Surfshark has climbed the ranks among the leading VPN service providers at an exemplary pace. The provider covers all the bases that you can expect from a top-of-the-line VPN service.
But did you know that you can make your digital life much easier and foolproof by setting up Surfshark on router? When you set up a VPN on your router, you won’t have compatibility issues and you can use Surfshark on multiple devices at the same time.
Surfshark has over 1,040 servers and available in 60 countries. It has a lot of features among them it has a clean web feature that helps you browse the internet without any malware, ads, or trackers.
In this article, I will explain how to setup Surfshark on router by taking advantage of the router compatibility of the service.
Installing Surfshark on Router
Surfshark only supports routers running open-source firmware including DD-WRT and Tomato. The only other stock firmware from popular router manufacturers that Surfshark supports is AsusWRT.
As such, I will demonstrate the setup process for Asus routers specifically and then for DD-WRT and Tomato in general.
How to Setup Surfshark on ASUS Routers
5 Minutes Review time
Follow the steps below to proceed with the setup process of Surfshark on router:
- Description: You can choose whatever name you want to give to your VPN
- Username: Enter your Surfshark username
- Password: Enter your Surfshark password
So, if you have been wondering how difficult is it to install Surfshark VPN on your router, I suppose the answer to that is: not as hard as you think.
How to Install Surfshark on DD-WRT Routers
DD-WRT is an open-source firmware that can be installed on many different types of routers.
If your router doesn’t already have a DD-WRT firmware installed, you will have to flash it first. This article explains the flashing process in detail. You must also make sure your router supports DD-WRT firmware, which you will find here.
When you’re done with setting up DD-WRT on your router, follow the steps below to configure Surfshark:
- First, you must setup Surfshark’s DNS servers. Open your DD-WRT router control panel > Setup > Network Address Server Settings (DHCP) and enter these values:
- Static DNS 1 = 252.172.57
- Static DNS 2 = 154.159.92
- Static DNS 2 = 0.0.0 (default)
- Use DNSMasq for DHCP = Checked
- Use DNSMasq for DNS = Checked
- DHCP-Authoritative = Checked
- When these values are entered as shown above, click Save and Apply Settings
- Select the Service tab and then Under OpenVPN Client, click Enable and enter information as shown below:
- Server IP/Name: Enter the server address of your desired VPN server. You can find Surfshark server VPN name/address here
- Port: 1194;
- Tunnel Device: TUN;
- Tunnel Protocol: UDP;
- Encryption Cipher: None;
- Hash Algorithm: SHA-512;
- User Pass Authentication: Enable;
- Username: Your Surfshark service username;
- Password: Your Surfshark service password
Note: If there are no username and password fields, enter the other details mentioned above and then skip to step 4.
- Advanced Options = Enable (this will enable additional options)
- TLS Cipher: None;
- LZO Compression: Disabled;
- NAT: Enable;
Leave all other fields not mentioned in this list unchanged.
- If there are username and password fields in this setup screen, navigate to Administration > Commands and enter the following command:
echo "USERNAME PASSWORD" > /tmp/openvpncl/user.conf /usr/bin/killall openvpn /usr/sbin/openvpn --config /tmp/openvpncl/openvpn.conf --route-up /tmp/openvpncl/route-up.sh --down-pre /tmp/openvpncl/route-down.sh --daemon
Note: Replace USERNAME and PASSWORD with the login credentials provided to you by Surfshark, then click Save Startup and return to the VPN tab
- Enter the following commands in Additional Config:
remote-cert-tls server remote-random nobind tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 persist-key persist-tun ping-timer-rem reneg-sec 0 cipher AES-256-GCM auth SHA512 log /tmp/vpn.log
- You will now need to download CA certificates and TLS auth keys in the .ovpn files that you downloaded for Surfshark from here
- Now open the configuration file with a text editor
- Copy the text after the <ca> tag to the CA Cert field. Don’t forget to copy the —-BEGIN CERTIFICATE—– and —–END CERTIFICATE—- lines as well
- Copy the text after <tls-auth> tag to the TLS Auth Key Also, copy the ——BEGIN OpenVPN Static key V1 ——- and ——- END OpenVPN Static Key V1 ——- lines
- Click Save and Apply Settings
- You can check if the VPN setup is successful by clicking Status > OpenVPN and check if it says Connected Success under State.
How to Install Surfshark on Tomato Routers
Tomato is another open-source router firmware but it does not enjoy as wide support on devices as DD-WRT. To make sure your router is compatible with Tomato, visit this article.
If your router does support Tomato, you can install it with the help of this guide.
When you’re done installing Tomato on your router, follow the steps below to complete Surfshark configuration on your router:
- Access your Tomato’s control panel by entering Default Gateway in the browser’s address bar. This is 168.1.1 by default
- Enter your device login credentials when prompted
- Now click on VPN > OpenVPN Client
- Click the Basic tab on the top left and enter the following information:
- Start with WAN:Checked;
- Interface Type:TUN;
- Protocol: UDP or TCP;
- Server Address: Enter the server address you wish to connect to. You can find this information on this page
- Port:1194 if you selected UDP or 1443 for TCP connection;
- Authorization mode:TLS;
- Username/Password Authentication:Checked;
- Username: Your Surfshark service username;
- Password: Your Surfshark service password;
- Username Authen. Only:Unchecked;
- Extra HMAC authorization (tls-auth):Outgoing (1);
- Create NAT on tunnel: Checked
- Now click on Advanced and enter the following information:
- Poll interval: 0;
- Redirect Internet traffic:Checked;
- Accept DNS configuration:Strict;
- Encryption cipher:None;
- TLS Renegotiation Time:-1;
- Connection retry:-1;
- Verify server certificate (tls-remote):Unchecked;
- Now in the Custom Configuration, enter the following text:
remote-cert-tls server remote-random nobind tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 persist-key persist-tun ping-timer-rem reneg-sec 0 auth SHA512 cipher AES-256-CBC log /tmp/vpn.log
- Click on Keys tab and open the .ovpn files that you earlier downloaded from this link. In the Static key, enter the text from <tls-auth> to </tls-auth> block. You must also include —- BEGIN OpenVPN Static key V1—–and —–END OpenVPN Static key V1—– lines as well. In the Certificate Authority, enter the text from <ca> to </ca> block. You must also include —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– lines
- Press the Save button to apply pages. To create a connection with Surfshark server, click on Start VPN Client 1, at the top right corner. Check the Status tab to make sure you are connected to Surfshark successfully
You should now be connected to Surfshark via your router.
If you want to consolidate your security further, you can configure DNS addresses to prevent DNS leaks. To do this, click Basic Settings > Network. Now click on WAN Settings, change DNS Server to Manual and input these addresses:
And that’s all there is to it. You can enjoy Surfshark’s servers to access any website/service you want on any device with strong security and no possibility of DNS leaks.
Reasons to Install Surfshark on Router
Here are some of the reasons why you need to set up Surfshark on your router:
- Protection from External Threats: The traditional way of using a VPN is to install it on the device that you want to protect from external threats, keep your privacy safe, and unblock websites that are censored or geo-restricted in your region.
- Connect Surfshark to Multiple Devices: Once you have installed Surfshark on Router, you can connect to multiple devices at the same time. If you only use one device, then the benefits of having a Surfshark VPN on the router won’t apply to you. For that, you can simply download Surfshark on mobile, desktop, tablet, and more.
- Don’t need to Turn ON VPN every time: You will never have to trouble yourself by switching on and off your VPN app all the time. Setting up a Surfshark account on router will ensure that you always remain connected to a VPN.
- No Compatibility Issues: What’s more, you can also get past any compatibility issues if you also need a VPN for some device that isn’t directly supported by Surfshark.
Surfshark is a complete package for users seeking privacy and internet freedom. Setting up Surfshark on Router will help you connect multiple devices at the same time and helps you browse the internet without any fear of online breach or online data theft.
All you need to do is just take out a few minutes, keep a cup of freshly brewed coffee handy, and go about changing the settings as shown above. That’s literally all it takes to enjoy unlimited online freedom and privacy with Surfshark.