Skip to main content
Sign in Menu

How To: Set up a VPN on Grandstream GWN7003 (GDMS)

Cam
  • Updated

Information and Best Practices

Note that this configuration is completed within the GDMS Networking platform. 

The Grandstream router supports many types of VPN, from WireGuard, to Open VPN, as well as PPTP. For this article we'll be using WireGuard, which can be downloaded for windows here

Once the VPN is configured, please disable the VPN configuration when it is not in use. 

If the VPN is already configured in the router you simply need to click on the peer icon to download the configuration file, then follow the steps to import the configuration into the WireGuard software.

If the VPN is not configured yet, continue to the next section. 

Configure WireGuard On the Router

  1. Navigate to VPN
  2. Click Setup Wizard
  3. Select WireGuard, click Next

4. Click the Add button

5. Give the VPN a Name (WG1 in this case), ensure the router and primary WAN interface are selected, and give it an IP address subnet for the VPN. 

6. Click Next

7. Click on Client-to-Site configuration

8. Click Next

 

9. Configure Protocol Name - Best practice to use customer site name + VPN or WG

10. Click Next 

 

11. Review the information and click Next

 

12. On the Finish screen, click the Download Configuration File link. We'll import this file into the WireGuard VPN software later on. 

 

Configure Firewall Rules

Next, we need to make sure the VPN can talk to the LAN and the LAN to the VPN: 

13. Navigate to Settings > Firewall & Security

14. Click on +Add button

 

15. Ensure that the Forwarding Rules radial button is selected

16. Give the Rule the Name VPN to LAN

17. Set the Router (Should only be one option)

18. Set the Source Group as the WG1 (VPN)

19. Set the Destination Group as the Default LAN (LAN)

20. Ensure Accept is selected in the Action field

21. Click Save

Do the same thing but for the other direction (LAN to VPN): 

22. Ensure that the Forwarding Rules radial button is selected

23. Give the Rule the Name LAN to VPN

24. Set the Router (Should only be one option)

25. Set the Source Group as the Default LAN (LAN)

26. Set the Destination Group as the WG1 (VPN)

27. Ensure Accept is selected in the Action field

28. Click Save

 

You will now see both rules:

 

Import VPN Configuration Into WireGuard

Download/Open the WireGuard VPN software, (https://download.wireguard.com/windows-client/wireguard-installer.exe)

29. Click on the down arrow next to Add Tunnel

30. Click on Import tunnel(s) from file... (or Ctrl+O)

 

27. Select the configuration file we downloaded earlier (Step 12)

28. Click Open

33. To run the VPN connection click Activate

 

 

Disabling the VPN

Remember that it is best practice to keep the VPN disabled when not in use. To disable the VPN 

  1. Click on Settings > VPN > WireGuard
  2. Click the gear icon to view the configuration
  3. Toggle the Status button to turn it off
  4. Click Save

You will observe that the Status now shows Disabled.

 

Related to

Related articles