Deco Mesh Wi-Fi Systems offer several ways to set up VPN connections. In this article, we will cover the various methods and options available, and how to set them up.
VPN Serveris a function that allows remote devices to access your home network via a secure tunnel through the internet. Deco Mesh Systems support three types of VPN Server:
- OpenVPNis somewhat complex, but with greater security and more stability, suitable for restricted environments such as campus networks or company intranet.
- PPTP VPNis easy to use with the built-in VPN software commonly found on computers and mobile devices, however it is less secure and may even be blocked by some ISPs.
- L2TP/IPSec VPNis more secure, but slower than PPTP VPN, and in some cases may run into trouble getting around firewalls.
VPN Clientis a function that allows all devices in your home network to access remote VPN servers, without the need to install VPN software on each device.
Using OpenVPN to Access Your Home Network
OpenVPN Server is used to create an OpenVPN connection for remote devices to access your home network through a secure tunnel.
To use this VPN feature, you will need to enable OpenVPN Server on your Deco Mesh System, and install and run VPN client software on remote devices. Please follow the steps below to set up an OpenVPN connection.
1. Launch the Deco app. Go toMORE>Advanced>VPN Server, and tapAdd VPN Server.
2. SelectOpenVPN, enter the necessary information and save the settings.
- Description:Enter a name for this VPN connection.
- Service Type:Select the service type (communication protocol) for this OpenVPN connection (UDP/TCP).
- VPN Port:Enter a VPN service port to which a VPN device will connect. The port number should be between 1024 and 65535.
- VPN Subnet/Netmask:Enter the range of IP addresses that can be leased to the devices by the OpenVPN server.
- Client Access:Select your client access type. SelectHome Network Onlyif you only want the remote device to access your home network. SelectInternet and Home Networkif you also want the remote device to access internet through the VPN server.
3. Tap the VPN you have saved and tapExport Config Fileto save the OpenVPN configuration file. This file will be used by the remote device to access your router and establish the VPN Tunnel.
4. Next, you will need to configure the OpenVPN connection on your remote device(s).
(1) Visithttps://openvpn.net/community-downloads/to download the OpenVPN software and install it on the device on which you want to run the OpenVPN client utility.
Note: You will need to install the OpenVPN client utility on each device you plan to use the VPN function for. On mobile devices, such as smartphones or tablets, you will need to download a third-party VPN app from the Google Play or Apple App Store.
(2) After installation, copy the file exported from your router to the OpenVPN client utility’s “config” folder (for example,C:\Program Files\OpenVPN\configon Windows). The file path depends on where the OpenVPN client utility is installed.
(3) Run the OpenVPN client utility and connect it to OpenVPN Server.
Using PPTP VPN to Access Your Home Network
PPTP VPN is used to create a PPTP VPN connection for remote devices to access your home network through a secure tunnel.
To use this VPN feature, you will need to enable PPTP VPN Server on your Deco Mesh System and configure the PPTP VPN connection on remote devices.
Please follow the steps below to set up a PPTP VPN connection.
1. Launch the Deco app. Go toMORE>Advanced>VPN Server, and tapAdd VPN Server.
2. SelectPPTP, enter the necessary information and save the settings.
- Description:Enter a name for this VPN connection.
- Client IP Address:Enter the range of IP addresses (up to 10) that can be leased to the devices by the PPTP VPN server.
- Allow NetBIOS passthrough:You can enable this option to allow your VPN device to access your Samba server using NetBIOS name.
- Allow unencrypted connections:You can enable this feature to allow unencrypted connections to your VPN server.
- Account List:Add the PPTP VPN connection account (username and password) for the remote device. You can create up to 16 accounts.
3. Next, you will need to configure PPTP VPN on your remote device(s). The remote device can use the Windows built-in PPTP software, or third-party PPTP software, to connect to PPTP Server. In this example we use theWindows built-in PPTP software.
(1) Go toStart>Control Panel>Network and Internet>Network and Sharing Center.
(2) SelectSet up a new connection or network.
(3) SelectConnect to a workplaceand clickNext.
(4) SelectUse my Internet connection (VPN).
(5) Enter the internet IP address of the router in theInternet addressfield. ClickNext.
(6) Enter theUsernameandPasswordyou assigned to the PPTP VPN server on your router, and clickConnect.
(7) ClickConnect Nowwhen the VPN connection is ready to use.
Use L2TP/IPSec VPN to Access Your Home Network
L2TP/IPSec VPN Server is used to create an L2TP/IPSec VPN connection for remote devices to access your home network through a secure tunnel.
To use this VPN feature, you will need to enable L2TP/IPSec VPN Server on your Deco Mesh System and configure the L2TP/IPSec VPN connection on remote devices.
Please follow the steps below to set up the L2TP/IPSec VPN connection.
1. Launch the Deco app. Go toMORE>Advanced>VPN Server, and tapAdd VPN Server.
2. SelectL2TP/IPSec, enter the necessary information and save the settings.
- Description:Enter a name for this VPN.
- Client IP Address:Enter the range of IP addresses (up to 10) that can be leased to the devices by the L2TP/IPSec VPN server.
- IPSec Encryption/ IPSec Pre-Shared Key:Keep IPSec Encryption asEncryptedand create an IPSec Pre-Shared Key.
- Account List:Add the L2TP/IPSec VPN connection account (username and password) for the remote device. You can create up to 16 accounts.
3. Now you need to configure L2TP/IPSec on your remote device. The remote device can use the Windows or Mac OS built-in L2TP/IPSec software or a third-party L2TP/IPSec software to connect to L2TP/IPSec Server. In this example, we use theWindows built-in L2TP/IPSec software.
(1) Go toStart>Control Panel>Network and Internet>Network and Sharing Center.
(2) SelectSet up a new connection or network.
(3) SelectConnect to a workplaceand clickNext.
(4) SelectUse my Internet connection (VPN).
(5) Enter the internet IP address of the router in theInternet addressfield. SelectDon’t connect now; just set it up so I can connect later. Then clickNext.
(6) Enter theUsernameandPasswordyou have set for the L2TP/IPSec VPN server on your Deco, and clickConnect.
(7) ClickClosewhen the VPN connection is ready to use.
(8) Go to Network and Sharing Center and clickChange Adapter Settings.
(9) Find the VPN connection you created, then double-click it.
(10) Enter theUsernameandPasswordyou have set for the L2TP/IPSec VPN server on your router and clickProperties.
(11) Switch to theSecuritytab,select Layer 2 Tunneling Protocol with IPsec (L2TP/IPSec)and clickAdvanced settings.
(12) SelectUse preshared key for authenticationand enter the IPSec Pre-Shared Key you have set for the L2TP/IPSec VPN server on your Deco. Then clickOK.
Done! ClickConnectto start VPN connection.
Use VPN Client to Access a Remote VPN Server
VPN Client is a function used to create VPN connections for devices in your home network to access a remote VPN server.
To use the VPN Client feature, simply configure a VPN connection, designate which devices on your Deco router you want to use the feature, then these devices will be able to access the remote VPN server. To accomplish this, please follow the steps below:
1. Launch the Deco app. Go toMORE>Advanced>VPN Client.
2. EnableVPN Clientand tapAdd VPN Server.
3. Select a VPN Type, enter the VPN information supplied by your VPN provider, and save the settings.
OpenVPN:Enter the VPN username and password, if required by your VPN provider, otherwise simply leave them empty. Then, import the configuration file provided by your VPN provider.
PPTP:Enter the VPN server address and the VPN username and password supplied by your VPN provider.
L2TP/IPSec:Enter the VPN server address, VPN username and password, and IPSec pre-shared key supplied by your VPN provider.
4. TapClient List, then tap+to add devices that will use the VPN function.
5. TapAccess Permissionto allow all devices connected to your Deco to use the VPN function, or only allow devices on the Client List to use VPN function.
Done! The specified devices can now access the VPN server.
To learn more about each function and configuration of your TP-Link product, please visit theDownload Center, where you can find the manual TP-Link product model.