Firewalla VPN Server supports both OpenVPN and Wireguard VPN(beta). Here is the guide on how to configure OpenVPN.
If you want to learn more about what is Firewalla VPN server, please refer to this article: Firewalla VPN Server
To configure Firewalla OpenVPN server:
STEP 0: Turn on VPN Server
The very first step is to turn on the VPN server on your Firewalla box. Firewalla box will start a pre-installed OpenVPN server. When the VPN server starts, it will generate a unique key and this key is only for your box.
Once you do that, click on "Setup"; it will guide you through the setup.
STEP 1: Configure Port Forwarding
If your router has UPnP enabled (as most routers do), then it is simple, Firewalla will do everything for you. If your router doesn't support UPnP, you will need to manually set up port forwarding on your home router.
Tutorial: How to set up port forwarding for VPN Server
In this step, a couple of things are very important to check:
- Make sure the router that your Firewalla is plugged in has a public IP assigned by your ISP.
-
If Firewalla is in DHCP mode, and your overlay network is configured to be the same subnet as the primary network:
The VPN server may use the Firewalla's IP address in the overlay network to talk with VPN clients, instead of the IP address in the primary network. When configuring port forwarding on the router, make sure you forward to the Firewalla's IP address in the overlay network. (You can check the IP address information in Settings -> Advanced -> Network Settings)
STEP 2: Install VPN client
To use VPN, you will need to install an OpenVPN compatible client on your mobile or desktop device. We have created instruction pages for different types of devices, with links to download VPN clients.
STEP 3: Configure VPN client
Once you installed the client, you'll need a profile and a password in order to use the VPN client. The profile and password are generated by Firewalla. They are device-independent and can be shared. Refer to the instruction pages in Step 2 on how to add profile to the client.
Comments
5 comments
Is it possible to edit the openVPN server config file on the firewalla? The way the automatic openVPN is setup by default on the gold doesn't allow the connected clients access to any of the devices on the remote LAN and so things like file and printer sharing are unusable. The server just acts like a privacy vpn for browsing the web.
I'd also like to know this. It's weird - if I connect from my phone to the firewalla, I can connect to all clients attached the the firewalla.
If I connect from my Asus router to the firewalla, I can't connect to ANY clients attached to the firewall - even from an ssh session on the router.
I got problems setting up openvpn server on a gold firewalla in router mode. I enabled upnp, then setup openvpn server and it says that i have to manually open the port, which is weird 'cause i expect upnp on the same very device do its job. But it's ok, i try manually open the port, so i go in the nat section, try to manually open the port but of course i can't select the target device, 'cause it's the firewalla itself... Any advice?
@radagast82, if you are running a gold in router mode, and it is your primary router, you do not need UPnP ... If the Gold is your only router (you don't have double NAT), then check this https://help.firewalla.com/hc/en-us/articles/360055686674-How-to-see-if-you-have-a-public-IP-address-
You're right, my new isp provides public ip on demand, I just asked them for one... I thought it was by default
Please sign in to leave a comment.