How to set up FastVPN on a Tomato Router

This tutorial will guide you through configuring FastVPN OpenVPN in Tomato firmware and will allow you to establish a permanent VPN tunnel from your router. This guide was prepared and based on OpenVPN installation on a Netgear Nighthawk 7000 router that has been flashed with Tomato OpenVPN firmware.

Before getting started

To configure OpenVPN on Tomato firmware, you will need:

  • A secure FastVPN connection (Don’t have one? Sign up here!);
  • An internet connection;
  • Tomato flashed router.
IMPORTANT NOTE: Regardless of what model router you have or the version of Tomato firmware you are installing, there is a small chance of bricking your router (i.e., making the router completely useless) if the process of putting Tomato on the router does not complete properly. Please thoroughly read and follow the related documentation regarding the updating procedure for your router.

1. Log in to the router control panel by entering the router’s default IP address 192.168.1.1 to the address bar of your preferred browser (if you changed your router default IP address, enter the new one into your browser instead). While connecting using 192.168.1.1, the URL may be changed to http://192.168.1.1.


2. You will be redirected to the user interface of the router where you will need to select VPN listed under Status Overview on the left sidebar:


3. Click on the OpenVPN Client option and you will see the Basic tab.


4. Enter the details as given below:

  • Start with WAN: Click to enable
  • Interface Type: TUN
  • Protocol: UDP or TCP. However, UDP is the fastest and most preferred protocol
  • Server Address/Port: Choose a server from our server list in the FastVPN Account Panel / 1194.
  • Firewall: Automatic
  • Authorization Mode: TLS
  • Username/Password Authentication: Click to enable
  • Username: Your VPN accountusername available from the FastVPN Account Panel in the username@namecheap format
  • Password: Your VPN account password available from the FastVPN Account Panel
  • Extra HMAC authorization (tls-auth): Disabled
  • Create NAT on tunnel: Click to enable
Once done, click on the Save button at the bottom of the page:


5. Navigate to the Advanced tab and enter the details as given below.

  • Poll Interval: 0
  • Redirect Internet traffic: Leave unchecked
  • Accept DNS configuration: Set to disabled
  • Encryption cipher: AES-256-CBC
  • Compression: Adaptive
  • TLS Renegotiation Time: -1
  • Connection retry: 30 seconds
  • Verify server certificate (tls-remote): Leave unchecked
  • Custom Configuration box: Copy and paste the following italicized text into this box:
    persist-remote-ip

    remote-cert-tls server

    keysize 256

    tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SH
Click on the Save button:


6. Copy and paste the whole content of the text file into the Certificate Authority box and click the Save button:


7. Leave the default settings for Routing Policy and Status. Click on the Save buttons given on the bottom of both the tabs:


8. Navigate back to the Basic tab and click on the Start VPN Client play button to start connecting FastVPN via the OpenVPN protocol.


9. You can confirm the connection status from the Running prompt displayed next to the VPN Client:


To disable the FastVPN connection, click on the Stop VPN Client button:


If you need any further assistance, please contact our Support Team.
Updated
Viewed
346 times

Need help? We're always here for you.