Setting up an OpenVPN (Client) connection on a DD-WRT router
The following instructions will guide you through a configuration of an OpenVPN connection on a DD-WRT compatible router. This OpenVPN Client setup is the recommened connection type for DD-WRT compatible routers connecting to the VPNUK service. There are hundreds of routers compatible with DD-WRT, please check the router database on the DD-WRT website for more information. You should always ensure you are running up to date DD-WRT firmware.
IMPORTANT NOTICE: Setting up DD-WRT on a compatible router is not for novice users, this setup does require a certain amount of experience and knowledge of how internal networks operate. It is not possible for VPNUK to assist in the flashing of routers or the installation of DD-WRT firmware. It is also not possible for VPNUK to assist in the setup of the VPNUK service, nor can we be held responsible for damage caused by clients configuring uncompatible routers or flashing incorrect firmware. If you choose to setup your VPNUK connection over DD-WRT we have very limited support available and we are unable to assist remotely or through our Live Help service. Please only install official DD-WRT firmware from the DD-WRT website onto compatible routers. Before you attempt to configure your router please setup an OpenVPN connection on your computer to ensure the account is working.
If you do choose to configure your connection through DD-WRT, please note, that it is still largely unsupported and can be problematic. If you have any problems we only offer basic troubleshooting assistance through our ticketing system, we also have a troubleshooter at the bottom of this page. You should be prepared to lose internet connectivity and be ready and know how to return the router to it’s default settings.
1. In order to install this connection type there are some files that you have to download. You can download them from here: DD-WRT OpenVPN Client Config Files and then extract them to a safe location, you’ll need them later.
2. If you are setting up your OpenVPN connection as an Access Point the connection should pass from the WAN port on the DD-WRT router to an available LAN port of your main router and the DD-WRT router should be running on a different IP to that of your main router (For example, if your main router is running on 192.168.1.1 – DD-WRT could be 192.168.2.1). Before you continue please ensure you have configured the DD-WRT router on your local area network and sure the internet connection is passing through the router correctly.
Login to your DD-WRT router and check that you are running the latest DD-WRT firmware. If you are using an old router or firmware with out of date openssl libraries you may encounter connection problems.
Click onto Setup > Basic Setup. Under Network Address Server Settings (DHCP), set the VPNUK DNS address or a third party DNS service, we recommend the highly secure Cloudflare DNS 126.96.36.199 and 188.8.131.52. Also place a check in the Use DNSMasq for DHCP, Use DNSMasq for DNS, DHCP-Authoritative checkboxes. Click ‘Save’ and ‘Apply Settings’.
2. IPv6 Tab
Click onto the ‘IPv6’ tab from the ‘Setup’ sub menu (if you have it) and ensure IPv6 is disabled.
3. OpenVPN Client
Go to services > VPN and place a check in the ‘OpenVPN Client’ checkbox to ‘Enable’ it..
4. OpenVPN Client Settings
4a. Enter your server IP.
4b. Enter the default port 1194. You can also enter port 55194 and 65194 on the UDP Tunnel Protocol or port 443, 80 or 8008 if you use the TCP Tunnel Protocol.
4c. Tunnel Device: TUN.
4d. Tunnel Protocol: UDP if using Port 1194, 55194 or 65194. TCP if using Port 443, 80 or 8008.
4e. Encryption Cipther: AES-256-CBC.
4f. Hash Algorithm: SHA1.
4g. Inbound Firewall on TUN: Off.
Enable: ‘User Pass Authentication’ and Enable ‘Advanced Options’. Enter your VPNUK login username and password. If you do not have this option please continue with the setup and see ‘Section 2’ below once completed.
6. TLS Auth Key
Open the ‘TLS-Auth-Key.txt’ file that you downloaded earlier and enter the contents (as is) into the ‘TLS Auth Key’ area. The file should start with —–BEGIN OpenVPN Static key V1—– and end with —–END OpenVPN Static key V1—–
7. Additional Config
Open ‘Additional-Config.txt’ file that you downloaded earlier and enter the contents (as is) into the ‘Additional Config’ area.
8. CA Cert
Open the ‘CA-Cert.txt’ file that you downloaded earlier and enter the contents (as is) into the ‘CA Cert’ area. The file should start with —–BEGIN CERTIFICATE—– and end with —–END CERTIFICATE—
9. Public Client Cert
Open the ‘Public-Client-Cert.txt’ file that you downloaded earlier and enter the contents (as is) into the ‘Public Client Cert’ area. The file should start with —–BEGIN CERTIFICATE—– and end with —–END CERTIFICATE—-
10. Public Client Key
Open the ‘Public_Client_Key.txt’ file that you downloaded earlier and enter the contents (as is) into the ‘Public Client Key’ area. The file should start with —–BEGIN PRIVATE KEY—– and end with —–END PRIVATE KEY—–
11. Apply and Save
Click onto ‘Apply Settings’ and Then ‘Save’.
12. Check Status
You can check if the connection is working correctly by going to Status > OpenVPN. You should see ‘Client: CONNECTED SUCCESS’ or by going to any IP lookup service.
Section 2. Additional Settings and Configurations
After adding any of these additional settings you must go to ‘Administration > Management’ and select ‘Reboot router’.
1. Username and Password
If your username and password field was missing from part 5, Open the ‘User-Pass.txt’ file from the files that you downloaded earlier and then go to Administration > Commands, enter the contents of the file into the ‘Commands’ area, Change USERNAME and PASSWORD to your login username and password and then click onto ‘Save Startup’.
2. Kill Switch
If you would like to add a kill switch to the connection you can do so by adding the contents of the ‘Kill-Switch.txt’ file that was included in the OpenVPN Client configuration files. Go into Administration > Commands, and enter the contents of the file into the command box, Then click onto ‘Save Firewall’. Go into Administration > Management > Reboot router.
Troubleshooting DD-WRT issues
There are many reasons why a DD-WRT connection may fail to connect correctly. The most common issues are down to little errors like the incorrect VPNUK login username, password and server details, even having the incorrect time and date can impact on the connections.
Here is a checklist of common causes of connection failures and the fixes.
1. Try setting ‘Use DNSMasq for DNCP’, ‘Use DNSMasq for DNS’ and ‘DHCP-Authoritative’ to enabled as well as disabled.
2. Ensure the IP of the DD-WRT router is not conflicting with your main router.
3. Ensure the DD-WRT is connected to any other router from its WAN port.
4. You could also try setting the DD-WRT router to a ‘Static’ connection from the ‘Basic Setup’ page.
5. Go to your LAN settings and manually change your IP Address, Subnet Mask and Gateway so its pointing to the DD-WRT router.
You may also need to change the DNS servers, if you do not want to use your ISPs DNS you can use Cloudflare DNS 184.108.40.206 and 220.127.116.11
6. Try disabling the firewalls on your routers or modems, these can quite often cause connection issues. Once its determined that a firewall is not causing the problem it can always be re-enabled.
7. MTU settings can quite often cause problems, you could try lowering the MTU settings by adding this command on a new line (below verb 3) on your OpenVPN configuration file: tun-mtu 1100
8. Its very important that your router has the correct time and date.
OpenVPN Log Instructions
If you are running an OpenVPN Connection you can create a Log which may enable you to see the problem, or you can open a support ticket and send us the details.
1. Add the following after ‘verb 3’ in your OpenVPN Config startup script:
2. Reboot you router, wait for about 5 minutes and then run the following command (Run Command) from the command text area in administration:
ln -s /tmp/vpn.log /tmp/www/vpn.html
3. Go to the DD-WRT index page and add: /user/openvpnlog.html to it so it looks something like: http://192.168.x.x/user/openvpnlog.html
## If any problems persist please open a support ticket and we will be able to assist you with our troubleshooting questionaire.