OpenVPN Client Setup on TP-Link TL-WR841N Router with OpenWrt 19.07 Firmware

for VPN Unlimited users

How to Install VPN Unlimited on Different Platforms & Create KeepSolid ID

 

Detailed installation guides on different platforms:

 

How to create a new KeepSolid ID

  1. After installing the VPN Unlimited app, you will see the line "Create KeepSolid ID", сlick on it to start the process.
  2. Enter your email address in the designated field.
  3. Create a password and enter it in the password field.
  4. Repeat your password in the provided field to confirm it.
  5. Check the box next to the statement "By continuing, you agree to our…".
  6. Tap the "Sign up" button to complete the registration.

Connecting to a VPN server for the first time, you will be requested to allow adding VPN configurations and downloading a VPN profile.  For more details, please refer to the manuals provided above on how to install VPN Unlimited on different platforms.

 

This tutorial provides a detailed walkthrough on how to configure the OpenVPN® client on OpenWrt router. To get more information about the OpenVPN protocol, check out our detailed article What is OpenVPN protocol. TP-Link TL-WR841N router with OpenWrt 19.07 firmware was taken as an example.

How to set up the VPN Unlimited app for OpenWrt router? How to configure OpenVPN client? Let’s check it out!

 

I. Set up the OpenVPN client on your OpenWrt 19.07 router

II. Generate OpenVPN client settings in your User Office

III. Configure OpenVPN connection on OpenWrt 19.07 router

IV. Add OpenVPN interface and configure DNS settings

I. Set up the OpenVPN client on your OpenWrt 19.07 router

 

Open your OpenWrt web interface by printing the IP-address of the admin panel in the address line of your browser.

If you don’t know how to access your router control panel, check out our instruction on how to find your router IP

1. Go to the System > Software and click Update lists.

2. Wait until the operation is completed and press Dismiss.

3. Type openvpn-openssl in the Download and install package field and press OK.

4. Press Install, and wait until the package is downloaded. Then press Dismiss.

5. Type luci-app-openvpn in the Filter field and click Install.

Then type luci-i18n-openvpn-en in the Filter field and click Install.

6. Check the Overwrite files from other package(s) option and press Install.

7. Wait until both packages are installed and press Dismiss.

8. Make sure that all packages were successfully installed. To do this, select the Installed tab and type openvpn in the Filter field.

9. To apply the changes, go to the Status tab and reboot your router.

II. Generate OpenVPN client settings in your User Office

 

You need to generate the manual configuration settings in your KeepSolid User Office. There you will get the .ovpn configuration file, VPN server domain name and other settings for your OpenVPN connection setup. 

Follow a few simple steps described in the tutorial How to manually create VPN configurations and you’ll easily get all the required information.

III. Configure OpenVPN connection on OpenWrt 19.07 router

 

There are two methods to configure OpenVPN connection on your OpenWrt router. Choose any of them and then go to step IV of this instruction.

Method 1. Upload the .ovpn configuration file

Method 2. Configure OpenVPN connection by yourself

Method 1. Upload the .ovpn configuration file

 

1. Go to the VPN tab > OpenVPN.

2. Find the OVPN configuration field, specify it’s custom name, for example KeepSolidVPN, and choose the .ovpn file that was automatically downloaded from your User Office. Then press Upload.

Method 2. Configure OpenVPN connection by yourself

 

1. Open the configuration file that was automatically downloaded to your device with any text editor and create separate text files - ca.key, cert.key, key.key. Paste the appropriate data from the .ovpn file to the corresponding text file.

  • ca.key – paste strings between <ca> and </ca>, including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----
  • cert.key – paste strings between <cert> and </cert>, including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----
  • key.key – paste strings between <key> and </key>, including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----

2. Navigate to the VPN tab > OpenVPN.

3. Type KeepSolidVPN in the Configuration name field, select Client configuration for an ethernet bridge VPN and click Add.

4. Press Edit > Switch to advanced configuration.

Note: If you don’t see the required parameters, select them in the dropdown menu at the bottom of the page, and click Add.

5. Navigate to the Networking tab and configure the following parameters:

  • port: 1194
  • float: unchecked
  • nobind: checked
  • dev: tun0
  • dev_type: tun
  • ifconfig: this field should be blank
  • comp-lzo: no
  • keepalive: 5 30
  • persist-tun: checked
  • persist-key: checked

Click Save.

6. Navigate to the VPN tab and enter the following settings:

  • client: checked
  • remote: paste the Domain name from your User Office and press +
  • remote-random: checked
  • proto: udp

Click Save.

7. Go to the Cryptography tab.

Click right to ca parameter > choose the previously created ca.key file > press Upload file.

Click right to cert parameter > choose the previously created cert.key file > press Upload file.

Click right to key parameter > choose the previously created key.key file > press Upload file.

8. Configure the following parameters:

  • auth: SHA512
  • cipher: AES-256-CBC
  • keysize: 256
  • tls_cipher: DHE-RSA-AES-256-SHA
  • ns-cert-type: server
  • remote-cert-tis: server

Click Save & Apply.

IV. Add OpenVPN interface and configure DNS settings

 

1. Go to Network > Interfaces. Click the Add new interface… button.

2. Enter the following data and click Submit:

  • Name: VPN_U
  • Protocol: Unmanaged
  • Interface: Custom Interface: tun0

Click Create Interface.

3. Enable the Bring up on boot parameter.

4. Go to the Advanced Settings tab and disable Use built-in IPv6-management.

5. Click Save.

6. Navigate to WAN > Edit > Advanced Settings. Uncheck the Use DNS servers advertised by peer parameter and set 10.200.0.1 value for Use custom DNS server. Press + button.

7. Go to the Firewall Settings tab.

8. In the Create / Assign firewall-zone field enter VPNU_FW.

9. Click Save.

10. Press Save & Apply.

11. Go to Network > Firewall, select VPNU_FW and click Edit.

12. In the General Settings tab, configure the following settings:

  • Input: reject
  • Output: accept
  • Forward: reject
  • Masquerading: checked
  • MSS clamping: checked
  • Covered networks: checked VPN_U
  • Allow forward from source zones: check lan

Click Save.

13. Go to VPN > OpenVPN

14. Mark checkbox Enabled for KeepSolidVPN and press Save & Apply

15. Wait for a minute and click Start.

Great! You’ve successfully set up and configured the OpenVPN client on your TP-Link TL-WR841N with OpenWrt 19.07 firmware. 

If you need to set up VPN on any other devices, check our Manuals page. If you have other questions or comments, feel free to contact our customer support via [email protected].

 

“OpenVPN” is a registered trademark of OpenVPN Inc.

Get VPN Unlimited right now!

Select you perfect subscription plan (like VPN Lifetime plan) and get a 30-day money-back guarantee.