Firewalla VPN Server supports both OpenVPN and WireGuard VPN. Here is the guide on how to configure OpenVPN.
If you want to learn more about what is Firewalla VPN server, please refer to this article: Firewalla VPN Server.
To configure the Firewalla OpenVPN server:
1. Turn on VPN Server
The very first step is to turn on the VPN server on your Firewalla box. The Firewalla box will start a pre-installed OpenVPN server. When the VPN server starts, it will generate a unique key, which is only for your box.
Once you do that, click on "Setup"; it will guide you through the setup.
If you have an IPv6 address that you'd like to use to set up your VPN server, you can manually specify your server's IP type (and WAN interface if needed). You can read more about this feature and how to use it in our box version 1.976 release notes.
2. Configure Port Forwarding
Firewalla VPN Server requires the port to be accessed from outside your network.
- If you are using Firewalla in Router mode without double NAT, skip this step. Port Forwarding will be shown as complete.
- If you are using Firewalla in Simple or DHCP mode, and your main router has UPnP enabled (as most routers do), Firewalla will do everything for you. If your router doesn't support UPnP, you will need to manually set up port forwarding on your home router. Tutorial: How to set up port forwarding for VPN Server
3. Connecting to OpenVPN Server
3.1 Using OpenVPN Client App
To use VPN, you will need to install an OpenVPN compatible client on your mobile or desktop device. We have created instruction pages for different types of devices, with links to download VPN clients.
Once you have installed the client, you'll need a profile and a password in order to use the VPN client. The profile and password are generated by Firewalla. They are device-independent and can be shared. Refer to the instruction pages above on how to add the profile to the client.
3.2 Using Firewalla Site to Site or Remote Access VPN
If you are managing multiple Firewalla boxes, Firewalla allows you to connect one Firewalla box to another.
To create a Site to Site VPN or a Remote Access VPN connection using OpenVPN, on the Firewalla app, go to the client side box, find VPN Client -> Create VPN Connection -> Site to Site VPN -> select the server box you'd like to connect -> Select OpenVPN.
Comments
5 comments
Is it possible to edit the openVPN server config file on the firewalla? The way the automatic openVPN is setup by default on the gold doesn't allow the connected clients access to any of the devices on the remote LAN and so things like file and printer sharing are unusable. The server just acts like a privacy vpn for browsing the web.
I'd also like to know this. It's weird - if I connect from my phone to the firewalla, I can connect to all clients attached the the firewalla.
If I connect from my Asus router to the firewalla, I can't connect to ANY clients attached to the firewall - even from an ssh session on the router.
I got problems setting up openvpn server on a gold firewalla in router mode. I enabled upnp, then setup openvpn server and it says that i have to manually open the port, which is weird 'cause i expect upnp on the same very device do its job. But it's ok, i try manually open the port, so i go in the nat section, try to manually open the port but of course i can't select the target device, 'cause it's the firewalla itself... Any advice?
@radagast82, if you are running a gold in router mode, and it is your primary router, you do not need UPnP ... If the Gold is your only router (you don't have double NAT), then check this https://help.firewalla.com/hc/en-us/articles/360055686674-How-to-see-if-you-have-a-public-IP-address-
You're right, my new isp provides public ip on demand, I just asked them for one... I thought it was by default
Please sign in to leave a comment.