route2”
logger “OVPN: ip $rule”
ip $rule
ip $route
ip $route2
iptable1=”-I FORWARD -o $dev -j ACCEPT”
iptable2=”-t nat -I POSTROUTING -o $dev -j MASQUERADE”
iptable3=”-I FORWARD -i br-vanished -o eth0 -j ACCEPT”
logger “OVPN: iptables $iptable1”
logger “OVPN: iptables $iptable2”
logger “OVPN: iptables $iptable3”
iptables $iptable1
iptables $iptable2
iptables $iptable3
flush=”route flush cache”
logger “OVPN: ip $flush”
ip $flush
——
VanishedVPN Support
VanishedVPN Servers
| Server name | Use for Examples |
| usa.vanishedvpn.com | Unblocking US content (Netflix, Hulu), ESPN+ |
| usatv.vanishedvpn.com | USA TV channels (NBC, CBS, Starz, Vudu, Sling TV etc) |
| uk.vanishedvpn.com | Unblocking UK content (Netflix, BBC iPlayer, ITV.com, NOW TV, Sky GO, Channel 4 etc) |
| aus.vanishedvpn.com | Secure browsing, Access to Aus channels while travelling outside Australia (Foxtel Go, Plus 7, 9 Now, Ten Play). Access to Aus to avoid throttling by your ISP |
| p2p.vanishedvpn.com | P2P & Bit Torrent – These servers are based in a location where the laws on Bit Torrent are liberal. Bit Torrent is disabled on all other servers. |
| india.vanishedvpn.com | hotstar.com, sonyliv.com , News, TV, Sports, Video Streaming |
| spain.vanishedvpn.com | News, TV, Sports, Video Streaming |
| france.vanishedvpn.com | News, TV, Sports, Video Streaming |
| russia.vanishedvpn.com | https://matchtv.ru/ , News, TV, Sports, Video Streaming |
| swiss.vanishedvpn.com | www.srf.ch/tv , News, TV, Sports, Video Streaming |
| safrica.vanishedvpn.com | SuperSport, News, TV, Video Streaming |
| holland.vanishedvpn.com | DutchTV, Sports, Video Streaming |
| taiwan.vanishedvpn.com | Taiwan News, TV, Sports, Video Streaming |
| turkey.vanishedvpn.com | Turkish News, TV, Sports, Video Streaming |
| germany.vanishedvpn.com | DAZN, https://www.zdf.de/, News, TV, Sports, Video Streaming |
| italy.vanishedvpn.com | Italian News, TV, Sports, Video Streaming |
| newzealand.vanishedvpn.com | www.tvnz.co.nz www.threenow.co.nz www.parliament.nz https://www.maoritelevision.com/ New Zealand Netflix.com |
7-day money-back guarantee
Give VanishedVPN a test drive. All plans are fully refundable, no questions asked.
Get Vanished VPN
