How to Install and Use NordVPN With a DD-WRT Router

It’s a good bet that many of my readers use a WiFi router that has been flashed with DD-WRT firmware. A DD-WRT-enabled router offers numerous advantages to a stock WiFi router. DD-WRT is a free, UNIX-based open source firmware for routers. It allows users to access tools, utilities, and other features that aren’t available when using a router with the stock firmware that is installed out of the box.

DD-WRT firmware allows users to fine-tune their router’s security and performance. The firmware offers features that are normally only on routers costing hundreds more. Users can do such things as restrict the times a WiFi signal can be used (perfect for households with children) and even restrict access to websites.

Can a VPN Help Me Make my DD-WRT Router Traffic More Secure?

By using a Virtual Private Network (VPN) with your DD-WRT router, you can protect all of your connected devices through a centralized access point. Doing so also allows you to enhance access to geo-blocked content, such as streaming and gaming sites, that normally wouldn’t be available to your streaming and gaming devices.

While some VPN service providers offer the ability to use their service with specific router makes and models, DD-WRT firmware works with a larger variety of routers, providing expanded capabilities for VPN users.

In this article, I’ll walk you through setting up and using NordVPN on your DD-WRT router.

Installing DD-WRT on Your Router

I will not be walking you through installing DD-WRT firmware on your router, as that is beyond the scope of this article. For information on your router’s compatibility with DD-WRT, as well as instructions on installing DD-WRT firmware, visit the DD-WRT website.

For those of you who don’t want to deal with installing DD-WRT firmware on your router, there are routers that have DD-WRT pre-installed on them. Amazon, Best Buy, and numerous other merchants offer them.

Also, FlashRouters offers DD-WRT routers that are ready to go with NordVPN and other VPN providers.

Why NordVPN?

For those readers who are in search of a reliable method of VPN protection and enhancement for their DD-WRT router, I strongly recommend NordVPN.

NordVPN offers excellent compatibility with DD-WRT routers, providing flexible and reliable VPN protection for all of your connected devices. NordVPN’s DD-WRT router features deliver the same reliable online protection and access to geo-blocked content as their well-known and respected VPN apps for desktop and mobile platforms.

The provider’s connections are protected with military-grade 256-bit AES encryption, an automatic kill switch, and DNS/IP leak prevention to protect your online activities from being observed. A new, faster NordLynx connection protocol, which is based on the WireGuard protocol, is available on some devices.

The provider follows a strict no-server-logs policy and accepts cryptocurrency to protect your privacy. Its owned-and-operated server (in select locations) keeps outside contractors away from your personal information. In addition, NordVPN runs all of its servers from volatile RAM, writing no data to a physical hard drive. This ensures that all server data is completely wiped whenever a server is shut down or restarted.

In my most recent VPN connection speed tests, NordVPN delivered some of the fastest download speeds in the industry. This makes the provider an excellent option for router users, as the provider doesn’t horribly slow your connection, preserving plenty of bandwidth for all of your internet activities, like streaming and gaming.

You’re not always home, so NordVPN also has you covered while you’re out and about. The provider’s quality apps are available for Amazon Fire, Android, Android TV, iOS, Linux, macOS (including native Apple Silicon support), and Windows device platforms. Chrome, Edge, and Firefox browser users can protect their online travels with the provider’s browser extensions.

In all of the time I’ve used NordVPN, I’ve seldom had any service issues. However, when I have had issues or questions, the provider’s 24/7 customer support has been there for me. Support options include around-the-clock chat, a trouble ticket tracking system, email support, and a searchable support library.

NordVPN’s global server network is impressive thanks to its 5,500+ servers stationed in nearly 60 countries around the globe. That coverage provides access to geo-blocked content in most regions of the globe.

Add in low-priced extended subscription options, and you’ll find that NordVPN offers an excellent return on investment. NordVPN offers a no-risk, 30-day money-back guarantee.

The provider also offers its NordPass Premium password manager and its NordLocker Premium cloud storage service for added fees.

Read my full NordVPN review.

How to Set Up NordVPN on Your DD-WRT Router

You may at first look at the following instructions and blanche a bit, but don’t worry, these step-by-step instructions for installing NordVPN on your DD-WRT router will have you up and running in no time, providing protection and enhancement for all of your connected devices.

To set up NordVPN on your DD-WRT router, follow the steps listed below. Note: Any options not mentioned in this guide should be left with default values. (We’re setting up the router to connect using the OpenVPN protocol.)

1. Log in to your DD-WRT router’s Administrative Interface in your browser.

2. Navigate to Setup -> Basic Setup.

3. Under Network Address Server Settings (DHCP), enter this information:

Static DNS 1: 103.86.96.100

Static DNS 2: 103.86.99.100

Static DNS 3: 0.0.0.0 (default)

Use DNSMasq for DHCP: Checked

Use DNSMasq for DNS: Checked

DHCP-Authoritative: Checked

4. Save and Apply settings.

5. Navigate to Setup -> IPV6. Set IPv6 to Disable. This is a recommended step to make sure your IP address doesn’t leak.

6. Click Save, and then Apply Settings.

7. Navigate to Services -> VPN.

8. Under OpenVPN Client, set Start OpenVPN Client to Enable in order to see the options necessary for this configuration.

9. Set the following:

Server IP/Name: For this tutorial, I’m using: “us8221.nordvpn.com”, but you should connect to a server suggested to you here. You can find the server hostname right under the server title.

10. Click the “Show available protocols” link you’ll find on the page I linked to in step 9 and download the OpenVPN UDP or TCP configuration file, which will be needed later. (UDP is faster, as it doesn’t do error checking. TCP is a bit slower, but checks for errors in packets. Most users will find that UDP works just fine. But if you run into reliability issues using UDP, switch to TCP.)

11. Enter the following in the DD-WRT dashboard:

Port: 1194 (or 443 for the TCP protocol)

Tunnel Device: TUN

Tunnel Protocol: UDP (or TCP)

Encryption Cipher: AES-256-CBC

Hash Algorithm: SHA-512

User Pass Authentication: Enable

Username, Password: Your NordVPN user credentials

First Data Cipher: Not set

Second Data Cipher: Not set

Third Data Cipher: Not set

12. To get your NordVPN service credentials, visit the NordVPN website, log in, and on the Nord Account dashboard, copy the credentials by clicking the Copy buttons to the right of the Service credentials.

13. Advanced Options: Enable (this will enable the additional options in the next step).

14. TLS Cipher: None

LZO Compression: Disable

NAT: Enable

15. If the Username and Password fields are missing, go to Administration -> Commands and enter this code:

echo “YOURUSERNAME

YOURPASSWORD” > /tmp/openvpncl/user.conf

/usr/bin/killall openvpn

/usr/sbin/openvpn –config /tmp/openvpncl/openvpn.conf –route-up /tmp/openvpncl/route-up.sh –down-pre /tmp/openvpncl/route-down.sh –daemon

(Replace YOURUSERNAME and YOURPASSWORD with the respective NordVPN service credentials. Click “Save Startup” and return to the previous VPN tab.)

16. In the Additional Config box, either enter or copy/paste these commands:

remote-cert-tls server

Remote-random

Nobind

tun-mtu 1500

tun-mtu-extra 32

mssfix 1450

Persist-key

Persist-tun

Ping-timer-rem

reneg-sec 0

#log /tmp/vpn.log

(#Delete “#” in the line below if your router does not have credentials fields)

#auth-user-pass /tmp/openvpncl/user.conf

17. Open the OpenVPN UDP or TCP configuration file you downloaded in step 10 in any text editor.

18. When you open the .ovpn file of the server you chose (in this case, “us8221.nordvpn.com.udp.ovpn”) in a text editor, you should see the <ca> part of the file. Do NOT copy the <ca> and </ca> tags.

19. Copy its contents into the CA Cert Make sure the entire text gets pasted, including the: —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– lines.

20. Return to the configuration file and scroll down to the <tls-auth> part. Copy the contents of the TLS Key.

21. Paste the contents into the TLS Auth Key Make sure the entire text gets pasted in, including the —–BEGIN OpenVPN Static key V1—– and —–END OpenVPN Static key V1—– lines.

22. After entering the data, click Save and then Apply Settings.

23. To verify that the VPN is working, navigate to Status > Under “State,” you should see the message “Client: CONNECTED SUCCESS”.

Optional kill switch setup (for advanced users):

To create a kill switch, go to Administration > Commands and enter this script:

WAN_IF=`nvram get wan_iface`

iptables -I FORWARD -i br0 -o $WAN_IF -j REJECT –reject-with icmp-host-prohibited

iptables -I FORWARD -i br0 -p tcp -o $WAN_IF -j REJECT –reject-with tcp-reset

iptables -I FORWARD -i br0 -p udp -o $WAN_IF -j REJECT –reject-with udp-reset

24. Select Save Firewall, then go to Administration -> Management -> Reboot router.

Advantages and Disadvantages of Using a VPN With Your DD-WRT Router

Advantages

Constant Protection

By installing and using a VPN with your DD-WRT router, you benefit from always-on protection for your internet connection.

If you’re like me, you will sometimes forget to enable your VPN protection on the device you’re using. This means that my online activities, including streaming, sharing files, and other online antics are left open to being monitored.

By installing and running a VPN full-time on your DD-WRT router, you protect all of your devices from having their internet connection monitored.

Protection for All of Your Connected Devices

Any device that connects to your VPN-protected DD-WRT router is automatically protected by the VPN. This even protects devices that can’t run a VPN app – like your game console, streaming box, smart TV, or even your internet-connected refrigerator.

Some routers allow administrators to control which devices will use the protected VPN tunnel, and which apps will use the unprotected internet connection. (Keep in mind, though, that the administrator may not always be available to flip the switch on a particular device’s connection.)

Disadvantages

Possibly: More Upfront Expense

Your current router may not be compatible with DD-WRT firmware, or it may be provided by your Internet Service Provider and they don’t allow you to flash the router with DD-WRT firmware. This will require you to purchase a DD-WRT router.

Unfortunately, many of the DD-WRT-compatible routers are a bit expensive. While some lower-priced routers can run DD-WRT, they may not offer enough horsepower to optimally run DD-WRT. (Check with your favorite router manufacturer to see if they might offer refurbished routers, which can cut the cost of a router by a considerable amount.)

Also, keep in mind that some VPN providers may charge you extra for using their services with a DD-WRT router. (However, NordVPN includes DD-WRT compatibility at no extra cost.)

Your Connection Speeds Will Slow Down

When you’re running a VPN on your computer, mobile device, or other connected devices, you’ll likely notice that your connection speeds have slowed from when you’re using an unprotected connection.

This is due to the encryption process slowing things down, as well as your connection being routed through a VPN server in another location around the globe.

You’ll also see a similar connection slowdown when using a VPN on your DD-WRT router. This is due to the overhead of running a VPN app on your router, which will almost always have a less-powerful processor than your computer or mobile device.

Plus, you’ll usually have multiple devices connected through your router, meaning each device must share your router’s internet connection. The more devices you have connected, the slower your connection speeds.

Can I Use a Free VPN With My DD-WRT Router?

There are multiple reasons why you should not try to use a free VPN with your DD-WRT router (or any of your other devices, for that matter).

Most free VPN services are usually only compatible with a limited number of device platforms and are not compatible with routers.

Plus, most free VPNs heavily throttle your connection speeds and put daily or monthly data caps on your usage. With multiple devices connected at once, your connection speeds will crawl, and it won’t take long to use up your data allowance.

Your privacy is also at risk when using a freebie VPN. Even a free VPN provider needs to make money, and many do so by monitoring their users’ online activities, then selling that usage info to advertisers and other nosy types.

Other no-fee VPNs have been caught injecting unwanted ads and tracking cookies into their users’ browser sessions. Those cookies keep on tracking you even when you’re not connected to the service.

In Closing

As we’ve seen, there are some definite advantages to installing a VPN, like NordVPN, on your DD-WRT router. While there are also disadvantages, I feel that the always-on VPN protection for all of your connected devices outweighs the minimal disadvantages.

Router-based VPN protection delivers comprehensive full-time VPN protection and enhancement for all of your connected devices, all via a single access point. This method means that any device that connects to your DD-WRT-based WiFi router will immediately benefit from the VPN, with no device configuration required.

NordVPN provides top-notch DD-WRT features. The provider offers comprehensive online security and privacy, fast connections from an impressive global server network, and top-notch customer support.

Visit the NordVPN website.

DD-WRT Router FAQs