Grandstream Networks GWN7000 Configuration Manual
  1. Manuals
  2. Brands
  3. Grandstream Networks Manuals
  4. Network Router
  5. GWN7000
  6. Configuration manual
Grandstream Networks GWN7000 Configuration Manual

Grandstream Networks GWN7000 Configuration Manual

Multi-wan gigabit vpn router
Hide thumbs Also See for GWN7000:
Table of Contents

Advertisement

Quick Links

Download this manual See also: User Manual
Grandstream Networks, Inc.
GWN7000 Multi-WAN Gigabit VPN Router
VPN Configuration Guide

Advertisement

Table of Contents
loading

Related Manuals for Grandstream Networks GWN7000

Summary of Contents for Grandstream Networks GWN7000

  • Page 1 Grandstream Networks, Inc. GWN7000 Multi-WAN Gigabit VPN Router VPN Configuration Guide...

  • Page 2: Table Of Contents

    Generate Server/Client Certificates ....................... 8 Create OpenVPN® Server ........................14 OpenVPN® Client Configuration ......................16 L2TP/IPSEC CONFIGURATION ................... 20 GWN7000 L2TP/IPSec Client Configuration ................... 20 PPTP CONFIGURATION ....................22 GWN7000 Client Configuration ....................... 22 P a g e GWN7000 VPN Guide...
  • Page 3 Table of Figures Figure 1: VPN Architecture Overview ......................4 Figure 2: GWN7000 as OpenVPN® Server ....................5 Figure 3: GWN7000 acting as a VPN Client ....................5 Figure 4: Create CA Certificate ........................7 Figure 5: CA Certificate ..........................8 Figure 6: Generate Server Certificates ......................

  • Page 4: Introduction

    It is possible to permanently store the key to allow the tunnel to be established automatically. The purpose of this guide is to underline VPN client/server feature on Grandstream GWN7000 Router. This guide covers OpenVPN® client/server configuration, L2TP client configuration and PPTP client configuration.

  • Page 5: Gwn7000 Vpn Feature

    GWN7000 router supports 3 VPN types: • OpenVPN®: GWN7000 can act as VPN server with remote VPN clients, or it can as VPN client connected to a remote VPN server. •...

  • Page 6: Openvpn® Configuration

    OpenVPN®, L2TP/IPSec or PPTP. OpenVPN® Server Configuration To use the GWN7000 as an OpenVPN® server, users need to start creating OpenVPN® certificates and client certificates. Before generating server/client certificates, users should generate first the Certificate Authority (CA) which will help to issue server/clients certificates.

  • Page 7: Figure 4: Create Ca Certificate

    2048: 2048-bit keys are a good minimum. (Recommended). • 4096: 4096-bit keys are accepted by nearly all RSA systems. Using 4096-bit keys will dramatically increase generation time, TLS handshake delays, and CPU usage for TLS operations. P a g e GWN7000 VPN Guide...

  • Page 8: Generate Server/Client Certificates

    Figure 5: CA Certificate Generate Server/Client Certificates Users need to create both server and client certificates for encrypted communication between clients and GWN7000 acting as an OpenVPN® server. ❖ Creating Server Certificate To create server certificate, follow below steps: 1. Go to “System Settings > Cert. Manager > Certificates”.

  • Page 9: Figure 6: Generate Server Certificates

    Select CA certificate previously generated from the dropdown list. CA Certificate In our example, “CATest”. Choose the certificate type from the dropdown list. It can be either a Certificate Type client or a server certificate. Choose “Server” to generate server certificate. P a g e GWN7000 VPN Guide...
  • Page 10 Notes: • The server certificates (.crt and .key) will be used by the GWN7000 when acting as a server. • The server certificates (.crt and .key) can be exported and used on another OpenVPN® server.

  • Page 11: Figure 7: User Management

    2- Create Client Certificate a. Go to “System Settings > Cert. Manager > Certificates”. b. Click on button. The following window will pop up. c. Enter client certificate information based on below descriptions. P a g e GWN7000 VPN Guide...

  • Page 12: Figure 8: Client Certificat

    Choose the certificate type from the dropdown list. Certificate Type It can be either a client or server certificate. In our example, select “Client”. Select created user to generate his certificate. Username In our example, select “User1”. P a g e GWN7000 VPN Guide...
  • Page 13 “.key” format. Click on to revoke the client certificate if no longer needed. The client certificates (“.crt” and “.key”) will be used by clients connected to the GWN7000 in order to establish TLS handshake. Notes: •...

  • Page 14: Create Openvpn® Server

    “VPN > OpenVPN® > Server”. To create a new VPN server, follow below steps: 1. Click on and the following window will pop up. Figure 9: Create OpenVPN® Server P a g e GWN7000 VPN Guide...

  • Page 15: Table 4: Openvpn® Server

    Choose the Transport protocol from the dropdown list, either TCP or Protocol UDP. The default protocol is UDP. Select the interface used to connect the GWN7000 to the uplink, Interface either WAN1, WAN2 or All. Configure the listening port for OpenVPN® server.

  • Page 16: Openvpn® Client Configuration

    There are two ways to use the GWN7000 as an OpenVPN® client: 1) Upload client certificate created from an OpenVPN® server to GWN7000. 2) Create client/server certificates on GWN7000 and upload server certificate to the OpenVPN® server. P a g e...

  • Page 17: Figure 11: Openvpn® Client

    Go to “VPN > OpenVPN® > Client” and follow steps below: 1. Click on and the following window will pop up. Figure 11: OpenVPN® Client P a g e GWN7000 VPN Guide...

  • Page 18: Table 5: Openvpn® Client

    Choose the Transport protocol from the dropdown list, either TCP or Protocol UDP. The default protocol is UDP. Select the interface used to connect the GWN7000 to the uplink, Interface either WAN1, WAN2 or All. Configure the listening port for OpenVPN® server.

  • Page 19: Figure 12: Openvpn® Client

    3. Click on top of the web GUI to apply changes. Figure 12: OpenVPN® Client © 2002-2014 OpenVPN Technologies, Inc. OpenVPN is a registered trademark of OpenVPN Technologies, Inc P a g e GWN7000 VPN Guide...

  • Page 20: L2Tp/Ipsec Configuration

    Rather, it relies on an encryption protocol that it passes within the tunnel to provide privacy. GWN7000 L2TP/IPSec Client Configuration To configure L2TP client on the GWN7000, go to “VPN > L2TP/IPSec” and set the following: 1- Click on and the following window will pop up.

  • Page 21: Figure 14: L2Tp Client

    When using L2TP/IPSec client mode, enable this option to allow devices behind GWN7000 to reach L2TP/IPSec server LAN (LAN to IP Masquerading LAN scenario). If disabled, only GWN7000 will be able to reach L2TP/IPSec server LAN (client to LAN scenario). Use DNS from Server Enable this option to retrieve DNS from the VPN server.

  • Page 22: Pptp Configuration

    Internet. Point-to-Point Tunneling Protocol (PPTP) allows the creation of virtual private networks (VPNs), which tunnel TCP/IP traffic through the Internet. GWN7000 Client Configuration To configure PPTP client on the GWN7000, go to “VPN > PPTP” and set the following: 1- Click on and the following window will pop up.

  • Page 23: Figure 16: Pptp Client

    When using PPTP client mode, enable this option to allow devices behind GWN7000 to reach PPTP server LAN (LAN to LAN IP Masquerading scenario). If disabled, only GWN7000 will be able to reach PPTP server LAN (client to LAN scenario). Use DNS from Server Enable this option to retrieve DNS from the VPN server.

Table of Contents