John thanks for update and implementing new features such as open vpn. Questions if i may ask.
I'm planning to get this vpn service as it has tested 87Mbps speeds which is what i have 90/12 service.
They support open vpn but would your firmware features support the router config. At first glance when i take a look it seems it does but there may be one feature that may be missing or not available so wanted to check first. Also will my ip address change with router and open vpn config or stays static?
They also have openvpn config files and certs so in theory should work but wanted to run it by you
https://vpn.ac/ovpn/
https://vpn.ac/knowledgebase/47/OpenVPN-on-TomatoUSB-Router.html
https://vpn.ac/knowledgebase/43/OpenVPN-on-DD-WRT-Router.html
This is configuration tutorial for vpn.ac vpn service threw router config. They support RT-66u but with tomato firmware.
This OpenVPN tutorial was created using TomatoUSB v. 1.28 by shibby. If you have a different release and require our help, let us know.
1. Login to TomatoUSB router's web GUI
2. Go to VPN Tunneling > OpenVPN Client
3. Under Client 1 > Basic tab, use the following settings:
Start with WAN: Check if you want the VPN to connect automatically on router restart
Interface Type: TUN
Protocol: UDP
Server Address: nl1.vpn.ac (or other, get the hostname from vpn.ac/status), port 1194 or 53, 6112
or use a server's IP address instead of hostname - recommended in case you experience problems when reconnecting, client not being able to resolve hostname.
Firewall: Automatic
Authorization mode: TLS
Username/Password Authentication: checked
insert your VPN user and pass
Username Authen. Only: checked
Create NAT on tunnel: checked
Screenshot of Basic tab with correct settings
Open the Advanced tab:
Poll Interval: 0
Redirect Internet traffic: checked
Accept DNS configuration: Exclusive
Encryption cipher: BF-CBC
Compression: Disabled
TLS Renegotiation Time: -1
Connection retry: 30
Verify server certificate (tls-remote): unchecked
Custom configuration:
persist-key
persist-tun
tls-client
remote-cert-tls server
Screenshot of Advanced tab with correct settings
Open keys tab:
Add the CA:
-----BEGIN CERTIFICATE-----
MIIDljCCAv+gAwIBAgIJANMiwLWxktowMA0GCSqGSIb3DQEBBQUAMIGPMQswCQYD
VQQGEwJSTzEMMAoGA1UECBMDQlVDMRIwEAYDVQQHEwlCdWNoYXJlc3QxDzANBgNV
BAoTBlZQTi5BQzEPMA0GA1UECxMGVlBOLkFDMQ8wDQYDVQQDEwZWUE4uQUMxDzAN
BgNVBCkTBlZQTi5BQzEaMBgGCSqGSIb3DQEJARYLaW5mb0B2cG4uYWMwHhcNMTIx
MTI2MTI0NDMzWhcNMjIxMTI0MTI0NDMzWjCBjzELMAkGA1UEBhMCUk8xDDAKBgNV
BAgTA0JVQzESMBAGA1UEBxMJQnVjaGFyZXN0MQ8wDQYDVQQKEwZWUE4uQUMxDzAN
BgNVBAsTBlZQTi5BQzEPMA0GA1UEAxMGVlBOLkFDMQ8wDQYDVQQpEwZWUE4uQUMx
GjAYBgkqhkiG9w0BCQEWC2luZm9AdnBuLmFjMIGfMA0GCSqGSIb3DQEBAQUAA4GN
ADCBiQKBgQDZ6bE44ampTNnDBqsB/J5tS41UHTkxk8sswATe7R32+mn87hwLzfhz
uRP4sRPLKTcM+7zGgfgyMU2wvF2N1+4Vyr+BxTRNKZIuGvoUwqFvOU7kGMrSW4Hx
R2Z1dr+IVhtDGYg3C3zHZcRDOMZZzufG1rxl0rWBF8atkkvwhWwIRQIDAQABo4H3
MIH0MB0GA1UdDgQWBBQE14ZZ8yiLb6jsy9j8168FwkhNEzCBxAYDVR0jBIG8MIG5
gBQE14ZZ8yiLb6jsy9j8168FwkhNE6GBlaSBkjCBjzELMAkGA1UEBhMCUk8xDDAK
BgNVBAgTA0JVQzESMBAGA1UEBxMJQnVjaGFyZXN0MQ8wDQYDVQQKEwZWUE4uQUMx
DzANBgNVBAsTBlZQTi5BQzEPMA0GA1UEAxMGVlBOLkFDMQ8wDQYDVQQpEwZWUE4u
QUMxGjAYBgkqhkiG9w0BCQEWC2luZm9AdnBuLmFjggkA0yLAtbGS2jAwDAYDVR0T
BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQA3jbSdw0ShUj3yV9LlW//MutZpQc67
bXexaRrLvbDgFywOE5jdIeYMQzn3T4/Uj17B6qHZjFwWIkiE7Q2a1ShmHwFFq4pS
NfDo/CDdcNRbQU7r8T4XorwVYGPmdxRVoZtejOb510lY5AP6P0pSBshC3zjTLpPi
qRI4JvSeZc4/ww==
-----END CERTIFICATE-----