ASUS RT-AC66U Router OpenVPN Settings Help Needed

Hi All,

As the title clearly states I have a ASUS RT-AC66U router and need help setting up an OpenVPN connection.

I currently have PPTP set up, no issues with it other than it can be a bit slow some times. I understand from my very limited knowledge that OpenVPN should yield some better speeds for me.

Initially (just a quick background story) I was hoping to use the VPN on my Synology DS1511+ NAS and DX510 to create a tunnel for the Transmission / Download Station app to be able to mask only the torrent activity. I have since learned that this can be a real pain to set up and there's no kill switch support from the device anyway. 

Therefore I figured I'd just mask everything at home and chuck the settings on the router - less for the wife to worry about that way. After setting up SMTP servers correctly for email mail clients on our Mac's and iPhones it's pretty much all done. I've requested support from PIA but they basically said unless I flash my router then they wouldn't help.

So, this is what I have so far. Please tell me what I need to do. I'm new to this and although I'm pretty tech savvy, this is a new area for me, so please explain clearly. I really don't want to have to flash the router, though I do have an old WNDR3700 with DD-WRT on it in a drawer and might get that out one night and see if I can get that working.

Sorry, the picture's don't reflect exactly the wording above them, but you get the idea - follow the wording.

1. As you can see I can set up and have working PPTP no problem.

image

2. If I set up an OpenVPN connection and upload the .ovpn file I get a ‘Lack of certificate revocation’ error. I tried the connection, but it will not connect.

image


3.  I try going to the manual settings. I add the certificate revocation list information + paste the full ca into it's correct area including the '----begin / end-----' info. Still the connection does not work.

image


4. The manual settings screen I see.

image


I see other info floating around advising I should change the DNS servers, happy to do that - apart from quicker addressing would this actually affect the OpenVPN settings? (I think not, but advise me if I'm wrong). What am I missing?

Comments

  • Hello!

    Thank you for posting on our forums. I'm afraid that we don't have support documentation for setting up a router that isn't using a supported firmware, but other members here may have found methods of making a connection on this specific firmware. They're incredibly helpful and knowledgeable. I hope you can make this work and thank you very much for using our service!

  • the ca.crt content should be in the certificate authority section.

    don't expect good speeds with the AC66 - maybe 10megabits/sec
  • I think the ac66u runs a modified version of dd-wrt out of the box. So I suppose you can try to set it up as if it were running dd-wrt.
  • edited January 2016
    The Asus routers do not run DD-WRT unless you flash them with it. They seem to be running something very close to Tomato instead. And you can flash them to Merlin firmware to improve them in practically every way.
    http://asuswrt.lostrealm.ca/

    *Edit* The link to Merlin changed.
  • edited April 2015
    Ok I set up my RT-AC87U router yesterday.  

    Download the support files ZIP file, extract it in a folder somewhere safe.

    Import whichever OVPN file in the VPN settings.  Import the CA file as well, not sure if you have to click upload or not.  Change your DNS servers to the PIA servers to avoid DNS leaks and you're good to go (In your WAN DNS Setting).  I couldn't get mine to work for hours till I changed the DNS servers.

    I have yet to find a real stable version of DD-WRT for my router and didn't want to risk bricking it. So far I have uptime of about 30hrs with no drops.  Streamed Twitch, 1Channel videos, PS3 (Destiny) and haven't experienced lag or drops.

  • Why do you think DD-WRT will be better? Use Merlin. You can always go back or switch to any other firmware you like from Merlin, and that is not the case if you go DD-WRT first.
  • merlin firmware sure makes things easy.  installing entware on it makes it powerful.

    BTW, one thing to do for ease is combine the ca.crt content in the ovpn file for 1 click upload to router or other openvpn client.

    I have these lines in my .ovpn config file to do that.

    ca ca.crt
    ca [inline]
    <ca>
    paste whole cert content here
    </ca>




  • cosmoxl said:
    the ca.crt content should be in the certificate authority section.

    don't expect good speeds with the AC66 - maybe 10megabits/sec
    So you were spot on with this.  I got exactly 10mb/s on a 50mb/s connection.  What type of wireless router do you recommend to support that connection?
  • I hear that the AC68 and AC87 routers can each handle 50 megabits per second so long as you do not use AES-256. Use AES-128 or Blowfish for best speed while retaining unbreakable encryption.
  • I would upgrade to Merlin 380 firmware. It has vpn optimization in client 2 and 4. 
    Move your config to 2 or 4. Overclock your 66u to 1000mhz from 600mhz. 
    You should have 40mbps on client 2 after doing all that. 

  • Move also your ca cert to ca. It's in wrong place. Also add this to your custom config line 

    tls-client
    remote-cert-tls server
    reneg-sec 0
    verb 3

  • Also if you're not satified. Newegg has 87u refurb router for $144. If you apply for amer express they will have you $50 off of it so it's $94. Sell your 66u on ebay for $50 you pay only $44 for 1.4Ghz overclocked 87u router with 3 different cpu, 3rd cpu being only 5ghz bandwith. I reached 85Mbps peak on 5ghz, faster then wired as it runs on different cpu, encryption then runs on even different cpu. That's what i did .
  • Hey, not sure if you fixed this issue or not but I have the same router and had the same issue as you did. So, you'll need to manually upload the .crt certificate. Also, the thing that I was missing was I never provided the username and password (which is written as optional in the label..weird) which is your PIA's username/password. Don't forget to hit the "Upload" button in the .crt import section. If it says "Complete!" with no warning then you should be good.
  • I have just got an ASUS RT-AC66R and have no idea how to set it up to run VPN with my PIA account.  I need a step by step guide! could any of you guys help? Thanks.
Sign In or Register to comment.