Setup OpenVPN Server on GL.iNet router
OpenVPN is an open-source VPN protocol that makes use of virtual private network (VPN) techniques to establish safe site-to-site or point-to-point connections.
GL.iNet routers have pre-installed OpenVPN Client and Server.
We recommend WireGuard over OpenVPN because it is much faster. For setup a WireGuard Server, please check out here.
Make sure Internet Service Provider assigns you a public IP address
Please check if you Internet Service Provider assigns you a public IP address here.
If no, you can't connect to the WireGaurd Server.
An alternative method is to use a reverse proxy solution, we suggest AstroRelay.
Network Topology
- If GL.iNet router is the main router in your network, this is simple, please move to the next step.
- If you already have a main router, then the GL.iNet router is under the main router, you may need to setup a port forward on the main router.
- If you already have a main router, the GL.iNet router is several levels below it and you need to set up port forward on each level.
Initialize OpenVPN Server
Access to web Admin Panel, on the left side -> VPN -> OpenVPN Server. Click Generate a Configuration File
.
Setup OpenVPN Server
Server configuration
There are preset OpenVPN server configurations. You can also click Modify
to change them manually. Click Apply
when you finish.
Allow Access Local Network: Enable this will allow every client that connect to this OpenVPN Server be able to access your LAN. Please use with caution.
Note that you can't running VPN Client and Server at the same time, and also can't running OpenVPN Client and WireGuard Client at the same time.
Export OpenVPN configuration file
Click Export Config
on the bottom right to download the OpenVPN configuration file.
Start the OpenVPN server
Click Start
to start your OpenVPN server. Otherwise, you will not be able to connect to the OpenVPN server by using its configuration file.
It started.
To check if OpenVPN Server is working properly
To check if OpenVPN Server is working properly, we can use another device connected to another network and use the OpenVPN configuration we exported earlier to connect and see whether it connects properly and whether the IP address is the IP of OpenVPN Server.
The simpliest way is to use a phone with OpenVPN official client app installed, turn off its Wi-Fi connection, and only connect to Internet via 3G/4G/5G. Then open the OpenVPN app, import the OpenVPN configuration we previously exported . Enable the connection, check if the phone has Internet access and whether its IP address is the IP of OpenVPN Server.
There are several common reasons cause failed:
- The Internet Service Provider doesn't assign you a public IP address, please check here.
- You may need setup port forward, please check here.
- The port you are using for OpenVPN Server is blocked by the Internet Service Provider, change to another port, or contact the Internet Service Provider.
- Some countries/resions may block the VPN connection.
If your public IP address is dynamic
Some Internet Service Providers may change your IP address sometimes. To overcome this, enable the DDNS, then edit the configuration to replace DDNS url with your public IP address.
- Open the configuration file(.ovpn) with a text editor(e.g. Atom, Sublime).
-
Edit the configuration to replace DDNS url with your public IP address.
After replaced.
-
Save the
.ovpn
file.
The OpenVPN connection may down a while when the public IP address changes, after the DDNS url update to the new public IP address, the conneciton will resume. The DDNS is updated every 10 minutes. If the connection doesn't resume, please make sure the DDNS url is point to tne new public IP address, then turn off the OpenVPN connection and turn on again.
OpenVPN Client App
We can use another GL.iNet router as OpenVPN Client, or use their official app on other devices with various OS.
- Please refer to OpenVPN Official Website: https://openvpn.net/vpn-client/