Install and connect OpenVPN in OpenWrt

1. Installing OpenVPN client in OpenWrt
2. Importing configs to OpenVPN client in OpenWrt
3. Setting OpenVPN routing in OpenWrt
This article is based on OpenWrt 22.03.2. Check the availability of OpenVPN packages for the older versions of OpenWrt on the official site.
All actions described below have to execute in the web interface of OpenWrt only.
OpenWrt device has to have internet access.

1. Installing OpenVPN client

Go to the menu System -> Software and click Update lists... to update the lists of available packets. Enter openvpn in the filter field and select to install openvpn-mbedtls and luci-app-openvpn.
The original article from the official site of OpenWrt recommends to install openvpn-openssl, but the packet can use RSA configurations only. The packet openvpn-mbedtls from this article makes available to connect both RSA configs and configs based on elliptic curve cryptography (ECC).
Update OpenWrt web page after the successfully installation, the item VPN has to appear in the main menu.

2. Importing configs to OpenVPN client

First of all download the config files of OpenVPN. Follow the link and select necessary files from the directories single or double.
It is possible download all OpenVPN configs in one zip, you can also download zip of the single chains only (SingleVPN) or zip of the double chains only (DoubleVPN). Don't forget to unzip it.
Go to menu VPN -> OpenVPN to import the configs. Enter name of VPN chain and choose the config file to upload in the form OVPN configuration file upload at the bottom of the page.
Edit the config after the successfully import. Click Edit in the config line and the new form that has 2 text areas will appear. The first text field consists of OpenVPN client settings of a chain, the second field is empty. Enter the username and password in the second text area: username on the first line and password on the second line. The next step is back to the first text field. Find the line auth-user-pass and add full path (it is shown between the text areas) of a file with the credentials to this line. Don't forget push Save after it.
The username and password are the same as the username and password of the DeepWebVPN Cabinet.
For example: if the name of VPN chain is DoubleECC_PL1_RU1 then the credentials file full path will be /etc/openvpn/DoubleECC_PL1_RU1.auth and the option line auth-user-pass will be like in the below.
auth-user-pass /etc/openvpn/DoubleECC_PL1_RU1.auth
Go back to menu VPN -> OpenVPN and check Enabled in the added config line, click Save & Apply to finish the import.

3. Setting OpenVPN routing

OpenWrt will try connect OpenVPN automatically after the completed previous step. However it is necessary to set the routing to share VPN to connected to OpenWrt devices. Go to Network -> Firewall for this. Choose wan (usually wan => REJECT) in the Zones area and click Edit. Go to the Advanced Settings in the appeared window and select Ethernet Adapter: "tun0" in the Covered devices, finish the setting by pressing Save.
Go back to menu Network -> Firewall and click here Save & Apply too.