What is a VPN?
A VPN is a virtual private network that uses a public network such as the internet to connect private networks together, securely, at multiple locations.
Why would I want to setup a VPN?
A VPN can have a number of uses, these include:
- Secure access to your network from an insecure location, such as a free Wi-Fi hotspot.
- Privacy – when connected to a VPN all your internet traffic can be routed through the VPN, this is useful as no one else connected to the free Wi-Fi hotspot can see what you’re doing on the internet.
- Bypass content restrictions – maybe you are visiting a country that is very restrictive with what can be access on the internet. Say you are in China for example and you wanted to access a blocked website, such as Facebook. You could connect to your home VPN, now any website you access will be going through the VPN to your home internet connection, so will not be blocked.
What is Tomato?
Tomato is a custom firmware for various routers that add’s many additional features and improvements over the manufactures stock firmware. You can read more about Tomato and the various versions of the firmware here: http://en.wikipedia.org/wiki/Tomato_(firmware)
What is OpenVPN?
OpenVPN is a free and open source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections.
We will presume your router is already running a version of the Tomato firmware that supports VPN’s.
Log on to your routers web interface, by default this is: http://192.168.1.1/
Click the VPN tunnelling menu, then select server.
In the basic tab:
Select: Start with wan
Interface type: TAP
Authorization Mode: Static key
In the advanced tab:
The settings here can be left as default (seen in the picture below) all you need to do is add
in the custom configuration box
push "redirect-gateway def1"
In the keys tab:
We need to generate a secure key that will be used by the VPN Server to authorise VPN clients, to do this we must install OpenVPN, I would recommend you do this on the computer you wish to connect to the VPN connection as you will need it installed on that anyway.
Go to \OpenVPN\Utilities in the start menu, then right click on Generate a static OpenVPN key and select run as admin
A static key should be generated for you and saved in: C:\Program Files (x86)\OpenVPN\config\key.txt
Open key.txt and copy the following (your key will be different to this)
-----BEGIN OpenVPN Static key V1-----
-----END OpenVPN Static key V1-----
Now paste this key in to the keys tab on the routers web interface
Now save your settings and press the start now button, all been well your router will now be running a VPN server.
If you have a dynamic IP address it would be a good idea to setup a Dynamic DNS service, this will update your hostname with the Dynamic DNS provider every time your ip address changes.
For example if I setup digiex.no-ip.org everytime my router detected my ip address had changes it would update digiex.no-ip.org with my new IP, ensuring I can always access my VPN at digiex.no-ip.org.
Tomato support many Dynamic DNS providers that can be configured under Basic > DDNS
I have personally used No-IP - Dynamic DNS, Static DNS for Your Dynamic IP for many years now with no problems what so ever
Configuring your OpenVPN client:
Now your router is setup as an OpenVPN server, we need to configure OpenVPN on the computer you wish to connect to the VPN with.
Open the Key.txt file you generated earlier in Notepad, and go File > Save As and type “static.key” as the file name, then for filetype select all files and save the key.
Now we need to create a config file for OpenVPN, copy and paste the configuration below in to Notepad
Change “remote digiex.no-ip.org” to either your static ip address or the Dynamic DNS hostname that will resolve to your Dynamic IP address e.g. “mynetwork.no-ip.org”
The rest of the settings should be fine for your home network, if your routers ip address is not 192.168.1.1 change this to what ever your routers ip address is.
Now go to and go File > Save As and type “Home Network.ovpn” as the file name, then for file type select all files and save the config settings.
Copy your static.key and Home Network.ovpn settings in to C:\Program Files (x86)\OpenVPN\config
Now run OpenVPN GUI with admin rights (right click, run as Administrator)
Now you can right click on the system tray icon and connect to your VPN, if you have more than one VPN config you will be able to select which VPN you wish to connect to.
Your VPN should connect and you can now access your home network and the internet, securely from anywhere in the world.
How can i check the VPN is working and my traffic is secure?
To check your internet traffic is going through the VPN go to Digiex IP Address Detector before connecting to the VPN and make a note of your IP address.
After connecting to the VPN connection your IP address should change and be that of your home internet connection.
If you also check the Device List in Tomato you will see you have been assigned an IP address on your home network.
You should also be able access shared files, printers, media and any other services on your home network, just like you were physically connected to the network
Thats it, if you have any questions do ask and i will do my best to try answer them.