This article aims to route the traffic on your secondary router with OpenWRT installed to an OpenVPN server.
In this article, I used a TP-Link Archer C20 V5 router with OpenWrt 22.03.4. You can use your own version of OpenWRT, and router and the instructions should more or less be the same.
Please make sure to back up your current configuration in-case something goes wrong and you have to reset the router. This article is provided to you as-is and we will not be liable for any actions you perform on your router.
If things go south, please make sure you know how to recover from such a situation.
Additionally, please make sure you have connected your ethernet cable to the WAN/Internet port and NOT the Ethernet port.
- Router with OpenWRT installed
- Remote Server with OpenVPN Server installed. ?
If you have already installed OpenVPN on your router, you may skip to Configuring OpenVPN Client.
Updating package lists
To get the latest packages, you will have to update the package list on your router. To do this, go to your Router IP and go to
Then, click on the
Update Lists button.
Then, the software lists should be updated. In any case, if the software is not updated, it means that the router cannot connect to the internet. In that case, you will have to ask around with the folks in OpenWRT forums who will help you fix it, Make sure to include your configuration, and debug logs so that it is quicker to help you. (Don’t ask to ask)
Installing the required packages
Now, you will have to install
The first package is the actual OpenVPN app, which you can activate by SSH’ing into the router and the latter adds an interface to manage your OpenVPN connections in the router page. It is optional if you want to do everything from SSH.
Configuring OpenVPN Client
After both packages are installed, refresh the page. And you should see a new dropdown on the navigation bar called
VPN, hover over it, and click on
Now, download your .ovpn file, name it anything you like, and upload it.
If you want an easy way to install OpenVPN Server onto your VPS, I suggest using angristan/openvpn-install.
After it has been uploaded, click on the
Enabled checkbox and click on
Save and Apply the button beside the file you just uploaded.
Start the OpenVPN instance, if it hasn’t started already.
Setting up interface
At this point, you should have lost the internet connection on your devices. To route the connections through the VPN, hover over the
Network dropdown on the navbar and click on
If you get prompted to update the interfaces like in the screenshot below, click on the continue button.
Click on the
Add new interface button.
Inside the popup, You may give it any name, in my case, I named it OpenVPN. On protocol, select the
Unmanaged option in the dropdown.
device, select tun0.
Then, click on Create Interface button.
The interface properties should pop up. Ensure the
Bring up on boot option is checked and click on the Save button.
Then, finally, click on the
Save & Apply button at the bottom of the screen.
To set up the firewall, hover the
Network dropdown and click on the firewall option.
Under the Zones heading, click on the
A creation popup should appear. In there fill in the following values as in the table below.
|Previously created interface name, i.e OpenVPN|
It should look similar to the configuration below.
Then, click on
Save and click on
Save and Apply.
Finally, reboot the device. The option to reboot is under
After reboot, the device should forward connections over VPN. To confirm this you may visit
Routing. Your table should look somewhat like this, where I have marked over with red should have the public IP address of your server.
You can also check it by visiting websites like ipinfo.io to verify your device is being routed correctly over the VPN.