Please Rate this Document

How to configure OpenVPN on Omada Gateway via Omada Controller

Knowledgebase
FAQ
2024-10-29
21

Objective

Requirements

Introduction

Configuration

Configuration for OpenVPN Server

Configuration for OpenVPN Client

Verification

Conclusion

Objective

This article introduces how to configure the OpenVPN feature on Omada gateway via Omada Controller.

Requirements

  • Omada Gateway series
  • Omada Software Controller / Hardware Controller / Cloud Based Controller

Introduction

OpenVPN is open-source virtual private network (VPN) software that utilizes SSL/TLS protocols for encrypted communication. It provides secure remote access and site-to-site connections and is widely used to protect network communication and access control.

  • OpenVPN Server

Omada Gateway acts as an OpenVPN server that enables clients to securely access the intranet or the internet.

  • OpenVPN Client

Omada Gateway acts as an OpenVPN client that enables clients in a LAN network to securely access remote sites or the internet.

Configuration

Configuration for OpenVPN Server

The connection topology is as follows:

The VPN topology, including VPN Client/Server.

Step 1. Log in to the Controller via web browser, go to Settings > VPN, and click Create New VPN Policy. The position to create a new VPN policy on Controller.

Step 2. Give this server a name and click Client-to-Site VPN. Then click the VPN Type drop list and choose VPN Server-OpenVPN.

Configurations of VPN policy, including Name/Status/Purpose and so on. Here, you need to configure your purpose and VPN type.

Step 3. Click the Enable box of the Account Password and select the WAN to set the WAN port you want to use for OpenVPN server.

 Configurations of VPN policy, including Name/Status/Purpose and so on. Here, you need to configure your account and WAN.

Note: Full tunnel: All traffic of the VPN client will go through the VPN. Split tunnel: Only traffic to access the specified network will go through the VPN.

Step 4. Enter a private network in the IP Pool such as 10.10.10.0/24. If you want to specify a DNS server to clients, enter one or two DNS server in the Primary DNS Server and Secondary DNS Server such as 8.8.8.8 and 8.8.4.4. Then click Apply.

Configurations of VPN policy, including Name/Status/Purpose and so on. Here you need to configure your IP pool and DNS server.

Step 5. Create an OpenVPN user.

Go to VPN user and click Add. Here, we specify the Account Name as admin, the Password as 12345678, the Protocol as Open VPN, and the VPN Server as the Open VPN Server created in Steps 1-4, then click Create.

The position to create a new VPN User policy on Controller.

Note: If the Account Passward is disabled, please skip Step 5 and go to Step 6.

Step 6. Export the OpenVPN file.

Go to Settings > VPN > VPN Policy List and click export in the Action column to export the Open VPN file that ends in .ovpn, which is to be used by the remote client. The exported Open VPN file contains the certificate and configuration information.

The position to export OpenVPN file on Controller.

Step 7. Configure OpenVPN Connection on Your Remote Device.

Here we use the OpenVPN Connect APP on Windows as a demonstration. Import the .ovpn file from Step 6 into the app and fill in the account and password set in Step 3. Then click the CONNECT.

Configure OpenVPN Connection on your Remote Device.

Configuration for OpenVPN Client

Take the following topology as an example. We will configure Gateway A as an OpenVPN Client to connect to the OpenVPN Server (Gateway B).

The VPN topology, including VPN Client/Server.

Step 1. Export OpenVPN configuration file including username and password on Gateway B. You can refer to the Configuration for OpenVPN Server.

Step 2. Log in to the Controller via web browser, go to Settings > VPN, and click Create New VPN Policy.

The position to create a new VPN policy on Controller.

Step 3. Give this client a name and click Client-to-Site VPN. Then click the VPN Type drop list and choose VPN Client-OpenVPN.

Configurations of VPN policy, including Name/Status/Purpose and so on. Here, you need to configure your purpose and VPN type.

Step 4. Click the Certificate + Account Box and enter the Username and password. Then, fill in the Remote Server with the IP port of the OpenVPN server.

Configurations of VPN policy, including Name/Status/Purpose and so on. Here, you need to configure your mode/Username/Remote Server.

Step 5. Select the WAN to set the WAN port you want to use for the OpenVPN client. Then click import to upload the OpenVPN file that ends in .ovpn generated by the OpenVPN server. Finally, click Create.

Configurations of VPN policy, including Name/Status/Purpose and so on. Here, you need to configure your WAN and import your configuration.

Verification

Step 1. Go to Insights > VPN status > OpenVPN/PPTP/L2TP > Server to check if a tunnel has been established.

Check the OpenVPN Server profile on Controller.

Step 2. Go to Insights > VPN status > OpenVPN/PPTP/L2TP > Client to check if a tunnel has been established.

Check the OpenVPN Client profile on Controller.

Conclusion

You have now successfully configured OpenVPN on Omada Gateway.

Get to know more details of each function and configuration please go to Download Center to download the manual of your product.

Related Documents