Set up a VPN server on Router Tomato - Part 2
Network Administration - In the previous part of this series, we upgraded the wireless router with TomatoVPN software and started preparing to use its VPN server. This is a very economical and secure way for remote users to access your network or connect multiple offices together. In this section, we will learn how to configure the VPN server and client, then test the whole process.
Configure the VPN server
Now you have everything you need to configure the VPN server on TomatoVPN Router. Connect to the router and open the web console. Then click VPN Tunneling> Server (see Figure 1). Here are the example settings:
• Start with WAN: Checked
• Interface Type: TAP
• Protocol: UDP
• Port: 1194
• Firewall: Automatic
• Authorization Mode: TLS
• Extra HMAC authorization: Disabled
Figure 1: Configuring the VPN server
With Client Address Pool, uncheck this item and ensure that the IP address range is in the same subnet as the Router. For example, if you change the Router's IP address to 192.168.50.1, then set your IP address range to 192.168.50 to 192.168.50.55. Then your system can support 6 VPN clients at the same time. You can completely increase this range if there are more clients than this number. Here should not be confused with the predefined range for local users, for example 192.168.50.100 to 192.168.50.149.
Click Save to save the changes.
Next, click the Advanced tab. For the Compression section, select Disabled . If you want all the Internet traffic of clients to go through VPN, such as to protect traffic on public networks, check Direct clients to redirect Internet traffic. To allow VPN clients to access each other's resources, check Manage Client-Specific Options and Allow ClientClient. Otherwise, VPN clients will be able to access the shared resources of computers directly connected to the TomatoVPN Router's internal network server configuration. After doing this, click Save to save the changes.
Figure 2: Advanced tab
Now click the Keys tab (see Figure 3) and fill in the fields by copying the contents of the files you created in the easy-rsakeys folder:
• Certificate Authority - ca.crt
• Server Certificate - server.crt
• Server Key - server.key
• Diffie Hellman parameters - dh1024.pem
Figure 3: Tab Keys
Open these files in Notepad to view and copy content. Some files you can right-click, select Open With, Notepad.
For server certificates, do not integrate the first part of the file. Similar to other files, start with ----- BEGIN CERTIFICATE ----- and end ----- END CERTIFICATE -----.
Once done, click Save .
Launch the VPN server
Now you're ready to run the VPN server. On any server tab, click the Start Now button . If successful, this button will change to Stop Now and you will see the General Statistics section on the Status tab.
Configure the client on computers
At this point you can configure the clients you want to connect to the VPN server. Start by downloading and installing OpenVPN on each computer. Next, open Notepad and paste it into the code below:
remote XXX.XXX.XXX.XXX 1194
client
dev tun0
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
float
ca.crt
client1.crt cert
client1.key key
ns-cert-type server
Replace the remote address at the beginning with your Internet or WAN IP address. Alternatively, you can use a hostname, for example, from a dynamic DNS service, if your Internet connection doesn't have a static IP. Also make sure that the client certificate's filename and key are correct.
Save the Notepad file with the extension .ovpn to the following address: C: Program FilesOpenVPNconfig.
Copy the CA certificate (ca.crt) and certificate and client key (client1.crt & client1.key) from the computer you created the PKI above to the same location (C: Program FilesOpenVPNconfig) on the client.
The client settings are set up so you can connect now. Click Start> All Programs> OpenVPN> OpenVPN GUI. Then right-click the icon in the system tray and click Connect.
Configure the client on additional TomatoVPN routers
If you want to connect to the VPN server as a whole, you can set up additional TomatoVPN routers at other locations. You can use the VPN client on the Router so that all users on the remote network can access it.
Connect to the router and open the web console. Then click VPN Tunneling> Client. On the Basic tab (see Figure 4), make sure you want to enable Start with WAN so that the VPN client can automatically start when the Router starts. Enter the WAN address or the TomatoVPN Internet IP address hosting the VPN server for the Server Address section. Another way you can use it is to use hostname, in case of using dynamic DNS service when there is no static IP address. Other settings can be defaulted. Then click Save to save the changes.
Click Advanced , for the Compression section, select Disabled . Then click Save .
Next, click the Keys tab and fill in the fields by copying the contents of the files you created in the easy-rsakeys folder :
• Certificate Authority - ca.crt
• Client Certificate - ie client1.crt
• Client Key - ie client1.key
For the client certificate section, do not insert the first part of the file. Similar to other components, start with ----- BEGIN CERTIFICATE - and end with ----- END CERTIFICATE -----.
Figure 4: Basic tab
Once done, click Save. Next to connect, click Start Now. If successful, this button will change to Stop Now and you will see general statistics on the Status tab.
Last check
Once connected, you can access network resources as well as shares on the local network of the TomatoVPN Router hosting the server.
If you want to test your installation without leaving your location, connect to the TomatoVPN Router hosting the WAN / Internet VPN server to an Ethernet port on another Router. To test connecting a client on a computer, connect to another router and configure the VPN client with Router TomatoVPN's WAN IP address. This will simulate a connection from the Internet. Once done, want to use it via the Internet, get Router TomatoVPN and connect it directly to the Internet modem.
You should read it
- 5 tips to help make optimal use of Tomato on the Router
- Install Windows Server 2003 and create a backup server
- How to configure NTP Server and NTP Client in Windows Server 2019
- HOW TO INSTALL ISA SERVER ENTERPRISE 2000 - Part III
- Set up your own VPN server at home with 4 simple ways
- How to Enable Cross Origin Resource Sharing (CORS) for Sharing Resource Using Apache Servers, PHP and Jquery
- Configure SSH Server and SSH Client on Windows Server 2019
- How to install DNS Server on Windows Server 2019
May be interested
- Set up your own VPN server at home with 4 simple waysvirtual private networks (vpns) are very useful when traveling or using public wi-fi networks in cafes. but you don't have to pay for a vpn service, instead you can host your own vpn server at home.
- How to Connect a USB Printer to a Networktoday's tipsmake will show you how to connect a usb printer to the network via a router or print server. if the router has a usb port, it can be connected directly to the printer. you will need to configure the router to act as the printer server. if the router does not have a usb port or does not support a printer, we can buy an external print server and connect to the router via wire or wi-fi.
- Configure Windows Server 2008 to remotely access SSL VPN Server (Part 2)in the first part, we talked about some of microsoft's previous vpn and vpn protocols. to continue what we have seen in part one, we will give you a description of the network example that will be used in configuring the vpn gateway to be able to
- Using Windows Server 2008 system like Router NATin this article we will install a test network using a dsl router to connect to the internet.
- Network basics: Part 3 - DNS Servera dns server is a server that contains a database of public ip addresses and hostnames associated with them. in most cases, the dns server is used to resolve or translate those common names into ip addresses as required.
- Microsoft Windows Power Shell and SQL Server 2005 SMO - Part 4part i and part ii of this series showed simple power shell settings, smo and wmi cmdlets. part iii instructs writing powershell and connecting to sql server. part 4 will show you how to use powershell code to iterate file content and connect to other servers.
- How to use Windows Server 2012 as a routerwindows also has many network services. let's see how to use windows server 2012 as a router by installing remote access for it!
- Network basics: Part 2: Understanding the Routerrouters are an important networking device that almost every home owns but they really don't know much about them. in fact, most people don't even know what the router looks like, it's different from the modem.
- Building a wireless network with a broadband router - Part 2: Configuring the router and computers on the networkthe best way to set up a private network is to use a broadband router. this device will connect all computers in your network and also automatically share your broadband internet connection. in part 1 of this series, we have n & e
- Tomato fruit and 11 surprisingly interesting facts that not everyone knowstomato plants were first planted by the aztecs and incas in the andes mountains around 700 ad.