Support Center / How to set up Proton VPN on AsusWRT-Merlin routers using OpenVPN

How to set up Proton VPN on AsusWRT-Merlin routers using OpenVPN

You can set up Proton VPN on your AsusWRT-Merlin router so that all devices that connect to the internet though it will be protected by Proton VPN.  

This guide shows you how to do this using the OpenVPN VPN protocol on Asus routers running AsusWRT-Merlin firmware. A Proton Account is required, but you can sign up for one for free

How to set up Proton VPN OpenVPN on AsusWRT-Merlin routers

1. Open your Asus router’s admin panel by typing its local IP address into your browser’s URL bar. By default, the address is, but you may have changed it when you set up the router.

If you don’t know your router’s IP address, you can log in using the URL:

2. Go to Advanced settings VPN.

3. Select the VPN Client tab and choose OpenVPN.

4. Log in to your Proton VPN account and go to Downloads OpenVPN configuration files. Select Router for the platform and download the OpenVPN configuration file of your choice.

5. Back to your Asus router’s admin page, upload the selected OpenVPN configuration file:

6. After clicking Upload, the configurations from the file should autofill many of the setting fields (protocol, server address, port, authentication method, certificate settings, and custom configuration). You will need to fill in the remaining settings:

Network settings:

  • Interface type: TUN
  • Protocol: selected protocol from ovpn file (should autofill)
  • Server address and port: leave autofilled
  • Accept DNS configuration: Exclusive
  • Create NAT on tunnel: Yes
  • Inbound Firewall: Block
  • Authorization Mode: TLS
  • Username/password authentication: yes
  • Username and password: Your OpenVPN username and password (NOT your regular Proton VPN username and password. You can find these credentials in your Proton VPN account by going to Account OpenVPN/IKEv2 username).
    • To use our NetShield (Ad-blocker) feature, append the following suffixes to your username:
      • +f1 to block malware
      • +f2 to block malware, ads, and trackers (for example, username+f2)
      • NetShield (Ad-blocker) is a premium feature only available with a Proton VPN Plus or Proton Unlimited plan.
  • Username and password Auth only: yes

Crypto Settings: Check if Keys and Certificates have been prefilled from ovpn file (that field should have static key and certificate authority fields prefilled while all other fields are blank). If this is the case, leave everything as is.

Advanced Settings:

  • Log verbosity: up to you
  • Compression: disabled
  • TLS Renegotiation time: 0
  • Connection retry attempts: up to you
  • Verify Server Certificate Name: No
  • Force Internet traffic through tunnel: Yes
  • Custom configuration: leave prefilled

7. Fill in description, choose Yes next to Automatic start at boot time, and press Apply on the bottom of the page.

8. After these settings have been applied, enable Service state in Client control. You should now see your new IP address next to the service state.

your internet

Get Proton VPN
Get Proton VPN

Contact us

Support form

Tell us about the problem and we'll get back to you as soon as we can.

Open support form

Live chat

Get help from a support agent in real time. Available with a paid VPN subscription.

Chat with us

Secure email

Send us an encrypted message at It may take us longer to respond.

Email us