< Back

DD-WRT router tutorial

Please note that we recommend downloading our apps to ensure the best performance & security, as well as the easiest setup. We offer apps for Windows, macOS, Linux, Android, iOS, Chrome, Firefox, and Fire TV at the moment. If your device doesn’t support VPN apps, you can probably set up our Smart DNS on it to unlock geo-restricted content.


DD-WRT is a custom firmware that can be installed on many different routers. This article will guide you through setting up OpenVPN on DD-WRT to connect to Surfshark servers.

You can check if your router supports DD-WRT firmware here. If it does, please follow this article to safely install the custom firmware on your device.

Please note, that Surfshark is not to be held responsible for any damage done to the router or void of warranty that could be caused by flashing the custom firmware.


This guide has been made using this configuration:
Firmware: DD-WRT v3.0-r35667 std (04/04/18)
Hardware: Netgear Nighthawk AC1900 Model R7000


1. First of all, you will need to set up Surfshark’s zero-knowledge DNS servers. In the DD-WRT control panel open the Setup tab, scroll down to the Network Address Server Settings (DHCP) and enter the following information:

Static DNS 1 =
Static DNS 2 =
Static DNS 3 = (default)
Use DNSMasq for DHCP = Checked
Use DNSMasq for DNS = Checked
DHCP-Authoritative = Checked


Then, click Save and Apply Settings.


2. Click on the Service tab and then select VPN. Then, Under the OpenVPN Client, click the Enable option.

3. Enter the following information:

Server IP/Name: for this tutorial we selected a server in the US, however you should connect to the server that is best suited for you. To get the name of the server, please navigate to the third step after clicking here.

Port: 1194;
Tunnel Device: TUN;
Tunnel Protocol: UDP;
Encryption Cipher: None;
Hash Algorithm: SHA-512;
User Pass Authentication: Enable;
Username: Your Surfshark service username;
Password: Your Surfshark service password.

You will find the Surfshark service credentials at the bottom of the page here

If you want to connect to Surfshark’s servers using OpenVPN TCP, please select Port 1443 and Protocol TCP.

Note: If there are no Username and Password fields, please enter the other fields and proceed to step 3.1.

Advanced Options = Enable (this will enable additional options);
TLS Cipher: None;
LZO Compression: Disabled;
NAT: Enable;

You should not change any other fields.



3.1. (Optional, depending on step 3.) If you do not see any fields to enter your credentials, please advance to Administration > Commands, and enter these commands:

PASSWORD" > /tmp/openvpncl/user.conf
/usr/bin/killall openvpn
/usr/sbin/openvpn --config /tmp/openvpncl/openvpn.conf --route-up /tmp/openvpncl/route-up.sh --down-pre /tmp/openvpncl/route-down.sh --daemon

Please make sure to replace USERNAME and PASSWORD with your Surfshark service credentials that can be found at the bottom of this page here. Click Save Startup, and return to the previous VPN tab.


4. In Additional Config field enter these commands:

remote-cert-tls server
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
reneg-sec 0
cipher AES-256-GCM
auth SHA512
log /tmp/vpn.log


5. You will find the  CA certificates and TLS auth keys in the .ovpn files that you download from the setup page here.


6. Open the given configuration file with a text editor (eg. WordPad or Notepad++, as Notepad does not support the same formatting).


7. Copy the text after the <ca> tag to the CA Cert field. Make sure to copy the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines as well


8. Then, copy the text after the <tls-auth> tag to the TLS Auth Key field. Also, copy the -----BEGIN OpenVPN Static key V1----- and -----END OpenVPN Static key V1----- lines.


9. Make sure you have entered everything correctly and then click Save and Apply Settings.



10. To check if the VPN client is working correctly, navigate to Status > OpenVPN tab in the main menu.

You should see the following message: Client: CONNECTED SUCCESS under the State.

If you do - congratulations - you have successfully connected to Surfshark’s servers using OpenVPN protocol. Happy surfing!


Was this article helpful?