Cybersecurity

How to Configure and utilize reevert VPN Server

With the release of reevert 1.14.4.0 we have added the ability to setup a VPN server to provide secure remote access to storage resources on your reevert appliance as well as within corporate networks.

Notable Features

  • Available to both Enterprise and Workgroup licenses at no additional cost.
  • Easy to setup and deploy.
  • Optimized for maximum security and performance.
  • Compatible with all major operating systems (Windows, MacOS, Linux and Unix).
  • Can be enabled using the appliance WebUI as well as from the Cloud Panel.
  • Integrates with Active Directory. (Available with Enterprise license).


How to enable the VPN Service using the WebUI

  • Login to reevert appliance.
  • At the top right, click on the gear icon and click on "System Settings".
  • On the "System Settings" page, scroll down to "VPN Server" section.
  • Switch "VPN Server Enabled" to "Yes".
  • Specify the VPN Server Subnet (Default: 10.8.0.0) and Netmask (Default: 255.255.255.0).
  • Specify the VPN Server Protocol (Default: UDP, recommended for optimal performance) and Port (Default: 1194).
  • At the end, type your Public IP address to be used as the Gateway IP.
  • Save the Settings.
  • Click on the "Download Client" button to download a copy of the client software along with the configuration.
  • To temporarily disable the server, change "VPN Server Enabled" to "No".
  • To permanently disable the server, click on "Delete Server" button.

VPN Settings on WebUI


How to enable the VPN Service using the Cloud Panel

  • Login to your cloud panel account.
  • On desired appliance, click on "Settings" then click on "VPN Server".
  • To enable the service, switch "VPN Server Enabled" to "Yes".
  • Specify the VPN Server Subnet (Default: 10.8.0.0) and Netmask (Default: 255.255.255.0).
  • Specify the VPN Server Protocol (Default: UDP, recommended for optimal performance) and Port (Default: 1194).
  • At the end, type your Public IP address to be used as the Gateway IP.
  • Click "Update" to Save the Settings.
  • Click on the "Download Client" button to download a copy of the client software along with the configuration.
  • To temporarily disable the server, change "VPN Server Enabled" to "No".
  • To permanently disable the server, click on "Delete Server" button.

VPN Settings on Cloud Panel


Regenerating Keys

In occasions where there is a need to wipe old VPN keys and regenerate fresh ones, click "Regenerate Keys". Please note that if you regenerate the keys, new keys need to be installed to all active VPN client computers that you have or else they would not be able to authenticate.


Firewall Configuration

You are almost done! Assuming your reevert appliance is inside your network and behind a firewall, you would need to setup a NAT rule (TCP or UDP based off your selection) to redirect VPN traffic from your Public IP address to your reevert appliance and the specified VPN port number. Depending on the type of firewall you are utilizing, the steps may differ, but is very easy to implement a custom NAT rule. Also, you may decide to create a NAT rule to port 81 on the appliance to make the VPN Client portal accessible to remote users.


VPN Users

If your reevert appliance is connected to your Active Directory, all AD users will be able to use their credentials to connect to the VPN server. On Workgroup setups, "Local" users have the ability to connect to the VPN server. You can create as many local users as needed from "Saved Credentials" section of the appliance or the cloud panel.


VPN Client Portal

VPN users can download their copy of the client application by accessing the VPN Client portal on port 81 of the appliance via HTTPS. Example: https://10.1.10.101:81


Client Configuration (Windows)

Once the firewall configuration is complete, you are ready to configure client computers.

  • Download the client package from the appliance WebUI, VPN Portal or from the Cloud Panel.
  • Transfer the package to the destination computer and extract the files.
  • If the client computer OS is Windows 8, 8.1, 7 Windows Server 2012R2 or Windows Server 2012 and older, install the installation package ending with "Win7".
  • if the client computer OS is Windows 10, Windows Server 2019 or Windows Server 2016, install the installation package ending with "Win10".

VPN Client Package

  • You need to perform the installation "As Administrator" or else the installer will fail to install the required VPN network adapter.
  • Proceed with default selections. Be advised that the installer may ask you to confirm installing the VPN network adapter.

VPN Clint Instalion

  • Complete the installation. Please note that a reboot may be required on older operating systems.
  • Once the installation is complete, copy the certificate, the key and the configuration (*.ovpn) file from the extracted client folder and copy them to the installation path (Default: C:\Program Files\OpenVPN\config). This step is crucial or the VPN client would not be able to connect to the server.

Copy VPN Client Package files

  • Now close down all the windows and you should see the "OpenVPN GUI" icon on your desktop.

VPN GUI Desktop Icon

  • Run the program and the icon will appear on the task bar right next to the clock.

VPN GUI Taskbar Icon

  • Right click on the "OpenVPN GUI" taskbar icon and click "Connect".
  • The client is going to pop-up asking for your VPN user credentials. Use any desired AD or local user and you may choose to save your password.

VPN Client Login

  • Once the connection is established, you can access the network shares on your reevert appliance by typing UNC address using IP address or DNS name.
  • Other network resources such as network computers and printers should be accessible as well.
  • To disconnect, right click on the "OpenVPN GUI" taskbar icon and click "Disconnect".
  • Please note that going forward, the "OpenVPN GUI" icon will always be available on the taskbar next to the clock.

 

Client Configuration (Other)

For other operating systems, such as MacOS, Linux and Unix, use the *.ovpn, key and certificate files to configure the VPN client.

  • For MacOS, you can use Tunnelblick.
  • For Linux and Unix based operating systems, you can use the native CLI OpenVPN client or GUI programs such as Network Manager OpenVPN GUI. See an example guide here.

 

VPN Status

You can see who is connected to the VPN Server, find their IP addresses and see their traffic consumption.

  • On WebUI: Go to "System Tasks and Logs" Then scroll down to the "VPN Users" section.
  • On the Cloud Panel: Under the desired appliance, click "Commands" then "VPN Status".

 

As you saw, reevert provides an easy way to create a VPN server in order to help your remote users, utilize network shares and other network resources securely. If you have any questions or need assistance, feel free to reach out to our technical support.

Try Us

For a hassle free 30 day trial, click the "Free Trial" button, download and deploy a copy of the appliance.
No Credit Card required.

Free Trial