How to set up PPTP & L2TP VPN Server with Omada Gateway in Controller Mode

Configuration Guide
Updated 07-02-2024 01:34:42 AM FAQ view icon136515
This Article Applies to: 

Note: For Omada SDN Controller v 4.3 and above

Application Scenario

When a remote user wants to access the LAN, it is recommended to establish a client-to-site VPN tunnel in which the Omada gateway serves as a VPN server. This kind of VPN tunnel is useful and practical for business travelers to access the network in headquarter from a remote location without compromising security and privacy.

To set up the Omada gateway as PPTP/L2TP server and establish a VPN tunnel, follow the steps below.

Note: If the Omada gateway is behind a NAT device, make sure that UDP port 1701 for L2TP traffic, UDP port 500/4500 for L2TP over IPsec VPN are open on the NAT device in front of the Omada gateway.

Configuration

Step 1. Create a new VPN policy

Go to Settings > VPN and click + Create New VPN Policy.

Step 2. Configure the parameters to set up a PPTP/L2TP server

1) For PPTP Server: enter a name to identify the VPN policy, select the purpose for the new entry as Client-to-Site VPN, and the VPN Type as VPN Server-PPTP. Then configure the corresponding parameters, and click Create.

Status

Check the box to enable the VPN tunnel.

MPPE Encryption

Select Encrypted to enable MPPE (Microsoft Point-to-Point Encryption) for the VPN tunnel for security purpose.

Local Networks

Select the networks in headquarter. The VPN policy will be applied to the selected networks and the remote users can access the network with the created VPN tunnel.

WAN

Select the WAN port on which the VPN tunnel will be established. Each WAN port supports only one PPTP VPN tunnel when the gateway works as a PPTP server.

IP Pool

Specify the IP address and subnet, and the gateway will assign IP address from the pool to the remote users for them to access the local networks.

2) For L2TP Server: enter a name to identify the VPN policy, select the purpose for the new entry as Client-to-Site VPN, and the VPN Type as VPN Server-L2TP. Then configure the corresponding parameters, and click Create.

Status

Check the box to enable the VPN tunnel.

IPsec Encryption

Select Encrypted to encrypt the VPN tunnel by IPsec for security purpose.

Local Networks

Select the networks in headquarter. The VPN policy will be applied to the selected networks and the remote users can access the network with the created VPN tunnel.

Pre-Shared Key

Specify the Pre-Shared Key (PSK) for IPsec encryption. Both the gateway in headquarter and the remote user should use the same PSK for authentication.

WAN

Select the WAN port on which the VPN tunnel will be established. Each WAN port supports only one L2TP VPN tunnel when the gateway works as a L2TP server.

IP Pool

Specify the IP address and subnet, and the gateway will assign IP address from the pool to the remote users for them to access the local networks.

Step 3. Create a VPN user entry for the remote user

Go to Settings > VPN > VPN User. Click +Create New VPN User to add a new entry.

Step 4. Configure the parameters for the VPN user

Specify the username and password that the user will use for validation, and select the VPN server that has been created in Step 2.

Then, select Client as the Mode, and specify the maximum VPN connections that can use the specified username simultaneously. If you want to use a gateway as a PPTP/L2TP client, select Network Extension Mode as the Mode. Click Create.

Step 5. Configuring the PC/laptop of the remote user

On the remote PC/laptop, you can use the Windows built-in PPTP/L2TP software or software from the third party to connect to the PPTP/L2TP server. For detailed information, please refer to:

https://www.tp-link.com/support/faq/1629/

Verification of the L2TP/PPTP VPN Tunnel

Go to Insight > VPN Status > VPN Tunnel and check the entries. When a corresponding entry is displayed in the table, the VPN tunnel is successfully established.

Looking for More

Is this faq useful?

Your feedback helps improve this site.

Recommend Products

Community

TP-Link Community

Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.

Visit the Community >

icon

Accessibility Adjustments

icon RESET

Choose the right accessibility profile for you

OFF

Seizure Safe

Eliminates flashes and reduces color

OFF

Cognitive Disability

Assists with reading and focusing

OFF

Vision Impaired

Enhances the website's visuals

OFF

ADHD Friendly

More focus and fewer distractions

Content Adjustments

Adjust Scale

icon
100%
icon

Highlight Title

icon

Highlight Link

icon

Text Magnifier

icon

Readable Font

icon

Align Center

icon

Align Left

icon

Align Right

icon

Color Adjustment

Low Saturate

icon

High Saturate

icon

Dark Contrast

icon

Light Contrast

icon

Set Text Colors

Monochrome

icon

Set Title Colors

High Contrast

icon

Set BackgroundColor

Orientation Adjustments

Muted

icon

Hide Images

icon

Stop Animation

icon

Reading Mask

icon

Highlight Hover

icon

Big Black Cursor

mutedicon

Big White Cursor

icon

Hide Video/Audio

icon

Stop Video

icon

Stop Audio

icon

Hide Animation

icon

Reading Guide

icon

Useful Links

Chat Now