Import Routes on Keenetic from .bat File

Keenetic can upload a file in Windows route ADD format and apply all routes to a selected interface automatically. NetRoute Pro generates exactly that file — you just download and upload.

Prerequisites

Keenetic router with a configured VPN tunnel (WireGuard, OpenVPN, IKEv2, OpenConnect, etc.)
NetRoute Pro Chrome extension installed
Access to the router's web UI (usually http://my.keenetic.net)

Step 1. Generate a .bat file in NetRoute Pro

Open the target website in Chrome
Click the NetRoute Pro icon in your extensions
Select the Windows platform — that's the format Keenetic accepts
Gateway can be any value (e.g. 0.0.0.0) — Keenetic ignores it when you bind to an interface on upload
Choose aggregation mask (recommended /24)
Click Analyze Website
Download the result as a .bat file

Tip: enable RIPE BGP optimization in the extension — it replaces individual IPs with real announced BGP prefixes. This gives stable routes that don't break when Cloudflare/Fastly rotate IPs.

Step 2. Open the Routing section in Keenetic

Open http://my.keenetic.net or the router's IP
Sign in as administrator
Go to Management → Routing
Select the IPv4 routes tab

Step 3. Upload the file with VPN interface binding

Click the Upload button
Select the downloaded .bat file
In the Interface dropdown, select your VPN tunnel
- The interface name depends on your setup and VPN provider — it's different for each user
- If unsure — check which interface your VPN uses in the Internet section
Confirm the upload

Done — all routes from the file are added and bound to the selected VPN interface. Keenetic ignores the gateway values from the .bat file; traffic flows through the chosen interface.

Why this is convenient: no manual entry, no SSH needed — file upload works even on basic Keenetic firmware. 100+ routes apply in under a second.

Alternative for WireGuard: AllowedIPs

If you're using WireGuard, you can skip static routes entirely and set subnets directly in the peer's AllowedIPs:

In NetRoute Pro, select the WireGuard platform
Copy the AllowedIPs line
In Keenetic: Internet → WireGuard → peer settings → paste into Allowed IPs
Save

Verify

After import, check that routes applied: they appear in Routing → IPv4 routes list bound to your VPN interface.

Verify traffic goes through the VPN — from a LAN client:

tracert example.com     # Windows
traceroute example.com  # Linux/macOS

First hops should go through your VPN gateway IP.

Common issues

Website IP changed — route stopped working

CDNs like Cloudflare and Fastly rotate IPs periodically. Regenerate the .bat in NetRoute Pro with RIPE BGP optimization enabled — it substitutes announced BGP prefixes that cover all provider IPs.

Too many routes

Keenetic handles hundreds of static routes without issues. If you need more — use the WireGuard AllowedIPs approach.

Route added but traffic doesn't go through VPN

Check that the VPN interface is up (in the Internet section)
Verify NAT/masquerade is enabled on the VPN interface
Check firewall rules — nothing should block the traffic

For advanced users: CLI

To automate or manage routes programmatically, connect via SSH/Telnet and use ip route commands in config mode. But for most cases, .bat upload is enough.

References

Ready to try?

NetRoute Pro — a free Chrome extension to generate routes from any website.

Install Extension