Friday, 27 November 2015

How to set up Cloak VPN on your Asus RT or DD-WRT router using OpenVPN

Hey all!
I was quite surprised today at how little information there is out there on how to configure Cloak on non-apple devices, so I thought I'd do a little write-up to save everyone the hour or two it took me to gather all this information myself. For me, the reason I need Cloak on my router is so that I can watch American Netflix on my Chromecast (and future Apple TV hehe).

Cloak is a great VPN service that's geared towards Apple products, but its official support is limited to ONLY iOS and OSX devices, with no indication of future support of other systems (so if you want a VPN android or windows support have a look at services like ExpressVPN). on the OSX client it uses an OpenVPN profile with the following configuration (don't worry if this makes no sense):

/Applications/ --client --daemon cloak --writepid /var/run/ --log-append /var/log/cloak.log --dev tun --lport 0 --comp-lzo --ca /.../cloakca --remote-cert-tls server --ifconfig-noexec --route-noexec --server-poll-timeout 10 --auth-user-pass --auth-nocache --auth-retry interact --management /.../cloakmgt.unix --management-client --management-query-passwords --up-delay --up-restart --plugin /Applications/ --script-security 0 --verb 2 --setenv cloak_logging_uid UID --setenv cloak_plugin_server /.../cloak.pluginserver --remote ENDPOINT_1 443 tcp --remote ENDPOINT_1 443 udp --remote ENDPOINT_2 443 tcp --remote ENDPOINT_2 443 udp --remote ENDPOINT_3 443 tcp --remote ENDPOINT_3 443 udp --remote 443 tcp --remote 443 udp
And after some googling i found a gist written by davepeck (one of the guys from Cloak) that specified an OpenVPN config file for using with cloak here Awesome! But it didn't work for me :(

Nov 27 10:28:09 rc_service: waitting "start_vpnclient1" via udhcpc ...
Nov 27 10:28:10 openvpn[726]: Options error: You must define CA file (--ca) or CA path (--capath)
Nov 27 10:28:10 openvpn[726]: Use --help for more information.
So I did some playing around with the config file and eventually I got one working for me, here is where to download it  (I uncommented one line)

So here are the full instructions:

Get your router:

This is my Asus RT-AC67U. It's a fast, powerful router with a great UI (and I got it for free from work!)

Update your router firmware

Add a new VPN Client Profile
Upload the OpenVPN configuration settings provided in my gist here
Tick Import the CA file or edit the .ovpn file manually." and copy the CA from the file (including the start and finish lines) into the CA field

Click OK and Activate the VPN profile.

If everything went well, you should be exiting out of the closest exit node (in my case, Melbourne)

Now, here's where things get hacky...

Update the openVPN server in the config

If you want to exit through another country, you have to activate cloak on another device, and then resolve the domain to get the ip address of the exit node then replace the instances of with that IP. Yes, this seems like a pretty silly hack but it totally worked for me! I can't guarantee the stability of this but it's lasted me a few hours.

Now I have a portal to california, I'm free to browse the internet anonymously and American Netflix on my Chromecast!


  1. To take care of the demand, businesses are being set however without much accomplishment because of absence of experts. It requires specialized aptitudes and information setting systems. purchase vpn service

  2. You’ve got some interesting points in this article. I would have never considered any of these if I didn’t come across this. Thanks!. vpn review

  3. Gratitude for sharing this helpful post. I am sure it has helped many people. Anyways, I would also start using VPN. I need that for my online work so will buy a good one which is secure as well as fast. Finding expressvpn review as someone has suggested it to me.

  4. The value that you pay for the VPN benefit is subject to the transmission capacity that you settle on.VPN service

  5. When trying to look for a fast server for your VPN, you need to know the country in which the server is located. The distance between your country and the server's country matters a lot.Vpn for netflix

  6. Hello, I have browsed most of your posts. This post is probably where I got the most useful information for my research. Thanks for posting, maybe we can see more on this. Are you aware of any other websites on this subject. vpn services

  7. What does cloak VPN do? Is this any special kind of vpn? this vpn: and cloak vpn are same thing or different?

  8. The D-Link DIR-655 accompanies 3 high recurrence outer reception apparatuses which improve it equipped for giving signs and more extensive territory. It likewise has a Gigabit Ethernet WAN port, LAN ports and USB ports. It has double firewalls for included security.Top 10 best asus router

  9. The writer, through this blog, has earned respect from many for all the right reasons.
    VPN application

  10. This comment has been removed by the author.

  11. Worker self-administration is maybe one utility of IT, which has assuaged HR of the vast majority of everyday assignments and helped it to improve representative fulfillment. gizlilikveguvenlik

  12. Prior every one of these standards and data were in the authority of HR. Each client worker was required to connect with HR and complete it. gizlilikveguvenlik

  13. Getting the top VPN company for you is always going to be something you need to think about carefully because this is something that will be needed for you if you are using the internet every day. Click here to buy vpn with monero