Using Windows VPN with DNA



This article discusses how to work with Windows VPN with Datto's DNA using the Shrewsoft client.


  • You must have the Shrewsoft client installed to use Windows VPN with the DNA. Access the downloads here:
    Note: for Windows 10, use version 2.2.2-release
    For all installs, use the Standard version.

  • The DNA must be the edge router and not behind another router. Using Windows VPN may not work if the DNA is behind another router.

Getting Started

To configure Windows VPN:

  1. Launch the ShrewSoft application. It may appear as "VPN Access Manager."
  2. Click the Add button.
  3. Choose the General Tab and enter the following information
    1. Configure the IP with the IP that shows on your DNA interface.
    2. Set Port to 500 if it isn't already.
    3. From the Auto Configuration drop-down menu, select "ike config pull."
    4. From the Adapter Mode drop-down menu, select "Use virtual adapter and assigned address."
  4. Choose the Access Manager’s Authentication Tab and then choose the Credentials subtab.
    1. From the Authentication Method drop down menu, select "Mutual PSK + XAuth."
    2. In the Pre Shared Key field, enter the Shared Key that you set up when setting up a client VPN on the DNA. Access the Shared Key from the DNA’s Security tab in the Client VPN section.
  5. Choose the VPN Site Configuration’s Phase 1 tab.
    1. Set the Exchange type to "Main." 
    2. Set DH Exchange to "group 2."
  6. Lastly, choose the Policy tab.
    1. Set the Policy Generation Level to “Unique.”
    2. Deselect the Obtain Topology Automatically or Tunnel All checkbox.
    3. Click the Add button to add network information about the LAN that you are connecting to.

Was this article helpful?

0 out of 0 found this helpful

You must sign in before voting on this article.

Want to talk about it? Head on over to our Community Forum!