I wanted to tell you i managed that openVPN is working. I’m using the Turris Omnia with PrivateVPN from Sweden (Best Country in the world by human rights and ethical standards). Btw. Speed with VPN over PrivateVPN: 50Mbps without VPN & 38Mbps with VPN.
But at first, what is working and how you can set it up:
- Go 192.168.1.1 -> LuCI -> Login -> System -> Software -> Download and install package: luci-app-openvpn openvpn-openssl openvpn-easy-rsa -> OK -> Service -> OpenVPN -> Load the .ovpn file in and name it -> Upload
- Edit your created VPN -> edit “auth-user-pass” to "auth-user-pass yourcreatednamehere.auth -> add this in the option section below:
connection retry -1
keepalive 3 10
pull-filter ignore “auth-token”
You can choose more than 1 location and the router will select one server randomly every time a new connection is established:
remote de-fra.privatevpn.com 1194 udp
remote de-fra1.privatevpn.com 1194 ud
remote [Add how much server you want]
-> in the extra box below you write your login data in 2 lines like this:
-> after this save and go back
3. click on the enable Checkbox(VPN only work when this is checked, without the checkbox the start button do nothing (User Experience very bad) -> save % apply -> Start the VPN with “start” -> There should be now a yes for started!
Go to Network -> Interfaces -> Add new interfaces -> Named it like you want, i used “VPN” -> Protocol: Unmanaged -> On the new created Interface “Edit” -> Advanced Settings "Bring up on Boot checked and "Use built-in IPv6-management unchecked -> Physical Settings -> Custom Interface type in: tun0 -> Save & Apply
WARNING: Don’t create a new Firewall in the Firewall Settings here, your Turris Omnia will crash and you must do a reset!
Go to Network -> Firewall -> Add -> Name it: VPN or what you want, Input reject, output accept, Vorwort reject, Masquerading and MSS clamping checked, covered networks: VPN(your created interface), Allow forward form source zones: lan should be checked -> create
Change nothing with your wan, should look the pictures i uploaded below, there should be a arrow with reject on VPN and Wan. -> Save & Apply all
Edit now the Lan on the same page -> Allow forward to destination zones: VPN checked -> uncheck all wan, because you don’t want a dns-leak
Now your vpn should work and your internet will only work with VPN
-> For a stable connection without manual reboot in the router (Connection down -> openVPN Settings -> Stop / Start -> Connection Online) and with the use of “remote-random” you can get a always on connection with server roulette when the connection is down and reconnect: