OpenWRT and PIA

I use an OpenWRT travel router to deal with public WiFi access security and geolocation concerns. I have written extensively prior  and ran into an issue with the latest OpenWRT release.

For those struggling with PIA using the luci-app-openvpn please see the below for a working config you can place in /etc/config/openvpn.

• Grab the new PIA Strong crypto files here: https://www.privateinternetaccess.com/openvpn/openvpn-strong.zip
• vi /etc/config/openvpn
• Paste this block of text and change the hostname as needed

config openvpn 'piaEU'
               option dev 'tun'
                option nobind '1'
                option verb '3'
                option fast_io '1'
                option persist_tun '1'
                option persist_key '1'
                option client '1'
                option proto 'udp'
                option tls_client '1'
                option remote_cert_tls 'server'
                option cipher 'aes-256-cbc'
                option auth 'sha256'
                option ca '/etc/config/ca.rsa.4096.crt'
                option keepalive '10 120'
                list remote 'nl.privateinternetaccess.com'
                option comp_lzo 'adaptive'
                option auth_user_pass '/etc/openvpn/authuser'
                option resolv_retry 'infinite'
                option reneg_sec '0'
                option disable_occ '1'
                option enabled '1'
                option crl_verify '/etc/config/crl.rsa.4096.pem'
                option port '1197'

The port is a biggie. Make sure it is the correct one for the new secure settings!