Guides Setting Up a VPN Server on a Tomato Router, Part 1

Setting Up a VPN Server on a Tomato Router, Part 1

Looking to set up a virtual private network (VPN)? You don’t have to buy expensive equipment to set up a VPN to give users secure remote access or connect offices together. Small and midisze businesses especially can take advantage of lower-cost alternatives.

Building a VPN? Tomato Router is one way to bypass expensive equipment to give users secure remote access or connect offices.

Microsoft gives you VPN server and client functionality right in Windows; however, the feature-set is limited, and only Vista versions and later offer good security. One alternative we’re going to discuss is installing aftermarket firmware on a wireless router loaded with the free OpenVPN server and client. We already covered this with the DD-WRT firmware. Now, we’ll look at the Tomato firmware, using the TomatoVPN variant.

Get a Compatible Router

You can’t use the Tomato firmware on just any wireless router. Make sure you have (or get) one that’s compatible. Vendors with supported routers include Linksys, Buffalo, and Asus. To check your specific model and version, refer to the Tomato FAQ.

Once you’ve verified your router is compatible, download and install the firmware.

This tutorial is written using the 1.27vpn3.6 release of TomatoVPN, which uses the OpenVPN 2.1.1 server and client. Then on a PC, I’ll use OpenVPN 2.1.4 for creating SSL certificates and for VPN client functionality on PCs.

Initial Login

Start by connecting to the TomatoVPN router and logging into the web-based control panel. Open your browser and enter the default IP address of Then, login with the default username and password, which are both “admin”.

Before playing with the VPN features, be sure to configure the basics so you’re secure: wireless settings (including WPA or WPA2 security) and the router’s password for the control panel.

Change the Router’s Subnet and IP

Since VPN connections link networks together, you must be careful with the subnet and IP addressing so there aren’t any conflicts. The TomatoVPN default IP of is one of the most common among all routers, and it and will likely cause a problem. Use something that’s not a common default, such as If you have multiple offices, assign each to a different IP/subnet, such as and

To change the TomatoVPN router, connect and bring up the web-based control panel by entering the IP address ( into a web browser. Then click Basic > Network (see Figure 1). Change the Router IP Address, such as and adjust the IP Address Range accordingly, such as – Then click Save.

Tomato VPN Router
Figure 1
The Tomato VPN Router

Now you must use the new IP to login to the TomatoVPN control panel.

Signup and Configure a Dynamic DNS Service

If the Internet connection where you want to set up the VPN server uses a dynamic or changing IP address rather than a static one, you should use a dynamic DNS service. Otherwise, you’ll have to manually keep track of the Internet connection’s IP and update it on clients when it changes.

Sign up for a dynamic DNS service, such as from No-IP. Then, on the TomatoVPN router, click Basic > DDNS, and input the details for the service. Your router will automatically update your hostname to point to your current IP address. You’ll input your hostname on the client VPN configuration rather than the IP address.

Latest Posts

Data Center Management Training & Certifications

For System Administrators looking for ways to bolster their skills or to get ahead of the competition when job hunting, data center management training...

VMware Player Bridged Network

When you install a Workstation Player, a VMware Player bridged network is automatically set up for you. However, you may run into issues connecting...

ManageEngine OpManager Plus Pricing & Review

Server management is a critical component of maintaining a healthy and efficient IT infrastructure. This requires System administrators to continuously manage physical server hardware,...

Analyzing Web Server Logs

Modern organizations track and log data for virtually all business processes, which is why web server log analysis tools are vital for effectively using...

Harnessing the Power of PowerShell Aliases

Creating aliases for PowerShell cmdlets can be a valuable tool for saving you time and headaches over remembering the names of commands. PowerShell was...

Related Stories