Legacy Open Mesh: Configuring Router User VPN

Topic

This article explains configuring VPN settings for remote users.

Environment

CloudTrax

Description

This section of the router configuration allows you to configure the IP addressing and user login credentials used to allow remote users to remotely establish a VPN tunnel connection to the router.

RouterVPN.PNGFigure 1: Router user configuration settings

VPN Server

This checkbox will globally enable/disable all VPN tunnel connectivity on the router.

Internal Subnet

This section allows you to set the network subnet used to address the VPN tunnel connections. Note that this does need to be a unique IP subnet on the router and cannot overlap with any other IP subnets configured on other router interfaces.

Allow Access To LANs

This toggle will enable/disable connectivity between the remote VPN user and the LAN/VLAN networks available behind the router. If this is not enabled, then a VPN connected user will not be able to access any onsite resources.

VPN Users

Here you configure each VPN user that you want to be able to remotely dial in. Simply fill in the "Name", "Certificate Name", and click the green "Add" button. Once a user is added, Cloudtrax will auto-generate a set of user login credentials for them once you click the "Save Router Settings" at the top of the page. Once done, you can click on the blue link on the user account line to "Download user credentials", providing you will all the files you need to allow the user to establish the VPN connection.

VPN Client configuration

Once the router VPN configuration is completed and you have downloaded the user credentials generated there, the last step is to setup the VPN client software for the end user. The router VPN is a standard OpenVPN based system so most OpenVPN client software should be compatible.

To use the standard OpenVPN client (available at the link below) here are a few quick steps to get started:

https://openvpn.net/index.php/open-source/downloads.html

1. Download and install a OpenVPN client for your operating system.

2. Extract the contents of the "user credentials" file you downloaded into either "C:\Users\%USERPROFILE%\OpenVPN\config" (if VPN should be available to only the current user profile) or to "C:\Program Files\OpenVPN\config" (if VPN should be available to all users).

3. Start the VPN software (e.g. "OpenVPN GUI") or bring it up from the system tray to start the VPN tunnel.