Legacy Open Mesh: Configuring a G200 Site to Site VPN



This article will instruct you on how to connect two local networks behind two separate G200s via a Virtual Private Network(VPN).


  • At least two G200s in the same CloudTrax account, running 1.0.6+ firmware.
  • The WAN IP address of each G200 should be reachable from the internet.
  • Only one G200 will have their VPN server enabled.
  • Any G200 set as client router will have their server and G200 Site to Site settings disabled.
  • The G200s cannot have overlapping subnets on any LAN or VLAN.


  1. Decide which router will be your VPN server. This should be the network with the local resources your remote networks are trying to access.
  2. Navigate to the Router's VPN settings > VPN Server.
  3. Enable the VPN Server.
  4. Enable Primary LAN access.3.JPG
  5. Navigate to G200 Site To Site.
  6. Choose your client router to connect to the VPN (currently limited to 1).
  7. Click the green "Add" button and Save Changes.4.JPG
  8. Once the routers have applied the changes, the tunnel will be available and you will be able to ping across the routers.

Was this article helpful?

0 out of 0 found this helpful

You must sign in before voting on this article.

Want to talk about it? Have a feature request?

Head on over to our Datto Community Forum or the Datto Community Online.

For more Business Management resources, see the Datto RMM Online Help and the Autotask PSA Online Help .

Still have questions? Get live help.

Datto Homepage