Menu Close

Mullvad VPN on Asuswrt-Merlin for specific devices

This quick guide will show you how to enable Mullvad VPN on an ASUS router flashed with Asuswrt-Merlin for specific devices only, as well as bypass IPv6. You can modify this so that all your devices are protected by a VPN, but I only wanted to apply this to certain devices like smart TV’s.

Why disable IPv6? I do not currently use it on my network and it caused some issues with my Pi-hole setup, so for now I have disabled IPv6 support for this.

For this guide, you will need the following:


You should make sure that each device you want to route through the VPN tunnel has a static IP assigned/reserved.


While this guide does focus on Mullvad, the VPN I use, you could adapt it for just about any VPN provider.

Let’s get started.

1. Log into your Mullvad account and download the Android OpenVPN configuration file for whichever region you want to use for your VPN.

2. Log into your ASUS router and click on VPN in Advanced Settings:

2. Click on the VPN Client tab.

3. In the Client control section, click on Browse… to upload the .opvn file you downloaded earlier, then click on the Upload button.

4. Make the following adjustments in each section:

Client control

  • Automatic start at boot: Yes
  • Description: Mullvad (can be anything)

Network Settings

  • Accept DNS Configuration: Exclusive

Authentication Settings

  • Username: Enter your Mullvad username
  • Password: Enter m

Crypto Settings

  • Modify as shown in the following screenshot:

Advanced Settings

  • Force Internet traffic through tunnel: Policy Rules (Strict)
  • Block routed clients if tunnel goes down: Yes

Rules for routing client traffic through the tunnel (Max Limit : 100)

In this section, you will need to add each client that will be routed through the VPN tunnel. Enter each device as follows:

  • Description: A name for the device
  • Source IP: The IP address of the device
  • Destination:
  • Iface: VPN

Custom Configuration

In this section, your configuration should look like this:

The important values here are that pull-filter ignore "ifconfig-ipv6" and pull-filter ignore "route-ipv6" were added, and tun-ipv6 was removed. The reason for this is that I don’t use IPv6 on my network, and leaving it enabled had caused issues connecting. If you use IPv6, you may want to skip this part. 

5. Once you have made these changes, click on Apply.

6. On each device that is connected to the VPN, assign the following DNS values:


7. Finally, in the Client control section turn on the VPN, you should now have a successful connection.


That’s it. The devices you defined should now be connected over the VPN, leaving the rest of your network on the regualr WAN connection.

Posted in ASUS, Asuswrt-Merlin, Tech, VPN

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.