diff --git a/README.md b/README.md
index f5fff6ba74030e5a1db31e612650c2424d252dfa..cc1bce825647b883451c90ad7a9382cc3f4bc7aa 100644
--- a/README.md
+++ b/README.md
@@ -40,6 +40,8 @@ Examples
   port = 8443
   username = foo
   password = bar
+  set-dns = 0
+  set-routes = 0
   # X509 certificate sha256 sum, trust only this one!
   trusted-cert = e46d4aff08ba6914e64daa85bc6112a422fa7ce16631bff0b592a28556f993db
   ```
diff --git a/doc/openfortivpn.1 b/doc/openfortivpn.1
index 26305a24486b9e7bb5facda5a72bb473b99440f3..4b78df8cf735461643ab068275dfc899fd9dd62c 100644
--- a/doc/openfortivpn.1
+++ b/doc/openfortivpn.1
@@ -104,3 +104,7 @@ password = bar
 trusted-cert = certificatedigest4daa8c5fe6c...
 .br
 trusted-cert = othercertificatedigest6631bf...
+.br
+set-dns = 1
+.br
+set-routes = 1
diff --git a/src/config.c b/src/config.c
index 11eb5f77d17173a3b9438c5d73b56b6d91ccac45..ff7977ff4fb08599d9f7fc122f7078738d805efa 100644
--- a/src/config.c
+++ b/src/config.c
@@ -18,6 +18,8 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <sys/stat.h>
+#include <string.h>
+#include <ctype.h>
 
 #include "config.h"
 #include "log.h"
@@ -47,6 +49,31 @@ int add_trusted_cert(struct vpn_config *cfg, const char *digest)
 	return 0;
 }
 
+/*
+ * Converts string to bool int
+ *
+ * @params[in] str  the string to read from
+ * @return          0 or 1 if successful, < 0 if unrecognized value
+ */
+static int strtob(const char* str)
+{
+	if (str[0] == '\0') {
+		return 0;
+	} else if (strcasecmp(str, "true") == 0) {
+		return 1;
+	} else if (strcasecmp(str, "false") == 0) {
+		return 0;
+	} else if (isdigit(str[0]) == 0) {
+		return -1;
+	}
+
+	long int i = strtol(str, NULL, 0);
+	if (i < 0 || i > 1) {
+		return -1;
+	}
+	return i;
+}
+
 /*
  * Reads filename contents and fill cfg with its values.
  *
@@ -143,6 +170,22 @@ int load_config(struct vpn_config *cfg, const char *filename)
 		} else if (strcmp(key, "password") == 0) {
 			strncpy(cfg->password, val, FIELD_SIZE - 1);
 			cfg->password[FIELD_SIZE] = '\0';
+		} else if (strcmp(key, "set-dns") == 0) {
+			int set_dns = strtob(val);
+			if (set_dns < 0) {
+				log_warn("Bad set-dns in config file: \"%s\".\n",
+				         val);
+				continue;
+			}
+			cfg->set_dns = set_dns;
+		} else if (strcmp(key, "set-routes") == 0) {
+			int set_routes = strtob(val);
+			if (set_routes < 0) {
+				log_warn("Bad set-routes in config file: \"%s\".\n",
+				         val);
+				continue;
+			}
+			cfg->set_routes = set_routes;
 		} else if (strcmp(key, "trusted-cert") == 0) {
 			if (strlen(val) != SHA256STRLEN - 1) {
 				log_warn("Bad certificate sha256 digest in "