Disclaimer: Please keep in mind that, although the technical process is documented as much as possible, you need to have at least some technical understanding. There's always a chance for an overseen mistake and/or things have changed and the article may not be updated yet.
Requirements:
Create the OpenVPN configuration directly from the ZenMate Account Dashboard by going to My Devices and choosing OpenVPN:
- Protocol - Choose OpenVPN TCP or UDP;
- Country - The country where the IP will be from;
-
Server Group - Choose from the available choices;
Press Save. - Press View Configuration and the hostname, the Username and Password will be displayed to you.
The Username and Password are to be used for your OpenVPN configuration but the ZenMate username and password associated to your account will be the ones used to log-in the Account Dasboard or into the ZenMate application.
How to configure ZenMate on your router:
First make sure that you can connect to the Internet through your router.
Access your DD-WRT Router dashboard from your preferred Internet Browser software.
*The default access address is: http://192.168.1.1 but it will differ if you have assigned a different one to your router.
1. Click on Setup > Basic
Connection Type: choose Automatic Configuration - DHCP in the drop-down menu.
Local IP Address: default is 192.168.1.1
2. Under Network Address Server Settings (DHCP), set the DNS addresses:
Static DNS 1 = 8.8.8.8
Static DNS 2 = 8.8
Static DNS 3 = 0.0.0.0 (default)
Use DNSMasq for DNS = Checked
DHCP-Authoritative = Checked
Then, Save and Apply settings.
3. Navigate to Setup > IPV6. Set IPv6 to Disable - then Save & Apply Settings.
(this is a recommended step to make sure you get no IP leaks)
4. Access again your router interface(dashboard) and head to Services > VPN and from the bottom of the page choose Enable next to Start OpenVPN Client.
Once OpenVPN client is enabled, the interface will display more choices to fill in:
- Server IP/Name: Fill in with the hostname that was generated for you in your ZenMate account
- Port: 443
- Tunnel Device: TUN
- Tunnel Protocol: UDP or TCP (depending on the choice when generating the configuration)
- Encryption Cipher: AES-256 CBC
- Hash Algorithm: SHA256
- User Pass Authentication: Enable
- Username: The Username that was generated when generating the configuration
- Password: The Password that was generated when generating the configuration
- Advanced Options: Enabled
- TLS Cipher: None
- LZO Compression: Disabled
- NAT: Enabled
- Firewall protection: Enabled
- IP Address: leave blank
- Subnet mask: leave blank
- Tunnel MTU setting: 1500
- Tunnel UDP Fragment: leave blank
- Tunnel UDP MSS-FIX: Disable
- nsCertType verification: Leave unchecked
- TLS Auth Key: Leave blank
- Additional Config: Go to the folder where the ZIP file was downloaded and extract the contents of the ZIP. Once the 4 files are visible, open the openvpn.ovpn file with a text editor:
- Once open, select the passage from 'resolv-retry infinite' to 'verb 4' and right-click > COPY the selected text and with the text copied, please paste the text back in the router dashboard and choose PASTE:
Policy based Routing: leave blank
PKCS12 Key: leave blank
Static Key: leave blank
CA Cert: In this box please copy all of the text found in the 'CA.crt' file.
Public Client Cert: In this box please copy all of the text found in the 'client.crt' file.
Private Client Key: In this box please copy all of the text found in the 'client.key' file.
Click on 'Save' and then on 'Apply Settings'.
5. With all of the above information filled in and configured in your router dashboard, the final steps can be approached:
Click on Administration and choose Commands:
In the 'Command Shell' field, input the following commands (from this article, select all commands beginning with 'iptables' > copy):
iptables -I FORWARD -i br0 -o tun1 -j ACCEPT
iptables -I FORWARD -i tun1 -o br0 -j ACCEPT
iptables -I INPUT -i tun1 -j REJECT
iptables -t nat -A POSTROUTING -o tun1 -j MASQUERADE
Right-click in the 'Commands' box > PASTE > click on 'Save Firewall'. With this change, please wait up to 2 minutes for them to be effective.
A router reboot will be needed so head to 'Administration' > Management > scroll all the way down and click REBOOT ROUTER.
NOTE : You may need to wait some time (upwards of 1 minute, depending on the router) for the settings to apply.
Each time you set a different country, rebooting the router will be mandatory.
Finally, restart your browser (this is extremely important because location info may be cached in the browser) and visit a website like iplocation.net to verify the change of your IP.
Comments
0 comments
Please sign in to leave a comment.