How to Configure TP-Link Omada Gateway as OpenVPN Server on Controller Mode

Knowledgebase
Configuration Guide
04-14-2023
10995

Application scenario

Taking an example for ER7206 to explain how to establish an Open VPN server on Omada Gateway on controller mode. The connection topology is as follows:

To set up the Omada gateway as OpenVPN server, please follow the steps below.

Note: If the gateway is behind a NAT device, to establish a VPN tunnel successfully, make sure that TCP/UDP port 1194 (for Open VPN in default) is open on the NAT device in front of the Omada gateway.

Configuration

Step 1. Create a new VPN policy

Go to Settings-VPN and click add to Create a New VPN Policy.

Name: test

Status: Enabled

Purpose: Client-to-site VPN

VPN type: VPN Server-OpenVPN

Account password: Enabled

Tunnel mode: Split

Protocol: TUP/UDP

Service port: 1194

Authentication mode: Local

Local network type: Network

IP pool: 192.168.1.1/24

Primary DNS: 8.8.8.8

Secondary DNS: 8.8.4.4

Note:

1. Currently, only ER7206 with firmware 1.2.3 Build 20221104 or above, and ER605 V2 with firmware 2.1.1 Build 20230115 or above support AccountPWD feature. Other models will support in subsequent updates.

2. Full tunnel: all traffic of the VPN client will go through the VPN. Split tunnel: only the traffic to access the specified network will go through the VPN.

Step 2. Create an open VPN user

If the router doesn’t support account and password or it is disabled, please skip Step 2 and go to Step 3.

Go to VPN user and click Add. Here we specify Account Name as admin, Password as 12345678, select Protocol as Open VPN, VPN Server as Open VPN Server created in Step 1, then click Apply.

Step 3. Export the open VPN file

Go to VPN Policy List and click in the Action column to export the Open VPN file that ends in. ovpn which is to be used by the remote client. The exported Open VPN file contains the certificate and configuration information.

Now, we have finished the configuration of the Open VPN Server on Omada Gateway on controller mode and you can connect it with your remote client.

Step 4. Configure OpenVPN Connection on Your Remote Device

1. Visit http://openvpn.net/index.php/download/community-downloads.html to download the OpenVPN software, and install it on your device where you want to run the OpenVPN client utility.

2. After the installation, copy the file exported from your router to the OpenVPN client utility’s “config” folder (for example, C:\Program Files\OpenVPN\config on Windows). The path depends on where the OpenVPN client utility is installed.

3. Run the OpenVPN client utility and connect it to OpenVPN Server.

Step 5. Verify the VPN connection

Go to Insight-VPN status-OpenVPN/PPTP/L2TP to check if there’s a tunnel established.

Please Rate this Document

Related Documents