What's new

How to Setup TorGuard VPN on Merlin 384.13

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Jacob Wintheiser

New Around Here
I noticed the setup guide on TorGuard's website was a little outdated, so I wanted to create a new one and share with users here.

Log in to your router and navigate to VPN > VPN Client and input the following information:

Client Control:


Automatic start at boot time: Yes (Personal preference)

Network Settings:

Interface Type: TUN
Protocol: UDP
Server Address and Port: Pick your desired location here: https://torguard.net/network/ - Port: 1215
Accept DNS Configuration: Strict
Create NAT on tunnel: Yes
Inbound Firewall Block: Allow

Authentication Settings:

Authorization Mode: TLS
Username/Password Authentication: Yes
Username: Your TorGuard Email Address
Password Your TorGuard Password
Username / Password Auth. Only: Yes

Crypto Settings:

Keys and Certificates: Click Edit. Go to https://torguard.net/tgcerts.php and copy the "OpenVPN CA" into "Certificate Authority" and "TLS Auth Key" into "Static Key" and then click "save".
Cipher Negotiation: Enable (with fallback)
Negotiable ciphers: AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC
Legacy/fallback cipher: Default
TLS control channel security: Outgoing Auth (1)
Auth digest: SHA512

Advanced Settings:

Log verbosity: 3
Compression: Disabled
TLS Renegotiation Time: -1
Connection Retry attempts: 30
Verify Server Certificate: No
Force Internet traffic through tunnel: Policy Rules
Block routed clients if tunnel goes down: No

Custom Configuration:

persist-key
persist-tun

Click apply at the bottom and wait for it to complete. If it doesn't turn on automatically, go to Service state under Client control and switch to ON.

DONE!

Pictures for reference on how everything should look:

Merlin-Open-VPN-Settings.png

Custom-Configuration-Merlin.png


Couple things:


1. With this configuration, you will need to route what devices you want to use the VPN with (Split-Tunnel) within the Rules for routing client traffic through the tunnel section. Select the device you'd like to use through the VPN tunnel and click the "+" button to add it to the table. After it's added, select Apply and your changes will be made.

2. Per TorGuard's DNS Merlin knowledgebase, TorGuard recommends using Google's DNS. You can switch your DNS to Google's by navigating to LAN > DHCP Server and inputting 8.8.8.8 into DNS Server 1 and 8.8.4.4 into DNS Server 2. Click apply at the bottom when completed. More information on this can be found here: https://torguard.net/knowledgebase.php?action=displayarticle&id=180

Enjoy! :)
 

Attachments

  • Merlin OpenVPN Settings.png
    Merlin OpenVPN Settings.png
    79.8 KB · Views: 342
  • Custom Configuration - Merlin.png
    Custom Configuration - Merlin.png
    4.8 KB · Views: 328
Last edited:
I noticed the setup guide on TorGuard's website was a little outdated, so I wanted to create a new one and share with users here.

Log in to your router and navigate to VPN > VPN Client and input the following information:

Client Control:


Automatic start at boot time: Yes (Personal preference)

Network Settings:

Interface Type: TUN
Protocol: UDP
Server Address and Port: Pick your desired location here: https://torguard.net/network/ - Port: 1215
Accept DNS Configuration: Strict
Create NAT on tunnel: Yes
Inbound Firewall Block: Allow

Authentication Settings:

Authorization Mode: TLS
Username/Password Authentication: Yes
Username: Your TorGuard Email Address
Password Your TorGuard Password
Username / Password Auth. Only: Yes

Crypto Settings:

Keys and Certificates: Click Edit. Go to https://torguard.net/tgcerts.php and copy the "OpenVPN CA" into "Certificate Authority" and "TLS Auth Key" into "Static Key" and then click "save".
Cipher Negotiation: Enable (with fallback)
Negotiable ciphers: AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC
Legacy/fallback cipher: Default
TLS control channel security: Outgoing Auth (1)
Auth digest: SHA512

Advanced Settings:

Log verbosity: 3
Compression: Disabled
TLS Renegotiation Time: -1
Connection Retry attempts: 30
Verify Server Certificate: No
Force Internet traffic through tunnel: Policy Rules
Block routed clients if tunnel goes down: No

Custom Configuration:

persist-key
persist-tun

Click apply at the bottom and wait for it to complete. If it doesn't turn on automatically, go to Service state under Client control and switch to ON.

DONE!

Pictures for reference on how everything should look:

Merlin-Open-VPN-Settings.png

Custom-Configuration-Merlin.png


Couple things:


1. With this configuration, you will need to route what devices you want to use the VPN with (Split-Tunnel) within the Rules for routing client traffic through the tunnel section. Select the device you'd like to use through the VPN tunnel and click the "+" button to add it to the table. After it's added, select Apply and your changes will be made.

2. Per TorGuard's DNS Merlin knowledgebase, TorGuard recommends using Google's DNS. You can switch your DNS to Google's by navigating to LAN > DHCP Server and inputting 8.8.8.8 into DNS Server 1 and 8.8.4.4 into DNS Server 2. Click apply at the bottom when completed. More information on this can be found here: https://torguard.net/knowledgebase.php?action=displayarticle&id=180

Enjoy! :)
Well done torguard can be a little tricky to set up especially to the noobs ,like me, so it's great that you went to the trouble to lay it out in point form thankyou Ps welcome to the forum
 
Well done torguard can be a little tricky to set up especially to the noobs ,like me, so it's great that you went to the trouble to lay it out in point form thankyou Ps welcome to the forum

Thanks! I'm glad you found it helpful. This can be confusing to some; especially because TorGuard's article isn't updated, so I'm glad you were able to find it to be straightforward.
 
Thanks! I'm glad you found it helpful. This can be confusing to some; especially because TorGuard's article isn't updated, so I'm glad you were able to find it to be straightforward.
It may also good to mention that you can also hand over control of your router,I know hmmmmm security security, to torguard through something they send to your PC and they will actually set it up for you. You can actually see what they are doing in real time and once it's set up block them out again so they no longer have access to your router . Just thought I would mention it for people whom have real trouble with technology
 
Does torguard support IVP6?
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top