This tutorial will walk you through configuring a router using DD-WRT firmware version 3.0-r44715.
If you want a router based configuration but do not want to set it up yourself, FlashRouters offers plug and play DD-WRT Routers preconfigured Private Internet Access Routers for this setup.
Before starting, be sure you have downloaded the configuration file you would like to use for your connection. For this guide specifically, we have used the California file from the collection labeled Default, be sure to decompress the file so you can access the contents.
Step 1. Setup - Basic Setup : assure you are using the appropriate time settings for your location, this is done to prevent types of connectivity problems.
1. Assure NTP Client is Enabled.
2. Set Time Zone to your real local time.
3. At the bottom of the page, click Apply Settings.
Step 2. Setup - IPv6 : to prevent leaks over the the IPv6 protol, turn it off in the Setup > IPv6 tab, highlighted in orange in the image below.
1. Set the radio button for IPv6 to Disable
2. Click Apply Settings.
Step 3. Services - VPN : turn on the VPN Client so that you will be provided with the fields to input of the VPN configuration specifics, then input the specific VPN configuration details.
1. Under the OpenVPN Client header, click Enable for the Start OpenVPN Client option.
2. Input the Server IP/Name — you can locate this on the remote line of OpenVPN configuration files we provide. (This guide has used us-california.privacy.network.)
3. Input the Port number, specific to the dependencies table below.
| AUTH | CIPHER | CERTIFICATE | UDP PORT | TCP PORT |
|---|---|---|---|---|
| SHA1 | AES-128-CBC/GCM | ca.rsa.2048.crt | 1198 | 502 |
| SHA256 | AES-256-CBC/GCM | ca.rsa.4096.crt | 1197 | 501 |
4. For Tunnel Device PIA VPN connections use a TUN interface.
5. Tunnel Protocol will be set to UDP in this guide. In most cases UDP provides better speeds than TCP. If TCP is used, be sure to use the port shown in the dependencies table.
6. Encryption Cipher is also specific to your preferences from the dependencies table.
7. Hash Algorithm is another setting specific to your preferences from the dependencies table.
8. First Data Cipher should be set to None.
9. Second Data Cipher should be set to Not set.
10. Third Data Cipher should be set to Not set.
11. User Pass Authentication must be set to Enable.
12. In the Username field, input your PIA username — that is always in the format of p1234567 and cannot be replaced with any other information.
13. The Password field requires the input of the password for your PIA account, which is assigned to you, but you have the ability to customize in the client control panel.
14. The CA Cert will need to be downloaded from the dependencies table, specific to the encryption you are using. Links for each of the three certificates can be found in the dependencies table at the beginning of the guide. Open the certificate in a text editor and copy the contents into the CA Cert field. (Note : The contents of this must include the begin and end certificate lines as well, be sure to copy the whole thing.)
15. The Config section will require multiple specific lines of text; copy and paste the following into this field:
persist-key persist-tun tls-client remote-cert-tls server pull-filter ignore "auth-token" copy copy
16. At the bottom of the page, click Apply Settings to save what you have done and set-up the connection.
Your router is now set up to establish a PIA VPN connection. You can confirm the status of your connection in the Status > OpenVPN tab, shown highlighted in orange.
If the connection does not start after specifying and applying the settings, power down you router, wait 10 seconds, and turn it back on — that should initiate the VPN connection as the router reboots.