A regular Client behind the ISP Router accesses the Internet through the unprotected red path.
The ISP can log the traffic from this client.
The router establishes the blue IPredator connection.
The Client behind the IPredator VPN uses the yellow protected path through IPredator to access the Internet.
Because the traffic inside the blue tunnel is encrypted, your ISP cannot look into the traffic that the Client behind IPredator generates.
The ISP only sees encrypted packets traveling back and forth to IPredator.
Log in to the web interface of your TomatoUSB router.
Select the Admin Access submenu from the Administration menu.
Select HTTPS local access and choose a Common Name for your router.
This means that the web menu will only load over HTTPS - e.g. https://YOURROUTERIPADDRESS.
In case your browser displays a warning message about the used certificate you should add it to your browser certificate list.
Scroll down to the SSH Access section.
If you want to enable SSH remote shell access you can do it in this section.
If you decide to enable SSH you should upload a SSH-Key.
Scroll down to the Telnet Access section.
By default it is possible to connect to the TomatoUSB router via Telnet.
Telnet is unencrypted and should be disabled also click Stop Now.
Finally set a non standard username and password, to use when accessing your TomatoUSB router, and click Save.
In the Basic -> Network settings in the DNS section enter the IPredator public resolvers 220.127.116.11 and 18.104.22.168 as shown.
Additionally check the Use DNSCrypt-proxy box and select the ipredator entry from the dropdown menu to send all DNS requests encrypted to our DNSCrypt resolver.
In the Basic tab check the Start with WAN box.
Use pw.openvpn.ipredator.se as a remote address and for UDP traffic 1194 as a port.
Authorization Mode is TLS with your Username and Password.
Finally check Create NAT on tunnel and continue in the Advanced tab.
If you experience any problem after using this guide, please check our Problem Guide and the FAQ first.
An overview of the OpenVPN settings detailing technical aspects a bit more in depth and some tweaks is available here.
This guides configuration connects your client to our OpenVPN service via UDP. As outlined in the OpenVPN settings, connecting via TCP and/or to different ports is also supported.
TCP is needed if you have to go through a HTTP proxy to reach our servers or if your provider rate-limits UDP connections on port 1194.
If your problem is still not solved please visit the online chat or use the Help Wizard to contact the support.