Setting Up a DNA Client VPN Using OpenVPN

Follow

Scope

This article will guide you through setting up OpenVPN

Purpose

This feature allows a user to configure an SSL Client VPN connection using the same client VPN feature currently in place.

When enabled, the subnet is divided in two, allowing half of the subnet to use IPSec IKEv1 or IKEv2 client VPN connectivity, while allowing the other half of addresses to be configured for SSL (OpenVPN) client connectivity.

Requirements

  • DNA firmware v0.9.0.64 or higher
  • OpenVPN installed on the PC you will be using to connect to the DNA (Link for OpenVPN)

Process

 Configure Client VPN on the DNA

1. Log in to the DNA and click on the Security tab


Figure 1: Security tab

 2. From the options on the left side of the page, select Client VPN


Figure 2:
Configured Firewall Rules


3. Select the Yes radio button to enable both Enable Client VPN and Allow Connections Via OpenVP

4. The Internal Subnet and Subnet Mask will be the private IP addresses that get assigned to your devices when connected to the VPN

5. Select LANs you would like to allow VPN clients to have access to

6. Create a user and password

7. Select Save Changes


Figure 3:
Client VPN

Install and Configure OpenVPN

1. Download and install the Windows Installer (Link for OpenVPN)


Figure 4: OpenVPN Windows Installer

2. Download the VPN Gateway Certificate from the DNA via the Client VPN card and confirm the filename is certificate.pem

3. Move the downloaded VPN Gateway Certificate (certificate.pem) to ~\Program Files\OpenVPN\config


Figure 5: VPN Gateway Certificate Link

4. Obtain the Assigned Public Address (address assigned to the DNA WAN Port).  This can be found under Router Details on the Network Overview tab


Figure 6: Router Details on Network Overview tab

5. Create a new .txt file in ~\Program Files\OpenVPN\config and name it config.ovpn

6. Copy the following into the the file you just created:

Be sure to replace ASSIGNED PUBLIC ADDRESS with the Assigned Public Address to your DNA identified in the Step 4
#OpenVPN Config File

dev tun

proto udp

verb 3

ca certificate.pem

auth-user-pass

client

remote [ASSIGNED PUBLIC ADDRESS] 1194

--float

7. Open the OpenVPN client and connect

8. To log on to the network, use the email address from the username and password you created earlier on the Client VPN DNA card


Was this article helpful?

0 out of 0 found this helpful

You must sign in before voting on this article.

Want to talk about it? Head on over to our Community Forum!