How to configure OpenVPN for Tomato Routers

Last updated:

router

Need a VPN for your router?

Get ExpressVPN Now
refer a friend

Love ExpressVPN? Want a free month?

Refer a friend now

To set up ExpressVPN on your Tomato router, you will first need to download the OpenVPN configuration files. Follow these instructions to configure your router with OpenVPN.

Jump to…

Download the VPN configuration files
Configure your router
Connect to the VPN server location

Download the VPN configuration files

Begin by signing in to your ExpressVPN account.

sign in to your expressvpn account

Once you’ve clicked the link in the welcome email or signed in to the website, click on Set Up on More Devices.

set up on more devices windows

Click on Manual Config on the left side of the screen and then select the OpenVPN tab on the right. You will first see your username and password and then a list of OpenVPN configuration files.

Download and save the .ovpn file(s) or locations (e.g. Los Angeles, New York, etc.) that you wish to connect to.

Note: Please have your username and password ready, as you will be asked to enter them later in the setup process.

new openvpn manual configuration

Need help? Click here to contact the ExpressVPN Support Team via Live Chat

Back to top

Configure your router

On your standard web browser, go to your router’s settings page or control panel (Default address is 192.168.1.1, unless changed)

On your router’s control panel, click on the VPN Tunneling tab, and then select OpenVPN Client.

tomato openvpn port 1195

Follow the settings for each of the tabs based on the screenshots below.

Basic

In the Basic tab, copy the settings below. Please also remember to enter the username and password you found earlier.

tomato openvpn basic

Note: You can find your server address and port in the .ovpn config file you downloaded earlier. Open the .ovpn config file using any text editor. Copy any of the “remote” server cluster names listed in the config file, and paste it into the Server Address/Port field of the OpenVPN basic control panel. Do the same for the port.

copy the server address from the .ovpn config file

Advanced

In the Advanced tab, copy the settings from the screenshot into your control panel.

Copy and paste the following text into the Custom Configuration field, then click Save:

tun-mtu 1500
fragment 1300
mssfix 1450
keysize 256
auth SHA512
sndbuf 524288
rcvbuf 524288

openvpn-client-configuration

Note: If the above custom configuration parameters don’t work, try the following:

keysize 256
auth SHA512
fragment 1300
mssfix 1450
ns-cert-type server
persist-key
persist-tun

Keys

In the Keys tab, copy and paste the text from the .ovpn configuration file into the correct fields.

openvpn keys tab

Copy-paste the text in between the <tls-auth> and </tls-auth> block into the Static Key field. See sample image below:
tls auth key sample

Copy-paste the text in between the <ca> and </ca> block into the “Certificate Authority field. See sample image below:
ca crt key sample

Copy-paste the text in between the <cert> and </cert> block into the Client Certificate field. See sample image below:
client cert sample

Copy-paste the text in between the <key> and </key> block into the Client Key field. See sample image below:

client key sample

Once done, just click on Save.

Need help? Click here to contact the ExpressVPN Support Team via Live Chat

Back to top

Connect to a VPN server location

To connect, click on Start Now and wait for around a minute or two for the connection to get fully established.

Click on the “Status” tab to check if you’re now connected.

openvpn status

Need help? Click here to contact the ExpressVPN Support Team via Live Chat

Back to top

Was this article helpful?55 5
Sorry about that!
Submit Feedback
Chat with a human now
Contact Support now
Undo