You are currently viewing Setup OpenVPN Client on Ubiquiti EdgeRouterX

Setup OpenVPN Client on Ubiquiti EdgeRouterX

  • Post author:
  • Post category:VPN

In this post, I will walk you through the process of setting up your EdgeRouterX with your OpenVPN client credentials, so that you can route all your traffic over your VPN service provider or if your hosting your own VPN server in the cloud. I’ve provided all the commands below that you can simply copy and paste after you have modified it slightly to reflect your internal subnet IP address.


Once you have basic internet connectivity, then you can proceed to the steps below.


Download your OVPN file from your provider or your OpenVPN Server and copy the file to the /config/auth/  folder on the EdgeRouterX.

You should upload to: /config/auth/vpn-client.ovpn


To allow for a username/password login rather than a certificate based login, I needed to modify the OVPN file to add the following directive:

auth-user-pass /config/auth/pass.txt

Then create a file called pass.txt. On the first line is your username, and on the second line is your password. Upload this to




Configure Ubiquiti EdgeRouterX

Login to your EdgeRouterX’s CLI, either via SSH or via the Web GUI. Here’s the commands you need to run:


##### Please Customize if your subnet address is different from #####

set interfaces openvpn vtun0 config-file /config/auth/andy.ovpn
set interfaces openvpn vtun0 description ‘OpenVPN Client’
set service nat rule 5000 description ‘OpenVPN Access’
set service nat rule 5000 log disable
set service nat rule 5000 outbound-interface vtun0
set service nat rule 5000 source address
set service nat rule 5000 type masquerade
set protocols static table 1 interface-route next-hop-interface vtun0
set firewall modify openvpn_route rule 10 description ‘OpenVPN’
set firewall modify openvpn_route rule 10 source address
set firewall modify openvpn_route rule 10 modify table 1
set interfaces switch switch0 firewall in modify openvpn_route






At this point, you should be connected, but as a best practice, i recommend that you reboot your router to ensure that everything come back up and starts up successfully.

Once your router is back up, you should now be connected to your OpenVPN server successfully and all traffic is now routed through the OpenVPN server. You can now login to the router and open the “Log Monitor” (found under tools). You should start seeing openvpn entries.



That’s It!!!