If you have navigated to this page, this means you had successfully flashed your router with DD-WRT and intend to make it work with BolehVPN. Now give yourself a pat on the back as the most challenging part is now over!

Configuring BolehVPN on DD-WRT

As of February 15th, 2017, DD-WRT builds 25760 and above are recommended! Otherwise your OpenVPN Client configuration page will be different.

To begin with, login into your DD-WRT page then click on Services, followed by VPN. You should arrive on this page:

Continue to enable the OpenVPN Client, then fill up the necessary fields as follows:

We support the following TLS Ciphers:

TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
TLS-DHE-RSA-WITH-AES-128-CBC-SHA

Next, open up your configuration folder that contains all the ovpn files as well as your keys and certificates. Alternatively, you can download them from your Control Panel by clicking on Download Key under My Order in the login page.

In the Server IP/Name field, enter any servers from Fully-Routed or Proxied. You may find them in your ovpn files; use a text editor such as Notepad to open them by drag and drop.

Similarly, open the corresponding files with Notepad and fill up the next few fields by copy and pasting the entire content.

• TLS Auth Key – ta.key
• CA Cert – ca.cert
• Public Client Cert – yourusername.cert
• Private Client Key – yourusername.key

Finally, save your configuration and apply the settings. Give DD-WRT a few moments as it attempts to connect to our servers.

To access the logs, go to Status then OpenVPN. However, this page will only show only a part of your logs. It should look like this:

Although you may see a lot of lines that states ‘Client disconnected’, but do not worry as this is bound to happen.

To ascertain that your configuration is successful, visit this page to check your ip. (For Fully-Routed only, as Proxied connections requires further configuration)

You will have noticed several configuration options from the drop-down menu. This is probably the most important part of the setup since failing to understand what each configuration does may prevent you from getting the most out of BolehVPN.

In a nutshell, there are 6 main types as shown in the table below:

Each of these configurations have a distinct purpose, therefore it is important to read through this section carefully to utilize this service to its maximum extent.

BolehVPN is one of the few VPN providers that offers a wide range of options all in one package.

a. Proxied

Server locations: Canada, Germany, Netherlands, Switzerland, UK

All these configurations are in a proxied setup which means you will need to set up your software before using the VPN. Any software that is not configured will go through your regular unprotected internet connection. Proceed to Step 4 to learn how to configure your software when you are ready.

Pros

• Does not affect other latency sensitive applications like MSN/surfing/gaming therefore you can do all your other tasks without feeling any slowdown. VPNs in general add latency to your connection.
• Works well for most purposes and well seeded torrents
• If properly configured, an interruption of your connection to our VPN servers will not leave you exposed.

Cons

• You will not be fully connectable and will appear as firewalled. This is inevitable as it uses a proxy. This might reduce your ability to connect to peers and is relevant when the seeder/peer ratio is bad or there are very few people on the torrent. This also gives you LowID with Emule
• Requires the program you wish to pass through the VPN to have SOCKS Proxy support and be configured appropriately.
• Some programs due to faulty programming do not use the VPN proxy exclusively and may still use your regular connection for certain connections. Therefore this is not suitable for those who wants complete privacy.
• Slightly higher overhead due to usage of a SOCKS proxy.

b. FullyRouted

Server locations: Canada, France, Germany, Luxembourg, Netherlands, Singapore, Sweden, Switzerland, UK

‘FullyRouted’ is different where all your data is automatically routed to the VPN. This means everything including surfing, internet messengers (Skype) and any other software that requires internet-connection will have go through the VPN.

You do not need to configure your programs to use the VPN if you use this.

Pros

• Offers a high degree of privacy/security for your internet enabled applications
• Painless setup since once you are connected to the VPN; you need not configure anything else
• May work better with poorly seeded trackers

Cons

• Increases latency/lag on all other applications that means surfing, Skype and everything else that uses the internet will have a longer reponse time due to the additional route your internet connection has to take.

c. Surfing/Streaming

Server locations: United States, United Kingdom, Malaysia, Italy, Japan

The Surfing/Streaming servers CANNOT be used for P2P but is especially good for streaming US-only content such as Hulu, Pandora, Veoh and such.

Note that there are SurfingStreamingTCP options that are intended only for people with firewalls that do not allow UDP connections. Please stick with the standard servers if possible as they are faster and more stable unless absolutely necessary.

Specifying a proxy is unnecessary. It works similarly as the ‘FullyRouted’ configurations where you could just connect and start surfing!

However certain internet-enabled programs might not work while this setting is applied.

d. Cloak

Server location: Canada, France, Germany, Italy, Singapore, Japan, United States, United Kingdom

In order to bypass the strict internet firewall in countries such as China and Iran, we have prepared the Cloak configurations, an improvement on our older XCloak configurations.

Please take note that the Cloak configuration also has suffixes that determines the type of connection it will make, which corresponds to the other 3 configurations mentioned above.

For CloakProxy, proxy settings must be configured and this can be viewed in Step 4.

e. TCP Servers

Server location: Canada, France, Germany, Italy, Singapore, United States, United Kingdom

The TCP servers suffixes in some of our configuration allows you to bypass corporate/campus firewalls. This should be only used if you are unable to connect to our servers due to a firewall. This works on majority of the firewalls but there are still setups out there that can block it. You can also use this if you suffer from a poor internet connection with packet loss. Please note that the TCP protocol will not be as fast as the other UDP servers.

These servers work as Proxied, FullyRouted, SurfingStreaming, CloakRouted, or CloakProxy servers based on the name, meaning you would need to configure your software to use proxies in order to divert the traffic through the VPN only if you use the Proxied TCP servers. You can see this is done in the next step.

f. BolehGeo

Server location: Canada, Netherlands, Singapore

BolehGeo allows you to access sites that are restricted to US address without the use of a VPN. In other words, the lag and overhead inherent from using a VPN are eliminated, thus faster streaming speeds can be observed. This would also means you won’t be getting the privacy and security benefits that would otherwise be present with the use of a VPN.

Please take note that this feature is strictly for making your computer to appear from the US on geo-specific media sites.

We have tested this list of streaming services and found that they work well with this new feature.

1. Hulu
2. Netflix
3. Hulu Plus
4. HBOgo
5. Pandora
6. Fox
7. Crunchyroll
8. CBS
9. Youtube

Do let us know if there are any geo-restricted sites for the US that you would like to see added to this list and how this works out for you! Remember to clear your cookies before trying out the sites!

Now it’s time to configure your programs!

If you are using ‘Proxied‘ or TCP443Server, you would need to configure your programs to go through the VPN (unless you don’t want them to).

Fully Routed and Surfing/Streaming configurations do not require these additional steps as all your data will be redirected through the VPN automatically once you are connected.

Click on a button below to view the program’s configuration.

Torrent Clients

We recommend qBittorrent for Windows users and Vuze for Macs. Vuze is the only Mac torrent client with full Socks proxy support which is required for our proxied configurations (PublicTracker/PrivateTracker).

Browsers

If your program is not listed here, do not fret! As long as your program supports proxies, you only need to enter the following details in the relevant fields:

• Hostname: 10.10.10.1
• Port: 808(HTTP) or 1080 (SOCKS)
• No authentication

You can also always drop by our Support Forums to ask for help in configuring a particular program.

If you do need help, there are a few steps you need to do to get you full support access.

We do this to verify the identity of our customers and protect their privacy.

1. First of all, Register for our Support Forums and follow the instructions onscreen.
2. Have a read through our FAQ in the mean time to see if that helps. You can also submit a support ticket here
3. Check out our DD-WRT forum for other info, or make your post here for help.