Setting up a VPN
Hi there,
I have a house in South-Africa where I set up an Omada supperted wifi network with a switch and various access points, all controlled by an OC200 controller.
I know I can setup a VPN to connect with the controller and the network from outside.
My question is: is there an option to install a second OC200 (or other device that supports VPN) in The Netherlands (behind a modem/router located in The Netherlands) and setup a VPN from South Africa to The Netherlands and access the internet over this VPN? And that websites think I am actually located in The Netherlands.
I tried to make it visible through below diagramm.
If anyone knows if this works or has another solution combined with Omada equipment, please let me know.
Thanks for the help.
Richard
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
TallDutch wrote
Hi there,
I have a house in South-Africa where I set up an Omada supperted wifi network with a switch and various access points, all controlled by an OC200 controller.
I know I can setup a VPN to connect with the controller and the network from outside.
My question is: is there an option to install a second OC200 (or other device that supports VPN) in The Netherlands (behind a modem/router located in The Netherlands) and setup a VPN from South Africa to The Netherlands and access the internet over this VPN? And that websites think I am actually located in The Netherlands.
I tried to make it visible through below diagramm.
If anyone knows if this works or has another solution combined with Omada equipment, please let me know.
Thanks for the help.
Richard
Hi @TallDutch
Actually the VPN setting should be configured on your router/gateway, the controller OC200 is used to manage the Omada devices including Omada gateway/switch/EAP. The VPN setting is NOT applied for the OC200 itself.
According to your description, you can set up the router in south-Africa as the VPN client, and the router in the Netherlands as the VPN server. For details, you may consult with the router support. Or do you have Omada gateway? If yes, may I know the model and whether they have public IP address?
- Copy Link
- Report Inappropriate Content
Hi Hank,
Thanks for your reply. It's somewhat more clear now.
I have a router supplied by my internet provider. It is also the wifi access point in the living room, the rest of the house (bedrooms) is connected through the TP-link acces points, as described in the previous diagram.
Based on your reply I now am planning to make the following setup:
In red is the new hardware.
I do not need aything really fancy, I just want something reliable and easy to manage.
So I have to buy:
- 2 VPN routers/gateways (ER606), 1 setup as server (in The Netherlands), one setup as client (in South-Africa). Can these also only be used as gateways for the VPN, since the connection with the internet is arranged through the router of the internet provider.
- 1 extra acces point for the living room
By adding a new access point in the living room and switching off the wifi on the current router, the wifi network will run completely on the Omada hardware. The new router/gateway with client VPN will connect with the new router/gateway with server VPN (installed behind another router) and from there onto the internet.
is this a good setup?
And is it possible to setup 2 wifi networks? One which connects to the internet without VPN, one which uses the VPN tunnel?
Looking forward to your reply.
Best regards, Richard
- Copy Link
- Report Inappropriate Content
Hi @TallDutch
Currently if you want only certain LAN network will use VPN tunnel, you can have the L2TP VPN, and then configure the policy routing to define which LAN will use VPN tunnel.
Here are some configuration steps for your reference:
How to Set up PPTP & L2TP VPN Server with Omada Gateway in Controller Mode
How to set up PPTP & L2TP VPN client with Omada Gateway in controller mode
Please note that you need to do port forwarding for VPN on the front router and make sure the most front router has the public IP address.
Default VPN port: PPTP: TCP1723; L2TP: UDP1701, UDP500, UDP4500
- Copy Link
- Report Inappropriate Content
Hi Hank
I progressed a bit. I have managed to add the new router to the network. The modem of the internet provider is now only serving as a gateway (LAN IP 192.168.1.1).
The TP-link router has the following setting for the LAN.
How do I setup the second LAN that is dedicated to the VPN?
I still have to setup the VPN server, but I think I will be able to manage that.
Richard
- Copy Link
- Report Inappropriate Content
Hi @TallDutch
I will not suggest you set the LAN subnet of ER605 the same as your ISP router. Besides, for the ER605 in the Netherlands, it should be connected behind your ISP router.
Your topology in the Netherlands should: be ISP router---ER605----WiFi AP. When configure the ER605 as the VPN server, you need to configure the port forwarding on your ISP router for the WAN IP of ER605. Default VPN port of L2TP: UDP1701, UDP500, UDP4500. And please confirm the WAN IP on the ISP router is a public IP.
On the ER605 in the South Africa, you could try to create the policy routing so that only your expected devices (certain network or certain group) will through the VPN tunnel.
Here is an example for setting the policy routing: How to Configure the Policy Routing in Omada SDN Controller - Business Community (tp-link.com)
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 539
Replies: 5
Voters 0
No one has voted for it yet.