How to set up OpenVPN on Keenetic router

In this tutorial, you will learn how to set up an OpenVPN connection on your Keenetic router.

In this guide you will learn how to:

In order to proceed, you will need an active Surfshark subscription. You can see the available plans on our order page. 



Find your login details


  1. Enter the page and generate your credentials for OpenVPN by following these steps: click on VPN > Manual Setup > Router > OpenVPN.

    You may need to log in when you do enter this page. In that case, simply enter your email and password and press "Log in".

  2. Once there, make sure that you are in the Credentials tab and click on Generate credentials. It is a good idea to keep this tab open for now, as we'll need it later.



Choose a Surfshark server


  1. Go to the Locations tab(which is on the same page) and locate the server that you wish to connect to.

  2. Click on the download icon to the right of the server name and click on Download UDP. 

     In this setup example, we have used the Vienna server. You'll have to reproduce the same steps with the server of your choice accordingly.



Configure the OpenVPN client


  1. Next up, open your browser and enter your Keenetic router's interface. To do so, open a browser of your liking, and enter this address into the URL bar:

    You can also simply enter the Gateway IP address into the URL bar. By default, it is

    Now, proceed to log in to your router (default username - admin and password 1234)

  2. Open the downloaded .ovpn configuration file with a text editor, such as Notepad or Notepad++:

  3. In the configuration files, we will have to delete all directives except the 4th line with the server address: remote 1194

    After opening the file, you should be greeted with a similar view:

    Proceed to delete the highlighted areas:

    Next up, scroll down if needed and delete the highlighted lines, before the line OpenVPN Static Key V1:

  4. Next up, we will need to add the following lines into the configuration:

    tun-mtu 1500
    tun-mtu-extra 32
    mssfix 1450
    ping 15
    ping-restart 0
    reneg-sec 0
    remote-cert-tls server
    pull-filter ignore "block-outside-dns"
    verb 3
    cipher AES-256-GCM
    auth SHA512
    key-direction 1

  5. Like so:

    The certificates should still be left in the file below:

  6. Now, a really important detail - we will have to enter the credentials from earlier.

    Please input them amongst the lines <auth-user-pass> and </auth-user-pass>

    Now the configuration of the OpenVPN tunnel is done. Make sure to save the edited file.

  7. Get back to your Keenetic router’s Web Interface and go to Internet > Other connections > VPN connections and click on Create connection:

  8. The connection settings window opens. Select Type (protocol) > OpenVPN.

  9. Return to the open .ovpn file. Highlight the contents of the file and copy the configuration to the clipboard:

    Back to the tunnel configuration. Paste the configuration from the clipboard in the OpenVPN configuration field. Enable Use for accessing the Internet, fill in the Connection name field, and enable Obtain routes from the remote side:

    Click Save.

  10. Turn on the configured VPN tunnel. If everything is configured correctly, the tunnel will have a Ready status:

  11. Next, under Connection priorities configure Internet access via the OpenVPN connection you have created.

    Go to the Connection priorities menu, click on Add policy and specify a policy name in the empty field. In our example, the openvpn-provider policy is intended to provide access exclusively through the Surfshark OpenVPN connection.

    In the right column (Connection), you need to mark only this connection and save the settings:

  12. On the Connection priorities page, click on the Policy bindings tab. The option Show all objects allows you to display all devices registered in local segments and the local network segments configured on the router.

  13. By holding down the Ctrl key on your keyboard, you can select multiple objects with the mouse. In our example, only one object (host MYHOST) needs to be moved to the previously added 'openvpn-provider' policy.

    In other words, you must select the devices that are affected by the VPN tunnel:



Make sure the connection is successful


And that is it - you’ve learned how to set up an OpenVPN connection on your Keenetic router. It's always recommended to check whether your connection was successful after setting up a VPN for the first time. This can be easily done by doing an IP leak test and a DNS leak test which is available on our website

You may also be interested in:

  1. How to set up a router with Surfshark?
  2. How to set up WireGuard on Keenetic router? 
  3. How to set up a VPN-protected Wi-Fi hotspot using Windows?


Was this article helpful?
Thank you for your feedback!