diff --git a/payloads/switch3/config.ovpn b/payloads/switch3/config.ovpn
new file mode 100644
index 0000000..30360f9
--- /dev/null
+++ b/payloads/switch3/config.ovpn
@@ -0,0 +1 @@
+Replace with valid .ovpn config.
\ No newline at end of file
diff --git a/payloads/switch3/payload.sh b/payloads/switch3/payload.sh
index 25da1c3..913a92b 100755
--- a/payloads/switch3/payload.sh
+++ b/payloads/switch3/payload.sh
@@ -1,12 +1,52 @@
 #!/bin/bash
-# 
-# Title:	    Default Payload
-# Description:  Sets the NETMODE to NAT, then sets the LED to ATTACK
-# Author: 	    Hak5
-# Version:	    1.0
-# Category:     default
-# Target: 	    Any
-# Net Mode:	    NAT
+# OpenVPN payload
 
-NETMODE NAT
-LED ATTACK
+# Set to 1 to allow clients to use the VPN
+FOR_CLIENTS=0
+
+DNS_SERVER="8.8.8.8"
+
+# Cheap hack to set the DNS server
+function setdns() {
+	while true
+	do
+		[[ ! $(grep -q "$DNS_SERVER" /tmp/resolv.conf) ]] && {
+			echo -e "search lan\nnameserver $DNS_SERVER" > /tmp/resolv.conf
+		}
+		sleep 5
+	done
+}
+
+function start() {
+	LED SETUP
+
+	DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
+
+	# Set NETMODE to BRIDGE and wait 3 seconds
+	# to ensure that things can settle
+	
+	[[ "$FOR_CLIENTS" == "1" ]] && {
+		/usr/bin/NETMODE VPN
+	} || {
+		/usr/bin/NETMODE BRIDGE
+	}
+	sleep 3
+
+	# Make OpenVPN use the local configuration
+	uci set openvpn.vpn.config="${DIR}/config.ovpn"
+	uci commit
+
+	# Start the OpenVPN server in the background
+	/etc/init.d/openvpn start
+
+	# Start SSH Server
+	/etc/init.d/sshd start &
+
+	# Set DNS server
+	setdns &
+
+	LED ATTACK
+}
+
+# Start the payload
+start &