Disclaimer: Installation and use of any software made by third party developers is at your own discretion and liability. We share our best practices with third party software but do not provide customer support for them.
FlashRouters offers plug and play DD-WRT Routers preconfigured Private Internet Access Routers for this setup.
Note: If you are using TomatoUSB, or the steps below do not match your installation of the Tomato firmware, please refer to the following alternate setup for Tomato.
Step 1: In the Tomato router Administrative Interface, Click Administration and then Scripts and enter the following in the init section:
- echo username > /tmp/password.txt
- echo password >> /tmp/password.txt
- chmod 600 /tmp/password.txt
Note: Replace *username* and *password* with your actual PIA username and password.
For example, if your PIA username was p1234567 and password was 12345678, the first couple of lines would look like this:
echo p1234567 > /tmp/password.txt echo 12345678 >> /tmp/password.txt
The chmod command may not be necessary, but can help with permissions on certain firmware versions.
Step 2: Click Save
Step 3: On the Left side menu, Click VPN Tunneling and then Client.
Step 4: Choose Client 1 and then choose Basic
Step 5: Check Start with WAN
Step 6: Set Interface Type to Tun
Step 7: Set Protocol to UDP
Step 8: For the Server Address/Port type us-west.privateinternetaccess.com and port 1198 Or if you prefer to use a specific location, You can find the full list of locations here: https://www.privateinternetaccess.com/pages/network
Step 9: Set Firewall to Automatic
Step 10: Set Authorization Mode to TLS
Step 11: Set Extra HMAC authorization to Disabled
Step 12: Check Create NAT on tunnel
Step 13: Click Save
Step 14: Click on the Advanced tab
Step 15: Set Poll Interval to 0
Step 16: Uncheck Redirect Internet Traffic
Step 17: Set Accept DNS configuration to Enabled
Step 18: Set Encryption cipher to AES-128-CBC
Step 19: Set Compression to (Adaptive)
Step 20: For TLS Renegotiation Time, Type: -1
Step 21: For Connection Retry, Type: 30
Step 22: In the Custom Configuration, input the following:
- auth-user-pass /tmp/password.txt
- verb 1
- reneg-sec 0
Step 23: Click Save
Step 24: Click on the Keys tab and copy and paste the contents of ca.rsa.2048.crt into the Certificate Authority. The ca.rsa.2048.crt file can be found here: https://www.privateinternetaccess.com/openvpn/ca.rsa.2048.crt
Step 25: Click Save
Step 26: To connect Click on VPN Tunneling > Client > Status, and click on the Start Now button to connect.