# OpenWRT - Set up OpenVPN

#### Install Packages:

```bash
opkg update && opkg install luci-app-openvpn openvpn-easy-rsa openvpn-openssl
```

1. Get the `OpenVPN` configuration file (usually ending in `.ovpn`)
2. Navigate to `VPN` --> `OpenVPN`
3. Click `Browse` and selelect the `.ovpn` file
4. Click `Upload`
5. Click `Edit`&#x20;
6. In the bottom empty field, enter your credentials, each on new line.
7. Copy the auth-user-pass path in brackets (shown in red in the picture) and paste it next to the auth-user-pass option in the OVPN config.&#x20;
8. Press Save, and click on `VPN` -> `OpenVPN` in `OpenWRT` menu.
9. Press `Save & Apply`.
10. Navigate to `Networking` -> `Interfaces`.
11. Click the `Add new interface` button.
12. Name: OpenVPN
13. Click on `Interface` and write `tun0` in the textbox, and press enter.&#x20;
14. Click on Create interface button.
15. Make sure there is a checkmark on `Bring up on boot`
16. Click `Save`
17. Click on `Save & Apply` in the Interfaces screen&#x20;
18. Navigate to `Network` --> `Firewall`
19. Scroll to the bottom of the screen to the Zone section, and `Add` a new Zone.&#x20;
20. In the General Settings tab, set name to `OpenVPN_fw`, change `Input` to `reject`, `Output` to `accept`, `Forward` to `reject`.
21. Put check mark on both `Masquerading` and `MSS clamping`
22. Covered networks – select `OpenVPN`
23. In the `Allow forward from source section`, `lan`.&#x20;
24. Press `Save`
25. Press `Save & Apply` on `Firewall` - Zone settings
26. In the top menu, go to `VPN` -> `OpenVPN`. Set the `checkbox` `Enabled` for VPN connection you just created, and click `Save & Apply.`
27. After the `settings are saved`, click `Start` button next to the VPN connection.&#x20;

Done!


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.arkannis.net/networking/openwrt/openwrt-set-up-openvpn.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.