OpenWRT expressVPN setup

Install luci-app-openvpn and openvpn-openssl packages in OpenWRT. Download .ovpn configuration files from expressVPN. SCP them to /etc/openvpn. Change their name to this format: openvpn-my_vpn.conf. I initially didn't rename them and OpenVPN was looking for files of this format, so I just changed it to match. Maybe not necessary *shrug*. You have to make one modification to make it use your username/password from a file instead of prompting for it at the command line. Open the config file you got from expressVPN and find the "auth-user-pass" line. Change it to "auth-user-pass auth.txt". Now make a file named auth.txt and put the username ExpressVPN gave you in the first line, and the password in the second line. This is a random looking string of characters, not the email/password you use to login to expressvpn. /etc/init.d/openvpn restart should pick up the new config and login to the VPN successfully. logread -e openvpn to see the result. There should be some new routes created, along with a new network interface tun0.

openvpn config: config openvpn 'my_vpn'

       option enabled '1'
       option config '/etc/openvpn/openvpn-my_vpn.conf'

Network config: config interface 'vpn0'

       option proto 'none'
       option ifname 'tun0'

Firewall config: config zone

       option name 'vpnclient'
       option input 'REJECT'
       option output 'ACCEPT'
       option forward 'REJECT'
       option masq '1'
       option mtu_fix '1'
       option network 'vpn0'

config forwarding

       option src 'lan'
       option dest 'vpnclient'