Before you begin, please make sure that:

• You must have an active internet connection.
• VPN Supported Router.
• Own a premium Ivacy account (If you do not already own one, you can buy a subscription from here)

OpenVPN on OpenWRT Router will protect your internet privacy and security while giving you full internet freedom and instant access to content streaming.

Note: The steps below were tested on OpenWrt 18.06 running set on a Linksys E900 router that has the luci app openvpn plugin on site, so it might not be same on your firmware:

Update and install OpenVPN client package

1. Login as root to the router via SSH using Terminal, or a client of your choice i.e PuTTY .
   • By default, the address is 192.168.1.1 but it might differ to yours. If you do not know the address of your router, consult the router’s vendor support.
   • The default username and password are both set as root but it may differ if you have changed it from your end.
2. Ensure your package is up to date on your system. Run the command below:
   opkg update
3. Install OpenVPN client package:
   opkg install openvpn-openssl luci-app-openvpn
4. Now head to /etc/openvpn/ and create a file called tls-auth.key in it.
   vi tls-auth.key
   (Open the Wdc.key file from the Open VPN files folder (you just downloaded), copy and paste its content in the text editor and save it)
5. Next, create a file called userpass.txt
   • vi userpass.txt
6. Enter your Ivacy Username and Password on the first line and the second line respectively and save it.
   • ivacy0sxxxxx
   • VPN PasswordCreate a OpenVPN configuration using the steps below
7. Login to the router’s Luci Web panel from your browser.
8. Navigate to Services > OpenVPN
9. Create a new instance named Ivacy and select the 3rd option from the drop-down: Simple client configuration for a routed point-to-point VPN.
10. Click Add.
11. Click on Switch to advanced configuration at the top right corner of the page to start configuring the OpenVPN connection.
12. Under the Services tab, just ensure verb is set to 1.
13. Click Save.
14.  Next, click on the Networking tab and Ensure these details are as below, leave others as it is.• port : 53
    • nobind : Checked
    • persist_tun : Checked
    Note: If the stated field is not there, scroll down and select it from the Additional Field drop down and click Add
    
15. Click Save.
16.  Next, click on the VPN tab. Ensure these details are as below, leave others as it is.
    • client : Checked
    • auth_user_pass:  /etc/openvpn/userpass.txt
    • remote: ukm2-ovpn-udp.dns2use.com
    • proto: udp
    • resolv_retry: infinite
    The example above is set to connect to our UK server i.e. ukm2-ovpn-udp.dns2use.com . If you wish to connect to another country, please refer to the full list of server names that you can connect by clicking here and select OpenVPN tab.
    Note: If the stated field is not there, scroll down and select it from the Additional Field drop-down and click Add
17. Click Save.
18. Next, click on the Cryptography tab. Ensure these details are as below, leave others as it is.
    • auth: SHA1
    • cipher: AES-256-CBC
    • mute_replay_warnings: Checked
    • tls_client: Checked
    • ca: Upload the CA ‘ca.crt’ file that you downloaded earlier
    • tls_auth: /etc/openvpn/tls-auth.key
    • auth_nocache: Checked
    • remote_cert_tls: server
    • key_direction: 1
    Note: If the stated field is not there, scroll down and select it from the Additional Field drop-down and click Add
19. Click on Save & Apply.
    Create VPN interface using the steps below
20. Navigate to Network > Interfaces
    
21. Click on Add New Interface
22. Enter the details as below:
    • Name of the new interface: Ivacy
    • Protocol of the new interface: select Unmanaged from the drop down menu
    • Cover the following interface: Custom Interface – tun0
    
23. Click Submit.
    Set Firewall Rule for VPN connection using these steps
24. Navigate to Network > Firewall
25. Click Add.
26. Configure the firewall as below.
    • Name: Ivacy_fw
    • Input: reject
    • Output: accept
    • Forward: reject
    • Masquerading: Checked
    • MSS clamping: Checked
    • Covered networks: Select Ivacy
    For Inter-Zone Forwarding:
    • Select Allow forward from source zones
    • lan : Checked
    • wifi : Checked (if you have wifi interface configured)
27. Once that is done, click on Save & Apply.
    Connection complete. Ivacy VPN is now configured in your OpenWRT router.
28. Go to Services > OpenVPN, check the box for Enabled next to Ivacy, then click the Start button to initiate the connection.• The connection should be completed within seconds, once connected you can confirm this by checking from the website: www.ipaddress.com
    • If the VPN connection doesn’t start then go to the /var/etc/client.conf directory, open the OpenVPN file and remove the line “secret shared-secret.key” save the file and then recheck to connect.
    • If you are unable to access the Internet when the VPN is connected, look through the Firewall settings again and ensure it’s set correctly before trying again.