[OPEN CALL 📣] Bring NymVPN to OpenWRT!

code-zm · February 20, 2026, 4:53pm

This is a known bug myself and a few others have experienced on certain hardware. Something with the crypto is failing in the bandwidth credential claiming process.

I get this same error on my GL.inet SFT1200. I’ll dive into it this weekend, need to add debug logging so we can get a more specific error than failed to claim ecash bandwidth with the gateway.

demiurg · February 22, 2026, 7:01pm

@code-zm thank you in advance, looking forward for your response

robertorsos · February 25, 2026, 6:26pm

Could you recommend a Router which is already tested for NYM openWRT and is powerful enough, not too hard to configure? Ideally 2-3 options. Thanks.

Laitinlok · February 25, 2026, 7:01pm

Please add an option to disable routing on the vpn interface so that I could use pbr to route certain domains to the nymvpn mixnet

code-zm · February 28, 2026, 12:15am

UPDATES:

Instead of relying on Wireguard kernel modules, I’m changing the backend to use Mullvad’s user space implementation, GotaTun.
Putting together a site for documentation, install process, recommended routers etc.
Bug fixes on the way

Thank you to everyone who has been testing it out!

code-zm · March 2, 2026, 2:57pm

Just ordered your make and model of gl.inet router (AX1800).

Also was wondering if you are running standard OpenWrt or the GL.inet version?

code-zm · March 3, 2026, 7:07pm

Made a new repo, stripped down to only what we need for OpenWrt:

alu2a · March 5, 2026, 10:55am

Hi,

I am trying to install nym-vpn_1.23.2_x86_64.ipk on the latest OpenWrt, but I encountered two problems:
I’m skipping the fact that we can’t install from webgui by televersing the package from a browser. We just have to wget the package from the router.

Package requires a key for installation
Running:
```
apk add --allow-untrusted ./nym-vpn_1.23.2_x86_64.ipk
```
gives an error about a signature, even with --allow-untrusted. It seems the package is signed in a way that the OpenWrt package manager cannot bypass.
V2 package format error
The same command outputs:
```
ERROR: ./nym-vpn_1.23.2_x86_64.ipk: v2 package format error
```
This suggests the .ipk is not fully compatible with the new apk OpenWrt package manager.

Suggestions / Requests:

Provide a signed .ipk package or instructions to generate a key so that installation works without errors.
Allow installation with --allow-untrusted to let users install custom packages.
Consider generating packages compatible with OpenWrt’s current manager.

Environment:

OpenWrt version: latest stable (x86/64 - OpenWrt 25.12.0 r32713-f919e7899d / LuCI openwrt-25.12 branch 26.063.06248~6e98b63)

Thank you.

PS: I just saw the new repo. It will still bring the same issues of the key, and the .ipk.
Also I don’t know if it’s normal, but there is no package on the release page of the new github page.

code-zm · March 5, 2026, 9:50pm

Thanks for the feedback!

Just added a step in the build workflow to package for apk.

Regarding the new repo, I’m still making changes and fixes until I put out a release. Check here again over the weekend, should have a new release up soon.

If you can’t wait, download the pkg-* file from the workflow run artifacts: Release musl binaries · dial0ut/nym-vpn-openwrt@73a2003 · GitHub

demiurg · March 6, 2026, 8:10pm

stock Gl.inet

code-zm · March 7, 2026, 2:48pm

Found the cause of the bug. Issue was ecash serialization on 32 bit platforms producing a different hash than what 64 bit platforms (gateways) expect.

Putting out a new release today.

Thanks for your patience!

code-zm · March 7, 2026, 2:55pm

I have it running on GL.inet AX1800. I’d recommend something with at least 256MB disk and 256MB RAM.

You can fit it onto weaker devices like GL.inet SFT1200 with some workarounds. Using zram and overlayfs works for me.

Will be purchasing more routers soon for testing. Also, once I get the website up and running I’ll put out an official minimum spec.

code-zm · March 9, 2026, 1:39pm

v1.25.0 Release

New release is ready! Release Nym VPN v1.25.0 · dial0ut/nym-vpn-openwrt · GitHub

Pure rust user space wireguard via Mullvad’s Gotatun
Ad blocking
Performance optimization
.apk files for newer OpenWrt versions

demiurg · March 17, 2026, 9:14am

cool, is new release compatible with glinet devices?

code-zm · March 17, 2026, 2:19pm

Yes! Please give it a try and let me know if you run into any issues. Fixed the bandwidth credential bug so your architecture should be good to go now.

code-zm · March 17, 2026, 2:33pm

Quick update on what’s coming next:

Split tunneling
Built in updates
Signed release binaries
Documentation website

Latest release:

code-zm · March 21, 2026, 3:29am

v1.26.0 Release

New release is ready! Release Nym VPN v1.26.0 · dial0ut/nym-vpn-openwrt · GitHub

Kill-switch toggle for PBR compatibility
Install script: curl -fsSL https://packages.dial0ut.org/install.sh | sh
Signed package feed at packages.dial0ut.org
Documentation site at docs.dial0ut.org
Built in updates via package managers opkg and apk

Laitinlok · March 21, 2026, 4:21pm

The GUI doesn’t have those updated features shown

code-zm · March 21, 2026, 6:41pm

Fixed, the release CI was referencing the old standalone LuCI frontend repo, which we migrated into the openwrt repo.

Remove the package and reinstall. Also, clear browser cache with ctrl + shift + r / cmd + shift + r.

opkg remove nym-vpn

rm -rf /tmp/luci-*

curl -fsSL https://packages.dial0ut.org/install.sh | sh

The latest changes look like this:

Laitinlok · March 22, 2026, 5:15am

Works fine now, thank you. Enabling Adblock would make the adguard home not work