Home » Netgear Manuals » Wireless » Netgear WAC124 » Manual Viewer

Netgear WAC124 User Manual For Firmware version less than 1.0.4.2 - Page 207

Router mode: Set up an OpenVPN connection

Add to My Manuals
Save this manual to your list of manuals

Page 207 highlights

AC2000 802.11ac Wireless Access Point/Router WAC124 Router mode: Set up an OpenVPN connection The type of virtual private network (VPN) access in which remote users access a protected network is called a client-to-gateway tunnel. The computer is the client, and the access point/router is the gateway. To enable users to access the access point/router over a VPN connection, you must enable and configure OpenVPN service on the access point/router. Remote users must install and run OpenVPN client software on their computer or mobile device. OpenVPN requires a static IP address or DDNS service on the access point/router to enable a remote client such as a computer or mobile device to connect with the access point/router. (If the access point/router uses a static WAN IP address that never changes, OpenVPN can use that IP address to connect to the network over a VPN connection.) If the access point/router does not use a static WAN IP address, you can use a DDNS service for the access point/router and register for an account with a host name (also referred to as a domain name). A remote client such as a computer or mobile device can use that host name to connect with the access point/router and access the network over a VPN connection. For more information, see Router mode: Set up and manage Dynamic DNS on page 192. Router mode: Manage VPN access to your network or Internet service at your office or home When you are away from your office or home and you access the Internet, you usually use a local Internet service provider. For example, at a coffee shop you might be given a code that lets you use the coffee shop's Internet service account to surf the web. The access point/router lets you use a VPN connection to access your own Internet service when you are away from your office or home. You might want to do this if you travel to a geographic location that does not support all the Internet services that you use at your office or home. For example, your Netflix account might work at home but not in a different country. For information about the types of VPN client connections that the access point/router supports, see Router mode: Enable and configure OpenVPN and VPN client access on the access point/router on page 200. In addition to access to your office or home network, you can either allow or block VPN client Internet access through your office or home network. For the VPN tunnel to work, the LAN where your VPN client computer is connected must use a different LAN IP address scheme from that of the LAN of the access point/router at your office or home. If both networks use the same LAN IP address scheme, when Router Mode: Set up VPN 207 Connections with OpenVPN User Manual

Section	Page
Contents	3
1. Hardware Overview of the Access Point/Router	11
Top panel with LEDs	12
Back panel with ports, buttons, and a power connector	13
Position the antennas for best WiFi performance	14
Access point/router label	14
2. Install and Access the Access Point/Router in Your Network	16
Connect the access point/router to your existing router and log in for the first time	17
Update the access point/router firmware if you cannot complete the initial log-in process	21
About router mode	22
Use the access point/router in router mode	23
Log in to the access point/router when it is connected to the Internet	26
Log in to the access point/router when it is not connected to the Internet	28
Use the NETGEAR Insight mobile app to discover the access point/router	29
Find the IP address of the access point/router	29
Change the language	31
Change the local login admin password	32
Set up password recovery for the local login admin user name	33
Connect a wired or WiFi device to the access point/router’s network after installation	34
Connect to the access point/router through an Ethernet cable	34
Use Wi-Fi Protected Setup to join the WiFi network of the access point/router	35
Manually join the WiFi network of the access point/router	36
3. Specify the Access Point/Router Internet Settings Manually	37
Use the Internet Setup Wizard	38
Access point mode: Specify a fixed LAN IP address	39
Router mode: Manually set up the access point/router Internet connection	40
Router mode: Specify a dynamic or fixed WAN IP address Internet connection without a login	40
Router mode: Specify a PPPoE Internet connection that uses a login	42
Router mode: Specify a PPTP or L2TP Internet connection that uses a login	44
Router mode: Specify an IPv6 Internet connection	46
Router mode: Requirements for entering IPv6 addresses	47
Router mode: Use Auto Detect for an IPv6 Internet connection	47
Router mode: Use Auto Config for an IPv6 Internet connection	49
Router mode: Set up an IPv6 6to4 tunnel Internet connection	51
Router mode: Set up an IPv6 6rd Internet connection	52
Router mode: Set up an IPv6 passthrough Internet connection	54
Router mode: Set up an IPv6 fixed Internet connection	55
Router mode: Set up an IPv6 DHCP Internet connection	57
Router mode: Set up an IPv6 PPPoE Internet connection	58
4. Manage the Basic WiFi and Radio Features	61
Set up or change an open or secure WiFi network	62
Configure WPA and WPA2 Enterprise WiFi security	65
Disable or enable a WiFi network	67
Hide or broadcast the SSID for a WiFi network	68
Enable or disable the WiFi radios	69
Use WPS to add a device to the WiFi network	70
Use WPS with the push button method	70
Use WPS with the PIN method	72
5. Manage the Firewall and Security	74
Router mode: Manage the basic firewall settings	75
Router mode: Manage port scan protection and denial of service protection	75
Router mode: Set up a default DMZ server	76
Router mode: Manage IGMP proxying	77
Router mode: Manage NAT filtering	78
Router mode: Manage the SIP application-level gateway	79
Router mode: Manage VPN pass-through	80
Allow or block device access to your network	81
Enable and manage network access control	81
Manage network access control lists	82
Add or remove a device from the allowed list	83
Add or remove a device from the blocked list	84
Router mode: Specify keywords and domains to block Internet sites	85
Router mode: Set up keyword and domain blocking	85
Router mode: Specify a trusted device	87
Router mode: Remove a keyword or domain from the blocked list	88
Router mode: Remove all keywords and domains from the blocked list	89
Router mode: Block specific services and applications from the Internet	89
Router mode: Add a service blocking rule for a predefined service or application	90
Router mode: Add a service blocking rule for a custom service or application	91
Router mode: Change a service blocking rule	93
Router mode: Remove a service blocking rule	94
Router mode: Set up a schedule for blocking	95
Set up security event email notifications	96
6. Optimize Performance	99
Optimize traffic with the default QoS rules	100
Manage default and custom QoS rules	101
Add a custom QoS rule for a service or application	101
Add a custom QoS rule for a device	102
Change a QoS rule or change the priority for a rule	103
Remove a QoS rule	104
Remove all QoS rules	105
Manage uplink bandwidth control	106
Manage WiFi Multimedia (WMM) for a radio	107
Improve network connections with Universal Plug and Play	108
7. Manage the Network Settings	111
Router mode: Manage the LAN IP address settings	112
Router mode: Change the access point/router network device name	112
Router mode: Change the LAN IP address and subnet settings	113
Router mode: Manage the DHCP server address pool	114
Router mode: Disable the DHCP server	116
Router mode: Manage the Router Information Protocol settings	117
Router mode: Manage reserved LAN IP addresses	118
Router mode: Reserve a LAN IP Address	118
Router mode: Change a reserved LAN IP address	119
Router mode: Remove a reserved LAN IP address entry	120
Add and manage IPv4 static routes	121
Add an IPv4 static route	122
Change an IPv4 static route	123
Remove an IPv4 static route	124
Router mode: Enable an IPTV bridge for a port group or VLAN tag group	125
Router mode: Enable an IPTV bridge for a port group	125
Router mode: Enable an IPTV bridge for a VLAN tag group	126
Router mode: Change the MTU size	128
8. Maintain and Monitor the Access Point/Router	131
Update the firmware of the access point/router	132
Let the access point/router check for new firmware and update the firmware	132
Check for new firmware manually and update the access point/router manually	133
Manage the configuration file of the access point/router	135
Back up the access point/router configuration file	135
Restore the access point/router configuration settings	136
Recover the local login admin password	137
Return the access point/router to its factory default settings	138
Use the Reset button	138
Erase the settings to factory default settings	139
Manage the time settings	140
Manually set the time zone and adjust the daylight saving time	140
Change the NTP server	141
Manage the activity log	142
Specify which activities the access point/router logs	142
View, send, or clear the logs	143
View the status and statistics of the access point/router	144
Access point mode: View information about the access point/router, LAN port, and WiFi settings	144
Router mode: View information about the access point/router, Internet port, and WiFi settings	147
Check the Internet connection status	150
Display Internet port statistics	152
View devices currently on the access point/router network	153
Router mode: Monitor and meter Internet traffic	155
Router mode: Start the traffic meter without traffic restrictions	155
Router mode: Restrict Internet traffic by volume	156
Router mode: Restrict Internet traffic by connection time	158
Router mode: View the Internet traffic volume and statistics	159
Router mode: Unblock the traffic meter after the traffic limit is reached	160
Router mode: Manage and use remote access	161
Router mode: Set up remote management for the access point/router	161
Router mode: Use remote access	163
Change the system mode to router mode or back to access point mode	163
Disable LED blinking or turn off LEDs	165
9. Share a USB Storage Device Attached to the Access Point/Router	166
USB device requirements	167
Connect a USB storage device to the access point/router	167
Access a USB storage device that is connected to the access point/router	168
Access a USB storage device from a Windows-based computer	168
Access a USB storage device from a Mac	168
Map a USB storage device to a Windows network drive	169
Back up a Windows-based computer with ReadySHARE Vault	170
Back up a Mac with Time Machine	171
Set up a USB hard disk drive on a Mac	171
Prepare to back up a large amount of data	172
Use Time Machine to back up onto a USB hard disk drive	172
Manage access to a USB storage device	174
Enable FTP access within the access point/router network	176
View and manage network folders on a USB storage device	178
View network folders on a USB storage device	178
Add a network folder on a USB storage device	179
Change a network folder on a USB storage device	180
Router mode: Approve a USB storage device	181
Safely remove a USB storage device	182
10. Use the Access Point/Router as a Media Server	184
Specify ReadyDLNA media server settings	185
Play music from a storage device with iTunes server	186
Set up the access point/router’s iTunes server with iTunes	186
Set up the access point/router’s iTunes server with the Remote app	188
Set up the access point/router to work with TiVo	190
11. Router Mode: Manage Dynamic DNS and FTP Access Through the Internet	191
Router mode: Set up and manage Dynamic DNS	192
Router mode: Set up a new Dynamic DNS account	192
Router mode: Specify a DNS account that you already created	193
Router mode: Change the Dynamic DNS settings	194
Router mode: Use DDNS with FTP to access your network	195
Router mode: Overview of the steps to set up an FTP server with DDNS	195
Router mode: Set up FTP access through the Internet on the access point/router	196
Router mode: Use FTP to access a storage device over the Internet	197
12. Router Mode: Set up VPN Connections with OpenVPN	199
Router mode: Enable and configure OpenVPN and VPN client access on the access point/router	200
Router mode: Install OpenVPN client software on a remote client	201
Router mode: Install the OpenVPN client utility and VPN configuration files on a Windows-based computer	202
Router mode: Install the OpenVPN client utility and VPN configuration files on a Mac	203
Router mode: Install the OpenVPN client utility and VPN configuration files on an iOS device	204
Router mode: Install the OpenVPN client utility and VPN configuration files on an Android device	205
Router mode: Set up an OpenVPN connection	207
Router mode: Manage VPN access to your network or Internet service at your office or home	207
Router mode: Use a VPN tunnel to access your Internet service at your office or home	208
13. Manage the Advanced WiFi and Radio Features	209
Add a WiFi schedule for a radio	210
Change the channel for a radio	211
Change the WiFi throughput mode for a radio band	212
Change the transmission output power for a radio	214
Manage advanced WiFi and broadcast settings	215
Manage the WPS settings	216
Specify how the access point/router manages WiFi clients	218
Manage Implicit Beamforming	218
Manage MU-MIMO	219
Manage Airtime Fairness	220
Set Up a WiFi bridge between the access/point router and another device	221
14. Router Mode: Manage Port Forwarding and Port Triggering	224
Router mode: Manage port forwarding to a local server for services and applications	225
Router mode: Forward incoming traffic for a default service or application	225
Router mode: Add a port forwarding rule for a custom service or application	226
Router mode: Change a port forwarding rule	228
Router mode: Remove a port forwarding rule	229
Router mode application example: Make a local web server public	230
Router mode: How the access/point router implements a port forwarding rule	230
Router mode: Manage port triggering for services and applications	231
Router mode: Add a port triggering rule	232
Router mode: Change a port triggering rule	233
Router mode: Remove a port triggering rule	234
Router mode: Specify the time-out for port triggering	235
Router mode: Disable port triggering	236
Router mode application example: Port triggering for Internet Relay Chat	237
15. Diagnostics and Troubleshooting	239
Reboot the access point/router from its local browser interface	240
Quick tips	241
Router mode: Sequence to restart your access point/router network	241
Check the Ethernet cable connections	241
Check the WiFi settings of your computer or mobile device	241
Check the DHCP network settings of your computer or mobile device	242
Standard LED behavior when the access point/router is powered on	242
Troubleshoot with the LEDs	243
Power LED is off	243
Power LED stays blinking green	243
Access point mode: Internet LED is off	244
Router mode: Internet LED is off	244
WiFi LED Is Off	245
You cannot log in to the access point/router	245
Access point mode: You cannot log in to the access point/router	245
Router mode: You cannot log in to the access point/router	247
Router mode: You cannot access the Internet	248
Router mode: Check the Internet WAN IP address	248
Router mode: Check or manually start the PPPoE connection	250
Troubleshoot Internet browsing	251
Troubleshoot the WiFi connectivity	252
Changes are not saved	253
Troubleshoot your network using the ping utility of your computer	253
Test the LAN path from your computer to the access point/router	253
Router mode: Test the path from your computer to a remote device	254
A. Factory Default Settings and Technical Specifications	256
Factory default settings	257
Technical specifications	259
B. Position and Wall-Mount the Access Point/Router	261
Position the access point/router	262

Match case Limit results 1 per page

Router mode: Set up an OpenVPN

connection

The type of virtual private network (VPN) access in which remote users access a protected

network is called a client-to-gateway tunnel. The computer is the client, and the access

point/router is the gateway. To enable users to access the access point/router over a

VPN connection, you must enable and configure OpenVPN service on the access

point/router. Remote users must install and run OpenVPN client software on their

computer or mobile device.

OpenVPN requires a static IP address or DDNS service on the

access point/router

enable a remote client such as a computer or mobile device to connect with the access

point/router. (If the access point/router uses a static WAN IP address that never changes,

OpenVPN can use that IP address to connect to the network over a VPN connection.)

If the access point/router does not use a static WAN IP address, you can use a DDNS

service for the access point/router and register for an account with a host name (also

referred to as a domain name). A remote client such as a computer or mobile device

can use that host name to connect with the access point/router and access the network

over a VPN connection. For more information, see Router

mode:

Set

and

manage

Dynamic

DNS

on page 192.

Router mode: Manage VPN access to your network or

Internet service at your office or home

When you are away from your office or home and you access the Internet, you usually

use a local Internet service provider. For example, at a coffee shop you might be given

a code that lets you use the coffee shop’s Internet service account to surf the web.

The access point/router lets you use a VPN connection to access your own Internet

service when you are away from your office or home. You might want to do this if you

travel to a geographic location that does not support all the Internet services that you

use at your office or home. For example, your Netflix account might work at home but

not in a different country.

For information about the types of VPN client connections that the access point/router

supports, see Router

mode:

Enable

and

configure

OpenVPN

and

VPN

client

access

the

access

point/router

on page 200. In addition to access to your office or home network,

you can either allow or block VPN client Internet access through your office or home

network.

For the VPN tunnel to work, the LAN where your VPN client computer is connected must

use a different LAN IP address scheme from that of the LAN of the access point/router

at your office or home. If both networks use the same LAN IP address scheme, when

User Manual

207

Router Mode: Set up VPN

Connections with OpenVPN

AC2000 802.11ac Wireless Access Point/Router WAC124