Before following this guide, you will need to install DD-WRT on your router. To do this, you will need to go to DD-WRT's router database and search for your router's model number to see if your router is compatible or find a beta build for your router. This guide uses KONG's beta build of DD-WRT v3.0-r42335 on a Netgear R6700.
IMPORTANT NOTE: Certain beta builds may not work with OpenVPN. Please read the feedback in the build forum before installing a beta build. Also note, regardless of what model router you have or version of DD-WRT you are installing, there is a chance of bricking your router (i.e. rendering the router completely useless) if the process of putting DD-WRT on the router does not complete properly. Please thoroughly read and follow the related documentation regarding the updating procedure for your router to minimize the risk of bricking your router.
Initial DD-WRT Setup and Important Notes
Please check and consider the following before setting up your VPN connection in DD-WRT:
- If you are running a router-behind-router configuration, you will want to make sure your DD-WRT router is on a different subnet than any other router/modem on your network. This can be done by going to Setup/Basic Setup tab and changing your Local IP address to '192.168.8.1' without quotes
- If you are running PPPoE on the router, you will not be able to make a VPN connection
- We suggest adding the following static DNS addresses: 198.18.0.1 and 220.127.116.11, on the basic setup tab
- Please check to ensure the NTP client is enabled and set to the correct time zone, which can be found at the bottom of the basic setup tab
Enable Syslogd so you can get logs if you run into any trouble with your setup. You can do this by going to Services tab and scrolling down to System Log, then Enable Syslogd.
Configuring the VPN Connection
To setup the VPN connection on your router, go to the Services/VPN tab, enable the OpenVPN Client, and set the connection up using the following settings:
- Server IP/Name: Choose a server from our server list and enter the address in this field
- Port: use 1194 or 443
- Tunnel Device: TUN
- Tunnel Protocol: UDP
- Encryption Cipher: AES-256-CBC
- Hash Algorithm: SHA256
- User Pass Authentication: Enable
- Username: YourPrivadoUsername
- Password: YourPrivadoPassword
- Advanced Options: Enable
- TLS Cipher: None
- Compression: Disabled
- NAT: Enable
- Copy and paste the following into your Additional Config:
- CA Cert: Copy and paste the following into the CA Cert box. The ca.crt is also attached HERE and at the very bottom of this guide if you are having difficulty copying this text.
Save and Apply the settings, then go to the Administration tab and click Reboot at the bottom of the page.
Check the VPN Connection
Once your router has finished booting up, verify you are connected by going to the Status/OpenVPN and/or checking your external IP address online.
If you have any questions or run into trouble, please contact our support team here: https://support.privado.io/new