Pritunl Tutorial

Pritunl

Published in

Pritunl Tutorials

4 min readOct 26, 2015

Router + VPN Gateway with EdgeMax

Introduction

his tutorial will show you how to setup a gateway on your Pritunl server. The gateway will allow the vpn clients to access a remote local network and the local network to also access the vpn clients. Below is the topology for this example where the local network is 10.50.0.0/24 and the vpn network is 10.60.0.0/24. Once complete devices on the 10.50.0.0/24 network will have access to the devices on the 10.60.0.0/24 network and the devices on the 10.60.0.0/24 will have access to the devices on the 10.50.0.0/24 network. This will not require opening any ports or modifying the firewall on the 10.50.0.1 router. A Premium or Enterprise license is required for this configuration.

EdgeRouter

This tutorial will use either the Ubiquity EdgeRouter X a $50 5-port gigabit router, the faster Ubiquity EdgeRouter Lite a $100 3-port gigabit router or the Ubiquity EdgeRouter POE a $170 5-port POE gigabit router. The routers can be purchased on Amazon using the links below.

EdgeRouter Initial Setup

First connect a computer to the eth0 port on the EdgeRouter and give the computer a static IP address of 192.168.1.2 with 255.255.255.0 subnet. The gateway does not need to be set. Once connected go to https://192.168.1.1 and login using the default username and password ubnt.

EdgeRouter System Settings

In the EdgeRouter web console open the Users tab and choose the Config action for the ubnt user and set a password.

EdgeRouter Configuration

To configure the EdgeRouter go the Wizards tab and select WAN+2LAN2 this will create a configuration that is similar to a traditional router with a NAT, DNS forwarding and DHCP server. The eth0 port will be connected to the internet and the other ports will be used for the local network. If the EdgeRouter POE is used the eth1 port cannot be used for switching and should be left disconnected. After opening the wizard configure the eth0 port to use DHCP from your ISP. If your ISP uses static addresses select Static IP and fill in the network information. Then expand the LAN Ports section and set the address to 10.50.0.1 this will define the local network for the router. Once the configuration is applied you will need to move the ethernet cable to the eth1 port or eth2 port if using the EdgeRouter POE. Then connect the eth0 port to your modem. After moving the cables remove the static IP from you desktop and use DHCP. Then go to https://10.50.0.1 to access the web console again.

Create Pritunl User

Login to the Pritunl web console and stop any running servers on that are attached to the Organization that you will be using for the EdgeRouter user. Then add a user with a network link to 10.50.0.0/24 and start the server. This will instruct the Pritunl server to route 10.50.0.0/24 traffic to the client that will be running on the EdgeRouter.

Install Pritunl EdgeRouter Plugin

Download and install the Pritunl EdgeRouter Plugin this will allow adding and managing Pritunl vpn profiles from the EdgeRouter web console. After downloading the plugin go to the Wizards section and select the + in the sidebar. Then name the wizard Pritunl and upload the plugin package.

Import Pritunl Profile

Download the profile for the new user and then open the Pritunl plugin that was added earlier and click Add New. Set the Interface to vtun0 then open the downloaded profile and copy the contents to the Profile field. Once done click Apply. After the profile has been added the vtun0 interface should show as Connected on the dashboard.

Connecting

Once the router is setup vpn clients will then be able to access the 10.50.0.0/24 network and devices on the 10.50.0.0/24 network will be able to access the 10.60.0.0/24 vpn network.