In this tutorial, you will learn how to configure the Surfshark VPN tunnel on your DD-WRT router. This method might be beneficial if you have devices that don't have VPN compatibility, or you wish to protect all the Wi-Fi-connected devices at your home with a VPN.
You will learn how to:
To proceed, you need to have a router with DD-WRT firmware and an active Surfshark subscription. It's worth mentioning that your router must have at least 8 MB of flash memory to maintain the VPN connection.
If you don’t have the subscription yet, you can get it here.
Find your login details
Surfshark service credentials are different from your Surfshark account credentials, namely your email address and your password. You’ll need Surfshark service credentials to connect to the VPN using a manual OpenVPN configuration that is explained below.
Here is how you can get your Surfshark service credentials:
- Go to this page of the Surfshark website. This is the page where you can find all the details required for manual connection.
You may need to log in before proceeding to this page. In that case, enter your email address and your password, then click Log in.
- Scroll down to the bottom of that page. You will find Surfshark service credentials there.
It is a good idea to keep this page open for now. You will need these credentials a bit later.
Choose Surfshark server
Every server (location) has a configuration file that you will need to use to connect to the VPN. You can download all configuration files from our website.
- Go to this page. It’s the same page where you can find the Surfshark service credentials.
- Find the list of servers.
- You will need a hostname of the VPN server. You can find the hostname below the flag icon of each location. If you wish to connect to Poland, copy the hostname for Poland - Warsaw or Poland - Gdansk servers. If you prefer connecting to Finland, copy the hostname of Finland - Helsinki server.
Configure the OpenVPN client
Before connecting to the VPN, you will need to configure the OpenVPN client on your router.
- First of all, you will need to open the control panel of your router.
You can reach it by entering the IP address of your router to the URL bar in your browser.
Most often, this IP address is used to reach DD-WRT router: 192.168.1.1
If this one does not work, try the following:
192.168.2.1 (Linksys/ Asus routers)
192.168.10.1 (Buffalo routers)
192.168.11.1 / 192.168.30.1 (Motorola and some others)
First of all, you will need to set up Surfshark’s DNS servers. In the DD-WRT control panel open the Setup tab, scroll down to the Network Address Server Settings (DHCP) and enter the following information:
Static DNS 1 = 220.127.116.11
Static DNS 2 = 18.104.22.168
Static DNS 3 = 0.0.0.0 (default)
Use DNSMasq for DHCP = Checked
Use DNSMasq for DNS = Checked
DHCP-Authoritative = Checked
Then, click Save and Apply Settings.
Then, click on the Service tab, select VPN, and find the OpenVPN client.
Enter the following information:
Server IP/Name: enter the server hostname that you have collected in the "Choose Surfshark server" section of this tutorial.
Tunnel Device: TUN;
Tunnel Protocol: UDP;
Encryption Cipher: None;
Hash Algorithm: SHA-512;
User Pass Authentication: Enable;
Username: Your Surfshark service username that you have found at the "Find your login details" section of this guide.
Password: Your Surfshark service password that you have found at the "Find your login details" section of this guide.
Note: If there are no Username and Password fields, fill in the other fields as specified in this tutorial and proceed to step 3.1.
Advanced Options = Enable (this will enable additional options);
TLS Cipher: None;
LZO Compression: Disabled;
We recommend that you avoid changing any other fields.
3.1. (Optional, depending on step 3.) If you do not see any fields to enter your credentials, please advance to Administration > Commands, and enter these commands:
echo "USERNAMEPlease make sure to replace USERNAME and PASSWORD with your Surfshark service credentials that can be found at the bottom of this page. Click Save Startup, and return to the previous VPN tab.
PASSWORD" > /tmp/openvpncl/user.conf
/usr/sbin/openvpn --config /tmp/openvpncl/openvpn.conf --route-up /tmp/openvpncl/route-up.sh --down-pre /tmp/openvpncl/route-down.sh --daemon
Also, add this line to the field of Additional Config:
In Additional Config field enter these commands:
- Copy the Static key from here and paste it to the TLS Auth Key field.
-----BEGIN OpenVPN Static key V1-----
-----END OpenVPN Static key V1-----
- Make sure you have entered everything correctly and click Save and Apply Settings.
Connect to the VPN
Once you click the Apply Settings after configuring your OpenVPN client, your router connects to the VPN automatically.
In order to disconnect from the VPN, go to Services -> VPN -> OpenVPN client and disable the OpenVPN Client. To reconnect, enable it again.
To make sure you have connected to the VPN, go to Status -> OpenVPN. If the connection was successful, you should see this:
Congratulations - you have successfully installed and configured Surfshark VPN on your router! As long as you’re connected, your location is private, and your sensitive data is secure.
If you have any further questions, our customer success team is here to help you 24/7 over a live chat or email.
You may also be interested in: