Log in to your DD_WRT router and enter at least two public DNS servers. You can either use Google’s DNS servers (18.104.22.168, 22.214.171.124) or any from the OpenNIC project. Then click on Save and Apply Settings.Note: If you want, you can also use Perfect Privacy DNS servers (you can find the IPs on the server site in the customer area). These DNS servers will only resolve *.perfect-privacy.com domains when VPN is not connected which means that Internet access will not work without the VPN being connected. However, there will be no IP leak when using public name servers instead, since all DNS requests will be sent anonymized over the VPN tunnel while a VPN connection is established.
Go to Services → VPN and configure the settings as follows:
You can find the keys and certificates in the previously downloaded configuration. Open the *.ovpn file of the server you are using, in this case Zurich.ovpn.
Copy the content between the tags <tls-auth></tls-auth> in the field TLS Auth Key.
Copy the content between the tags <ca></ca> in the field CA Cert.
Copy the content between the tags <cert></cert> in the field Public Client Cert.
Finally copy the content between the tags <key></key> in the field Private Client Key.
When finished click on Save and Apply Settings.
CAUTION: This step activates the firewall protection (“kill switch”) which prevents traffic leaving your network in case the VPN connection was interrupted. If you also want to access the Internet with your router when no VPN is connected, you need to skip this step.
Go to Administration → Commands and enter the following lines:
iptables --flush FORWARD iptables -P FORWARD DROP iptables -I FORWARD -o tun+ -j ACCEPT iptables -I FORWARD -i tun+ -j ACCEPT iptables -t nat -I POSTROUTING -o tun+ -j MASQUERADE
Then click on Save Firewall.