It can be tricky to set up a VPN at router level, but our step-by-step instructions will help make the process smoother. Once it’s set up, all devices in your home will be secured.
Installing a VPN on your router makes it really easy to secure and protect your online activity on multiple devices.
It also saves you from having to create a VPN connection on every connected device individually, and also encrypts traffic on devices that you can’t install a VPN on directly, like games consoles and smart TVs.
But not all routers support VPN connections and not all VPNs support router installation.
Double check the manual to see if your router supports VPN client software. If it does, you should make sure that the VPN service you want to use allows for router setup before you buy a subscription – it’ll usually be prominently displayed on the ‘devices’ section of the provider’s website.
We’ll go through three different ways to install and use a VPN on your home router.
Before we go into the details, here are the things you’ll need in order to set up a VPN on your router:
What You’ll Need
A verified VPN account. If you haven’t chosen one yet, why not check out our latest recommendations. Make sure that the VPN service supports router installation, specifically for your router model.
A router that supports VPN client software – preferably OpenVPN.
A backup of your current router configuration — just in case.
Every router model and type is different, and it isn’t possible for us to give you a guide for every model here.
Likewise, every VPN provider has a slightly different set-up process.
But if you use this guide in conjunction with your user manual and your VPN service provider’s advice, you should be able to navigate the process without a hitch.
Remember: you’ll need to log onto your router to follow this guide. The username and password may be printed on the rear of the router, or on a card that came with it.
Why Should You Install a VPN on Your Router?
There’s no denying it – there are far easier ways to protect yourself with a VPN. But, at the same time, installing a VPN on your router has some unique benefits. Benefits such as:
1Protect multiple devices under the same license.
2Protect devices that the VPN service doesn’t provide custom apps for.
3Continual VPN protection.
We’ll talk about the pros and cons of router installation after all of the setup instructions.
How to Choose a VPN Service for Routers
Before you can even start the installation process you need to have a VPN subscription with a service that allows for router installation.
So, what’s the best VPN service for routers?
The best VPN for installation at router-level is ExpressVPN, which comes with a router app for ease of use and is fast, reliable, and, above all, safe to use.
If ExpressVPN isn’t for you (and that’s fine – it is quite pricey) there are still plenty of options.
We will be using the OpenVPN protocol in the following setup instructions as this protocol provides the best balance between security and performance.
Some VPNs give instructions for router setup with other protocols, but beware that not all of these are as secure as OpenVPN.
In fact, there’s one VPN protocol that we absolutely do not recommend and that’s PPTP.
PPTP is extremely insecure and can be hacked in minutes.
Here are some other top VPN services that support OpenVPN for routers:
Private Internet Access
How to Choose a Router Compatible with VPNs
Not all routers can run VPN client software.
If you have a modem and router combo device that came with your internet package, it most likely won’t work with VPN software and you’ll need to buy a separate router.
So, which routers do work with VPNs and which one is the best?
There are loads of different router models that support VPN client software, and the best router for VPNs is simply the one that best suits your needs.
VPN-supported routers vary in price – they start at around $150 and can go up to $500, so a lot depends on your budget.
Different router models also cater for different users; some are geared towards gamers, while others are for more casual users who just want to protect their router traffic with a VPN.
Some router brands that provide routers that support VPN client software are:
You should also consider which VPN protocols the router supports and whether it can be flashed with new firmware.
As we’ve mentioned before, OpenVPN is the best VPN protocol to use on your router.
While it’s generally much easier to use PPTP and L2TP/IPSec as many routers natively support those two VPN protocols, they pose security risks.
PPTP can be hacked in minutes and L2TP/IPSec is not safe to use when used with a pre-shared key.
Sound confusing? That’s ok – it’s simple once you learn how to navigate the jargon. We’ve written a simple explainer to VPN protocols and their levels of security in our guide to VPN encryption.
Three Installation Methods:
2VPN router apps
Method 1: Manually Installing a VPN on Your Router
We’ll start by explaining how to manually configure your current router, as you don’t necessarily need to buy new router hardware to do it.
If you’re looking for a ready-made VPN router you can skip to Method 3.
If you have an ASUS router then you may be in luck.
Some ASUS routers support the OpenVPN protocol natively through ASUSWRT firmware, so there’s no need to flash your router with new firmware – something that has a lot of potential to go wrong.
Here’s how to set up a VPN on your ASUSWRT router:
We’ll be using IPVanish with an ASUS RT-AC68U router.
Log into your online VPN account and locate the OpenVPN configuration files. Choose your preferred server location (you can only configure one at a time). Download the file.
Log into your router admin dashboard with the username and password. The default is generally admin and admin but for security reasons you should change this as soon as possible.
Click VPN on the left-hand side of the control panel, under Advanced Settings.
Click on the VPN Client tab. The panel includes basic VPN client installation instructions.
Click on Add Profile at the bottom of the control panel.
Select the OpenVPN tab and fill in the following fields: Description: create any name for your connection – we recommend the VPN provider’s name plus the VPN server name. Username: type in your VPN subscription username. Password: type in your VPN subscription password. Auto reconnection: yes. This will make sure that the VPN automatically connects when you start the router. Import .ovpn file: Click Choose File, select the OpenVPN configuration file that you downloaded from your VPN account earlier and click Open. Import the CA file or edit the .ovpn file manually: don’t check this box.
Once you’ve filled in the fields, click Upload and then OK.
Click Activate on your new VPN server entry.
When the VPN has successfully connected a blue tick will appear to the left of your VPN server entry.
Be sure to run a leak test to check that the VPN isn’t leaking IP, DNS, or WebRTC leaks. You can check out our separate guide to find out how to check for leaks and how to fix them.
When you want to disconnect from the VPN click Deactivate next to the VPN server name.
If you don’t have an ASUSWRT router it’s likely that you’ll have to flash your current router with new firmware that supports OpenVPN VPN client software. The three main firmwares are:
Important: You must do your research before you attempt to flash your router with new firmware as doing so on a device that doesn’t support the firmware could ‘brick’ your router, leaving it useless.
Here’s how to flash your existing router:
(These are very general instructions – you should read your router’s user manual for specific instructions, as it may require more complicated steps than those outlined below.)
Ensure that your router is plugged in and connected to the internet.
Download the firmware file and save it to your computer.
Log into your router admin dashboard on your computer.
Go to Administration > Router Update.
Upload the firmware file you downloaded earlier.
Restart the router.
Create a password for your new router admin login.
Once you’ve flashed your router it’s time to configure your VPN client.
It will be broadly a similar process as we outlined for ASUSWRT, but you should follow the instructions supplied by your VPN provider to understand how to configure the VPN with your chosen firmware.
Log in with your router’s username and password. For security reasons you should change your credentials from the default ones as soon as possible.
Find your ExpressVPN activation code from within your online account and paste it into the router’s admin panel.
If you don’t want to share crash reports and anonymous analytics with ExpressVPN click No Thanks.
Create a WiFi username and password for your new network and click Continue.
Set a router admin password and click Continue.
Now that the installation process is complete you can take a look at the ExpressVPN router applet and all of its settings. You can enable the Network Lock (VPN kill switch) and exclude certain devices from the VPN using the Per device feature.
Once you’re happy with the settings, select a server location from the list and click Connect.
Now all the devices connected to your router will benefit from VPN protection.
ExpressVPN provides a range of guides for setting up its router applet on different router models should yours be different to the one we’ve selected for this guide.
Method 3: Buy a Pre-Flashed Router
The easiest way to use a VPN on your router is to buy a pre-flashed router.
They’re not cheap, though.
Pre-flashed routers start at around $130 and high-end models can cost upwards of $500. That doesn’t include the price of the VPN subscription, which can be around $100 a year.
The most popular provider of pre-configured routers is FlashRouters.
Loads of VPN providers offer pre-configured VPN routers through FlashRouters, but here are some popular examples:
Private Internet Access
Some of them support the FlashRouters Privacy App, while others rely on the default router firmware (DD-WRT, OpenWRT, or Tomato).
If you would like to buy a pre-flashed router it’s worth testing the VPN out on your desktop computer and mobile devices first to see if you are happy with the software in general before you commit to buying a router.
Most VPN services come with money-back guarantees, so if it’s not working out for you you can get a refund. Just make sure the guarantees are ‘no questions asked’.
Once you’ve purchased your pre-flashed router it will arrive configured and ready to protect your internet data.
If you’ve purchased a pre-flashed router through FlashRouters, the device will arrive set-up and ready to use.
Once you’ve connected the router to the internet, just visit flashroutersapp.com on a device connected to the router’s network and enter the login details for your VPN subscription.
From there you’ll be able to choose a VPN server and connect.
If you already have a supported DD-WRT router at home and you want to use the Privacy App, you’ll have to purchase the FlashRouters Basic Support Plan.
It costs $50 and the team will remotely flash and configure your router.
Need More Help?
There’s a huge variation in the way routers handle VPN installations, and your first port of call should be your router user manual, or your VPN service provider’s help pages.
If you can’t find the most basic connection details for VPNs in your router’s admin area, it’s possible that your router doesn’t support VPNs at all.
Your VPN service provider should be able to recommend a list of compatible routers, and the customer support team should be able to troubleshoot any VPN connection issues you’re experiencing with your router.
Why Should You Install a VPN on Your Router: Pros and Cons
Installing a VPN on your router can be a great way to protect all the internet-connected devices in your home, but there are some drawbacks.
So, when should you and shouldn’t you use a VPN on your router?
Here are the pros and cons.
As long as you keep your router switched on, the VPN connection will always be in place to encrypt your home’s internet traffic.
That means that you don’t have to wait for your computer to boot up fully before you benefit from VPN protection.
2Protects all types of internet-enabled devices
You can’t install a VPN directly onto some devices, such as games consoles and smart TVs.
But with a router you can cover all your gadgets that don’t support VPN client software directly.
3Beats ‘simultaneous connections’ limits
Most VPN services restrict the number of devices that are running the VPN at any given time (i.e. simultaneous connections).
By installing the VPN at router level you can cover lots of devices and it only counts as one connection.
1Tricky setup and lacks flexibility
As you can probably tell from reading this guide, installing a VPN on your home router can be difficult and time consuming.
It’s definitely not for beginners.
Even after you’ve completely set up your router with the VPN client software, it’s not as easy to change the settings as when the VPN software is installed at device-level.
While this should be fine for users who just want to protect their privacy, it’s not as convenient for those who want to use a VPN for content unblocking and streaming.
It’s super easy to switch server locations and settings to accommodate streaming within custom VPN apps for devices like computers and smartphones, but it’s not so simple on routers.
If you’re looking to stream content it might be easier to install the VPN software directly onto your preferred device.
However, some devices like Apple TV don’t currently have VPN apps, so installing the VPN at router-level will be your only option.
2It can be expensive
If you want to use the best and safest VPN protocols and encryption like OpenVPN with AES-256 you’ll probably need to buy new router hardware, which can cost hundreds of dollars.
And that doesn’t include the price of the VPN subscription itself, which can cost more than $100 a year.
3Not all VPN services support router connections
There are some VPN services that aren’t compatible with routers, such as Hotspot Shield and TunnelBear.
Always check if a VPN service supports router connections before you purchase a subscription.
Even if the provider does support router connections it might only support unsafe VPN protocols on router such as PPTP.
4Internet traffic between your devices and the router is not secured
Another downside of using a VPN at router-level is that traffic between devices and the router is not encrypted.
While this isn’t so much of an issue if you trust everyone connected to your home network (and don’t mind them seeing your online activities), it does pose a security risk should a random stranger gain access to your network.
A VPN router encrypts the traffic of every device on your WiFi network.
You should, however, avoid using a VPN on both your device and the router at the same time to avoid slowdowns and instability.
One workaround would be to set up a separate router for devices that don’t come with custom apps like your Xbox or Apple TV. That way you can still use custom VPN apps on your computers and smartphones.
ExpressVPN’s router applet and the FlashRouters Privacy app – which is available for many DD-WRT routers – allows you to exclude certain devices from the VPN tunnel.
Router VPN Client vs. Router VPN Server
It’s important to know the distinction between using your router as a VPN client and using it as a VPN server.
This guide deals with the first instance. When you set up your router as a client it routes all of your internet traffic through the VPN encrypted tunnel to the VPN servers on the other end.
On the other hand, setting up your router as a VPN server allows you to securely connect to your home network while you’re out and about, a bit like a business VPN you might be familiar with in a work environment.
Internet traffic is encrypted and sent through the VPN tunnel from your device and to the router VPN server in your home.