Routers: VPN server and client configuration

Topic

This article describes the VPN server and client configuration for Datto Routers.

Environment

  • Datto D200 Routers
  • Datto Network Manager

Description

You can create and configure a VPN server on a Datto router. Users can connect to the VPN from a public network, letting them send and receive data as if they were on the same private network as the router.

Procedure

This procedure installs and configures the OpenVPN client on Microsoft Windows Machines.

You must use the actual OpenVPN client. OpenVPN Connect will not function properly.

Navigation

1. In Datto Network Manager's Navigation menu, click Routers, then select VPN from the expanded options.

mceclip0.png
Figure 1: The Navigation menu

2. Choose the router you wish to configure.

3. In the Router VPN Settings page, click VPN Server.

mceclip3.png
Figure 2: VPN Server

Configuration

mceclip4.png
Figure 3: VPN server configuration

1. Select the Enable checkbox.

2. Enter the network address that will act as the network's default gateway.

3. Enter the internal network's subnet mask. After you've entered a network address and subnet mask, a subnet range will display.

4. Check the Enable Primary LAN Access box to allow connected users to communicate with other machines on the router's primary LAN.

Adding VPN Users

mceclip5.png
Figure 4: VPN Users

After configuring the VPN server, you must add the users that will connect to the server:

1. In the Name field, enter the name the user will use to log into the VPN server through their VPN client.

2. Enter a certificate name. When a user configures a VPN server, this creates the digital certificate your VPN client uses to connect to your server. This digital certificate will use the name entered in this field.

3. Click Add to add the user. Click Remove to remove an existing user.

4. The Credentials field will populate, containing the username and a newly generated password. Download these user credentials and distribute them to each user.

VPN Client

Windows VPN client is not compatible with D200 VPN.

Users connecting to the router's VPN server must configure a VPN client. The following example uses OpenVPN as the VPN client and Microsoft Windows for the user's operating system.

1. Download and install the OpenVPN client (external link).

2. Extract the contents of the User Credentials file obtained in Adding VPN Users into either:

  • %systemdrive%\Users\%USERPROFILE%\OpenVPN\config (if VPN access should be available to only the current user profile)
  • %systemdrive%\Program Files\OpenVPN\config (if VPN access should be available to all users)

3. Launch OpenVPN, and click Connect.

Split Tunneling

The Datto D200 has split-tunneling enabled by default. To use split tunneling, you will need a VPN client such as OpenVPN.

Additional Resources