In this tutorial, you will learn how to set up an OpenVPN connection on your Keenetic router.
In this guide you will learn how to:
- Find your login details
- Choose a Surfshark server
- Configure the OpenVPN client
- Make sure that the connection is successful
In order to proceed, you will need an active Surfshark subscription. You can see the available plans on our order page.
Find your login details
-
Enter the my.surfshark.com page and generate your credentials for OpenVPN by following these steps: click on VPN > Manual Setup > Router > OpenVPN.
You may need to log in when you do enter this page. In that case, simply enter your email and password and press "Log in".
-
Once there, make sure that you are in the Credentials tab and click on Generate credentials. It is a good idea to keep this tab open for now, as we'll need it later.
Choose a Surfshark server
-
Go to the Locations tab(which is on the same page) and locate the server that you wish to connect to.
- Click on the download icon to the right of the server name and click on Download UDP.
Note: In this setup example, we have used the Vienna server. You'll have to reproduce the same steps with the server of your choice accordingly.
Configure the OpenVPN client
- Next up, open your browser and enter your Keenetic router's interface. To do so, open a browser of your liking, and enter this address into the URL bar: my.keenetic.net
You can also simply enter the Gateway IP address into the URL bar. By default, it is 192.168.1.1
Now, proceed to log in to your router (default username - admin and password 1234) -
Open the downloaded .ovpn configuration file with a text editor, such as Notepad or Notepad++:
-
In the configuration files, we will have to delete all directives except the 4th line with the server address: remote at-vie.prod.surfshark.com 1194
After opening the file, you should be greeted with a similar view:
Proceed to delete the highlighted areas:
Next up, scroll down if needed and delete the highlighted lines, before the line OpenVPN Static Key V1:
-
Next up, we will need to add the following lines into the configuration:
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping 15
ping-restart 0
ping-timer-rem
reneg-sec 0
remote-cert-tls server
pull-filter ignore "block-outside-dns"
mute-replay-warnings
<auth-user-pass>
login
password
</auth-user-pass>
verb 3
pull
fast-io
cipher AES-256-GCM
auth SHA512
key-direction 1
-
Like so:
The certificates should still be left in the file below:
-
Now, a really important detail - we will have to enter the credentials from earlier.
Please input them amongst the lines <auth-user-pass> and </auth-user-pass>
Now the configuration of the OpenVPN tunnel is done. Make sure to save the edited file.
-
Get back to your Keenetic router’s Web Interface and go to Internet > Other connections > VPN connections and click on Create connection:
- The connection settings window opens. Select Type (protocol) > OpenVPN.
-
Return to the open .ovpn file. Highlight the contents of the file and copy the configuration to the clipboard:
Back to the tunnel configuration. Paste the configuration from the clipboard in the OpenVPN configuration field. Enable Use for accessing the Internet, fill in the Connection name field, and enable Obtain routes from the remote side:
Click Save.
-
Turn on the configured VPN tunnel. If everything is configured correctly, the tunnel will have a Ready status:
-
Next, under Connection priorities configure Internet access via the OpenVPN connection you have created.
Go to the Connection priorities menu, click on Add policy and specify a policy name in the empty field. In our example, the openvpn-provider policy is intended to provide access exclusively through the Surfshark OpenVPN connection.
In the right column (Connection), you need to mark only this connection and save the settings:
- On the Connection priorities page, click on the Policy bindings tab. The option Show all objects allows you to display all devices registered in local segments and the local network segments configured on the router.
-
By holding down the Ctrl key on your keyboard, you can select multiple objects with the mouse. In our example, only one object (host MYHOST) needs to be moved to the previously added 'openvpn-provider' policy.
In other words, you must select the devices that are affected by the VPN tunnel:
Make sure the connection is successful
And that is it - you’ve learned how to set up an OpenVPN connection on your Keenetic router. It's always recommended to check whether your connection was successful after setting up a VPN for the first time. This can be easily done by doing an IP leak test and a DNS leak test which is available on our website.
You may also be interested in:
- How to set up a router with Surfshark?
- How to set up WireGuard on Keenetic router?
- How to set up a VPN-protected Wi-Fi hotspot using Windows?