Configure OpenVPN on Tomato Router

This tutorial describes how to configure OpenVPN connection to SecurityKISS servers on Tomato Router.

Before you start please download certificates from the client panel. Log in to the client panel using your client id and password and download certificates from "Download" -> "Windows" -> "Download" button under "OpenVPN Configuration".

Unpack and save the files.

1. Log in to the Tomato router control panel

Type in your web browser address bar and log in with your username and password

OpenVPN Tomato

OpenVPN Tomato

2. Click on the VPN and then OpenVPN Client

OpenVPN Tomato

3. Edit the settings in the Client setup Basic tab

Start with WAN - Enabled
Interface Type - Wan
Protocol - TCP
Server Address/Port - one of the SecurityKISS openvp ip address for example "" (without quotation marks, you can use any openvpn server ip address available in the client panel). In a Port field type in 443.
Firewall - Automatic
Authorization Mode - TLS
Username/Password - Enabled
username - your client id
password - your password from the activation email
Username Authentication Only - Disabled
Extra HMAC Authorisation - Disabled
Create NAT on tunnel - Enabled

4. Click on Save and navigate to Advanced tab

OpenVPN Tomato

Pool Interval - 0
Redirect Internet Traffic - Enabled
Accept DNS Configuration - Disabled
Encryption Cipher - BF-CBC (or Default)
Compression - Disabled
TLS Renegotiation Time - -1
Connection Retry- 30
Verify Server Certificate - Disabled
In the Custom configuration field type in - ns-cert-type-server

5. Click on Save again and move to the Keys tab.

6. Now you need to open previously downloaded and unpacked certificates and copy whole content to the relevant fields

OpenVPN Tomato

Certificate Authority - copy the whole content of ca.crt
Client Certificate - copy the whole content of client.crt
Client Key - copy the whole content of client.key

7. Click Save and move to Status tab

OpenVPN Tomato

8. Click "Start Now" button