How to set up The VPN Server/Client Feature on a Deco Mesh Wi-Fi Router

Configuration Guide
Updated 11-08-2023 16:52:42 PM FAQ view icon295292
This Article Applies to: 

Deco Mesh Wi-Fi Systems offer several ways to set up VPN connections. In this article, we will cover the various methods and options available, and how to set them up.

VPN Server is a function that allows remote devices to access your home network via a secure tunnel through the internet. Deco Mesh Systems support three types of VPN Server:

  • OpenVPN is somewhat complex, but with greater security and more stability, suitable for restricted environments such as campus networks or company intranet.
  • PPTP VPN is easy to use with the built-in VPN software commonly found on computers and mobile devices, however it is less secure and may even be blocked by some ISPs.
  • L2TP/IPSec VPN is more secure, but slower than PPTP VPN, and in some cases may run into trouble getting around firewalls.

VPN Client is a function that allows all devices in your home network to access remote VPN servers, without the need to install VPN software on each device.

Using OpenVPN to Access Your Home Network

OpenVPN Server is used to create an OpenVPN connection for remote devices to access your home network through a secure tunnel.

To use this VPN feature, you will need to enable OpenVPN Server on your Deco Mesh System, and install and run VPN client software on remote devices. Please follow the steps below to set up an OpenVPN connection.

1. Launch the Deco app. Go to MORE > Advanced > VPN Server, and tap Add VPN Server.

2. Select OpenVPN, enter the necessary information and save the settings.

  • Description: Enter a name for this VPN connection.
  • Service Type: Select the service type (communication protocol) for this OpenVPN connection (UDP/TCP).
  • VPN Port: Enter a VPN service port to which a VPN device will connect. The port number should be between 1024 and 65535.
  • VPN Subnet/Netmask: Enter the range of IP addresses that can be leased to the devices by the OpenVPN server.
  • Client Access: Select your client access type. Select Home Network Only if you only want the remote device to access your home network. Select Internet and Home Network if you also want the remote device to access internet through the VPN server.

3. Tap the VPN you have saved and tap Export Config File to save the OpenVPN configuration file. This file will be used by the remote device to access your router and establish the VPN Tunnel.

4. Next, you will need to configure the OpenVPN connection on your remote device(s).

(1) Visit https://openvpn.net/community-downloads/ to download the OpenVPN software and install it on the device on which you want to run the OpenVPN client utility.

Note: You will need to install the OpenVPN client utility on each device you plan to use the VPN function for. On mobile devices, such as smartphones or tablets, you will need to download a third-party VPN app from the Google Play or Apple App Store.

(2) After installation, copy the file exported from your router to the OpenVPN client utility’s “config” folder (for example, C:\Program Files\OpenVPN\config on Windows). The file path depends on where the OpenVPN client utility is installed.

(3) Run the OpenVPN client utility and connect it to OpenVPN Server.

Using PPTP VPN to Access Your Home Network

PPTP VPN is used to create a PPTP VPN connection for remote devices to access your home network through a secure tunnel.

To use this VPN feature, you will need to enable PPTP VPN Server on your Deco Mesh System and configure the PPTP VPN connection on remote devices.

Please follow the steps below to set up a PPTP VPN connection.

1. Launch the Deco app. Go to MORE > Advanced > VPN Server, and tap Add VPN Server.

2. Select PPTP, enter the necessary information and save the settings.

  • Description: Enter a name for this VPN connection.
  • Client IP Address: Enter the range of IP addresses (up to 10) that can be leased to the devices by the PPTP VPN server.
  • Allow NetBIOS passthrough: You can enable this option to allow your VPN device to access your Samba server using NetBIOS name.
  • Allow unencrypted connections: You can enable this feature to allow unencrypted connections to your VPN server.
  • Account List: Add the PPTP VPN connection account (username and password) for the remote device. You can create up to 16 accounts.

3. Next, you will need to configure PPTP VPN on your remote device(s). The remote device can use the Windows built-in PPTP software, or third-party PPTP software, to connect to PPTP Server. In this example we use the Windows built-in PPTP software.

(1) Go to Start > Control Panel > Network and Internet > Network and Sharing Center.

(2) Select Set up a new connection or network.

(3) Select Connect to a workplace and click Next.

(4) Select Use my Internet connection (VPN).

(5) Enter the internet IP address of the router in the Internet address field. Click Next.

(6) Enter the Username and Password you assigned to the PPTP VPN server on your router, and click Connect.

(7) Click Connect Now when the VPN connection is ready to use.

Use L2TP/IPSec VPN to Access Your Home Network

L2TP/IPSec VPN Server is used to create an L2TP/IPSec VPN connection for remote devices to access your home network through a secure tunnel.

To use this VPN feature, you will need to enable L2TP/IPSec VPN Server on your Deco Mesh System and configure the L2TP/IPSec VPN connection on remote devices.

Please follow the steps below to set up the L2TP/IPSec VPN connection.

1. Launch the Deco app. Go to MORE > Advanced > VPN Server, and tap Add VPN Server.

2. Select L2TP/IPSec, enter the necessary information and save the settings.

  • Description: Enter a name for this VPN.
  • Client IP Address: Enter the range of IP addresses (up to 10) that can be leased to the devices by the L2TP/IPSec VPN server.
  • IPSec Encryption/ IPSec Pre-Shared Key: Keep IPSec Encryption as Encrypted and create an IPSec Pre-Shared Key.
  • Account List: Add the L2TP/IPSec VPN connection account (username and password) for the remote device. You can create up to 16 accounts.

3. Now you need to configure L2TP/IPSec on your remote device. The remote device can use the Windows or Mac OS built-in L2TP/IPSec software or a third-party L2TP/IPSec software to connect to L2TP/IPSec Server. In this example, we use the Windows built-in L2TP/IPSec software.

(1) Go to Start > Control Panel > Network and Internet > Network and Sharing Center.

(2) Select Set up a new connection or network.

(3) Select Connect to a workplace and click Next.

(4) Select Use my Internet connection (VPN).

(5) Enter the internet IP address of the router in the Internet address field. Select Don’t connect now; just set it up so I can connect later. Then click Next.

(6) Enter the Username and Password you have set for the L2TP/IPSec VPN server on your Deco, and click Connect.

(7) Click Close when the VPN connection is ready to use.

(8) Go to Network and Sharing Center and click Change Adapter Settings.

(9) Find the VPN connection you created, then double-click it.

(10) Enter the Username and Password you have set for the L2TP/IPSec VPN server on your router and click Properties.

(11) Switch to the Security tab, select Layer 2 Tunneling Protocol with IPsec (L2TP/IPSec) and click Advanced settings.

(12) Select Use preshared key for authentication and enter the IPSec Pre-Shared Key you have set for the L2TP/IPSec VPN server on your Deco. Then click OK.

Done! Click Connect to start VPN connection.

Use VPN Client to Access a Remote VPN Server

VPN Client is a function used to create VPN connections for devices in your home network to access a remote VPN server.

To use the VPN Client feature, simply configure a VPN connection, designate which devices on your Deco router you want to use the feature, then these devices will be able to access the remote VPN server. To accomplish this, please follow the steps below:

1. Launch the Deco app. Go to MORE > Advanced > VPN Client.

2. Enable VPN Client and tap Add VPN Server.

3. Select a VPN Type, enter the VPN information supplied by your VPN provider, and save the settings.

OpenVPN: Enter the VPN username and password, if required by your VPN provider, otherwise simply leave them empty. Then, import the configuration file provided by your VPN provider.

PPTP: Enter the VPN server address and the VPN username and password supplied by your VPN provider.

L2TP/IPSec: Enter the VPN server address, VPN username and password, and IPSec pre-shared key supplied by your VPN provider.

4. Tap Client List, then tap + to add devices that will use the VPN function.

5. Tap Access Permission to allow all devices connected to your Deco to use the VPN function, or only allow devices on the Client List to use VPN function.

Done! The specified devices can now access the VPN server.

To learn more about each function and configuration of your TP-Link product, please visit the Download Center, where you can find the manual TP-Link product model.

 

Looking for More

Is this faq useful?

Your feedback helps improve this site.

Recommend Products

Community

TP-Link Community

Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.

Visit the Community >