Routers: VPN server and client configuration
Topic
This article describes the VPN server and client configuration for Datto Routers.
Environment
- Datto D200 Routers
- Datto Network Manager
Description
You can create and configure a VPN server on a Datto router. Users can connect to the VPN from a public network, letting them send and receive data as if they were on the same private network as the router.
Procedure
This procedure installs and configures the OpenVPN client on Microsoft Windows Machines.
You must use the actual OpenVPN client. OpenVPN Connect will not function properly.
Navigation
1. In Datto Network Manager's Navigation menu, click Routers, then select VPN from the expanded options.
2. Choose the router you wish to configure.
3. In the Router VPN Settings page, click VPN Server.
Configuration
Figure 3: VPN server configuration
1. Select the Enable checkbox.
2. Enter the network address that will act as the network's default gateway.
3. Enter the internal network's subnet mask. After you've entered a network address and subnet mask, a subnet range will display.
4. Check the Enable Primary LAN Access box to allow connected users to communicate with other machines on the router's primary LAN.
Adding VPN Users
After configuring the VPN server, you must add the users that will connect to the server:
1. In the Name field, enter the name the user will use to log into the VPN server through their VPN client.
2. Enter a certificate name. When a user configures a VPN server, this creates the digital certificate your VPN client uses to connect to your server. This digital certificate will use the name entered in this field.
3. Click Add to add the user. Click Remove to remove an existing user.
4. The Credentials field will populate, containing the username and a newly generated password. Download these user credentials and distribute them to each user.
VPN Client
Windows VPN client is not compatible with D200 VPN.
Users connecting to the router's VPN server must configure a VPN client. The following example uses OpenVPN as the VPN client and Microsoft Windows for the user's operating system.
1. Download and install the OpenVPN client (external link).
2. Extract the contents of the User Credentials file obtained in Adding VPN Users into either:
- %systemdrive%\Users\%USERPROFILE%\OpenVPN\config (if VPN access should be available to only the current user profile)
- %systemdrive%\Program Files\OpenVPN\config (if VPN access should be available to all users)
3. Launch OpenVPN, and click Connect.
Split Tunneling
The Datto D200 has split-tunneling enabled by default. To use split tunneling, you will need a VPN client such as OpenVPN.