D200 VPN server and client configuration

Topic

This article describes the VPN server and client configuration for Datto D200 Routers.

Environment

  • Datto D200 Routers
  • Datto Network Manager

Description

You can create and configure a VPN server on a Datto router. Users can connect to the VPN from a public network, letting them send and receive data as if they were on the same private network as the router.

Procedure

This procedure installs and configures the OpenVPN client on Microsoft Windows Machines.

NOTE  You must use the actual OpenVPN client. OpenVPN Connect will not function properly.

Navigation

  1. In Datto Network Manager's Navigation menu, click Routers, then select VPN from the expanded options.
    mceclip0.png

  2. Choose the router you wish to configure.

  3. In the Router VPN Settings page, click VPN Server.
    mceclip3.png

  4. Select the Enable checkbox.
    mceclip4.png

  5. Enter the network address that will act as the network's default gateway.

  6. Enter the internal network's subnet mask. After you've entered a network address and subnet mask, a subnet range will display.

  7. Check the Enable Primary LAN Access box to allow connected users to communicate with other machines on the router's primary LAN.

  8. After configuring the VPN server, you must add the users that will connect to the server. In the Name field, enter the name the user will use to log into the VPN server through their VPN client.
    mceclip5.png

  9. Enter a certificate name. When a user configures a VPN server, this creates the digital certificate your VPN client uses to connect to your server. This digital certificate will use the name entered in this field.

  10. Click Add to add the user. Click Remove to remove an existing user.

  11. The Credentials field will populate, containing the username and a newly generated password. Download these user credentials and distribute them to each user.

VPN Client

Users connecting to the router's VPN server must configure a VPN client. The following example uses OpenVPN as the VPN client and Microsoft Windows for the user's operating system.

NOTE  Windows VPN client is not compatible with D200 VPN.

  1. 1. Download and install the OpenVPN client (external link).

  2. Extract the contents of the User Credentials file obtained in Adding VPN Users into either:

    • %systemdrive%\Users\%USERPROFILE%\OpenVPN\config (if VPN access should be available to only the current user profile)

    • %systemdrive%\Program Files\OpenVPN\config (if VPN access should be available to all users)

  3. The Datto D200 has split-tunneling enabled by default. If you would like to change it to a full tunnel, add redirect-gateway def1 to the config file above the certificate.

  4. Launch OpenVPN, and click Connect.

Additional Resources