This article describes how to configure a VPN server and client for a Datto router.
- Datto Routers
You can create and configure a VPN server on a Datto router. Users can connect to the VPN from a public network, letting them send and receive data as if they were on the same private network as the Datto router.
1. Navigate to a device web session for your router.
2. Click the Manage drop-down, then click Routers.
3. Choose the router you wish to configure.
4. Click VPN.
5. In the Router VPN Settings page, click VPN Server.
To configure the VPN server, follow these steps:
1. Select the Enable checkbox.
2. Enter the network address that will act as the default gateway of the network.
3. Enter the internal network's subnet mask.
After you've entered a network address and subnet mask, a subnet range will display.
4. Check the Enable Primary LAN Access box to allow connected users to communicate with other machines on the router's primary LAN.
Adding VPN Users
After configuring the VPN server, you will need to add the users that will connect to the server. To add users, refer to Figure 4, and follow the steps below:
After configuring the VPN server, you will need to add the users that will connect to the server. To add users, refer to Figure 4 and follow the steps described below:
1. Enter the user's name (step A). They will use this name when logging into the VPN server through their VPN client.
2. Enter a certificate name (Step B). When a user configures a VPN server, this creates a digital certificate that the VPN client will use to connect to your server. This digital certificate will use the name entered in this field.
3. Click Add (Step C) to add the user. Click Remove to remove an existing user.
4. The Credentials field will populate, containing the name entered in step 1 and a newly generated password. Download the user credentials (Step D) and distribute them to each user.
Users connecting to the router's VPN server must configure a VPN client. The following example uses OpenVPN as the VPN client and Microsoft Windows for the user's operating system.
1. Download and install the OpenVPN client (external link).
2. Extract the contents of the User Credentials file obtained in Adding VPN Users into either %systemdrive%\Users\%USERPROFILE%\OpenVPN\config (if VPN access should be available to only the current user profile), or to %systemdrive%\Program Files\OpenVPN\config (if VPN access should be available to all users).
3. Launch OpenVPN, and click Connect.
The D200 has split-tunneling enabled by default. To use split tunneling, you will need a VPN client such as OpenVPN.
- OpenVPN Client (external link)