▷ How to create a vpn network in cloud insight with a netgear br500 router

In this article, we will take a closer look at how to create a VPN network in Cloud Insight with the NETGEAR BR500 router. After conducting our complete analysis of the NETGEAR brand router for professional use, and seeing its interesting ability to create and manage VPN networks, we are going to dedicate these lines to studying the entire process of creating a VPN network from the moment we connect our router to power.

Index of contents

NETGEAR's proposal that any user, without prior knowledge, be able to set up their own virtual private network, has seemed very interesting to us. Thanks to the remote management of your professional devices through Cloud Insight, we can create our network configuration with just a few clicks. It is also true that we will have to need certain knowledge about how this company cloud works and how to connect our router to it. Surely this is the most complex part and not the creation of the network itself.

NETGEAR BR500 VPN Network Features

Before starting the process of creating the network, it is important that we know the possibilities offered by this equipment, as well as the main characteristics of the network.

The first thing to keep in mind is that we will have the possibility of creating a VPN network through two procedures. The first will be through Insight, as we have explained, and also within the router's own firmware, through OpenVPN. It will also be worth spending time watching this process to see the difference between one solution and another. The standard used for VPN networks will be 802.1Q

OpenVPN network

The first option we have is precisely to enter the firmware and configure a VPN network using OpenVPN. For this we will need to take into account the following:

• We can only proceed to activate it and configure which port we want to use for client access. We also do not have the possibility of creating a Site-to-Site network with several devices to join networks with each other. The level of security used is through a 1024- bit RSA certificate and an SHA256 algorithm for digital signature. Now we can create a new certificate, or configure credentials. This means that we will always have the same RSA certificate to configure the OpenVPN client credentials, even after a router reset. Security will therefore be quite compromised through this VPNS creation method. The router itself will provide us with the client's configuration file, as well as the corresponding certificates. We will have to have OpenVPN installed on the computer that we want to connect to the VPN. We can do it through Windows, MAC, iOS, and Android.

VPN Insight Network

For its part, the VPN Insight network does have the ability to add both groups and users to the network through email and password access. As long as they have a NETGEAR account. These are its main characteristics:

• Possibility of making a Site-to-Site configuration, this means that we can create up to 3 networks using more BR500 routers and join them to have a wider use. Each device will allow us to have up to 10 clients connected simultaneously. 56-bit DES, 168-bit 3DES, AES (128, 192, 256 bit) / SHA-1, MD5 IPsec encryption method. The encryption for SSL certificates up to version 3 will be, DES, 3DES, ARC4, AES (ECB, CBC, XCBC, CNTR) 128, 256 bit. The management will be exclusively through Insight Cloud through the web portal or through the application for Android or iOS Smartphone. We will need a client installed on the computer that wants to connect to the network. The administration service will automatically provide a link for direct download.

Both options support the VPN tunnel connection method using IPsec, PPTP and L2TP. In addition, we will have a DHCP server integrated in the router for dynamic assignment of the IP address of the connected equipment, which can go out to the Internet from it.

Create VPN network from Insight Cloud with NETGEAR BR500 from web browser

Once the main characteristics of the VPN network have been presented, we will fully enter the process of creating it through NETGEAR Insight Cloud. For this we are going to assume that we have just bought our BR500 router and we have already carried out the process of connecting it to both the power and the LAN of our equipment.

The first thing we have to do is create an Insight account. If we already have one created in MyNETGEAR, it will be perfectly valid to access Insight. We will go to NETGEAR Insight to click on the button located in the upper right corner of the portal.

Once inside, we will have to create a location first of all, for this click on " All locations " and the option to " Add location " will appear. We will put the information that we see convenient in the form and it will appear in the main window.

The next thing will be to access this new location so that the entire management menu appears within it. Now it is time to add our RB500 router to this location. We must press the "+" button located in the upper right area and it will ask for the equipment serial number.

We can find this number at the bottom of the router under a barcode with the name "Serial"

We will already have our NETGEAR BR500 added to this location, although it will not appear in the "connected" state yet. For this we will have to restart the router, something that will be done automatically, in principle, otherwise we will do it ourselves.

After a few seconds of waiting, and checking that we already have a connection again, we will refresh the screen and the equipment will appear as "Connected". The blue indicator on the router with the name “Cloud” will immediately light up. The device is ready to be configured.

Create a VPN and user group

Well, we double-click on the equipment drawing to access the configuration options.

Before adding a user to a VPN we will need to create a VPN group. To do this we will go to the section " VPN groups " and click on " Create VPN group ".

We put the name we want, as long as it does not have alphanumeric characters. Click on "Save" to create the new group. We will see that in this window we have created a circular scheme that connects to a cloud and a user.

To add our router to this VPN group and thus we can use it, click on " Add device ", inside the circle. We will choose a router, if we have several, and this will remain within the group.

This will show a diagram like the following. We will immediately notice on our physical router that the VPN indicator has turned on, located right next to the Cloud indicator.

We go to the section " VPN Users " to start adding the users that we want to have access to our new network. For this we will have to enter their email address and they will also need to have an account in Insight or MyNETGEAR since this will be the password to access the VPN network from the client.

Our Insight administration process will be over at the beginning. Now all go to the point of view of the client to be connected.

VPN Client Configuration

After clicking on "Invite" the customer will receive an email to their account with the information necessary to make the connection. The first thing you will have to do is click on the link in " Click here to accept this invitation ".

After the account is activated with the corresponding message in the browser, it will be your turn to click on the download link of the client program. Just below " Download and install the VPN client ", we will have the option to download the client for Windows or for Mac OS. There is no for Android or iOS.

The installation of the program will begin the moment we have double-clicked the downloaded file.

We choose the installation directory and accept the installation of a new network adapter to be used in the connection. Finally we open the program.

NETGEAR BR500 VPN network step 11

NETGEAR BR500 VPN network step 12

NETGEAR BR500 VPN network step 13

Now, our user can put their email and password for their account in NETGEAR to access the VPN. Then click on "Connect"

In the next step, we will have to choose a VPN group to connect to it. If we have several, we can access whatever we want.

Finally, the connection will be completely terminated and a status panel will be shown in which we will have the IP address, connection duration and measures for browsing data consumption.

If, out of curiosity, we make an ipconfig at a command prompt, we will see that the IP address obtained will appear in the network adapter corresponding to the VPN. In Insight's own configuration panel we can also see the users connected to the VPN network, either in the VPN group scheme or by accessing the user in question.

NETGEAR BR500 VPN network step 17

NETGEAR BR500 VPN network step 18

Create VPN network from APP NETGEAR Insight on Android

To perform the procedure in the application we will follow practically the same steps as in the previous case, so we will not explain the procedure in such detail.

We will start in the same way as in the previous method, that is, creating a new group by clicking on the upper section of the application.

Then we will click on the “+” symbol within the group to add a team to it. In this case we can directly place the camera in the barcode in the lower area of ​​the router or the QR code that appears on the main screen of the firmware.

NETGEAR BR500 Android VPN network step 01

NETGEAR BR500 Android VPN network step 02

Then we can put a name to the team in a quick assistant. As in the previous example, we will also need to restart the router so that it can connect to the Insight Cloud.

After waiting a while, the device will stay connected and will appear in the main panel of the app.

NETGEAR BR500 Android VPN network step 03

NETGEAR BR500 Android VPN network step 04

Now we must create the VPN group and for this, we will click on the router icon in the previous window. In the new one, we will click on “ VPN Group ” to create one.

NETGEAR BR500 Android VPN network step 05

NETGEAR BR500 Android VPN network step 06

Of course, once created, we will have to add NETGEAR BR500 to this created group and thus, the indicator light that we are activating the VPN network will light up.

NETGEAR BR500 Android VPN network step 07

NETGEAR BR500 Android VPN network step 08

Now it's time to create the VPN users, for this we open the side menu and access " VPN Users ". Pressing on the “+” symbol we can access the users we want.

In this way, we will have reached the point where the client must proceed to configure their access.

NETGEAR BR500 Android VPN network step 09

NETGEAR BR500 Android VPN network step 10

NETGEAR BR500 Android VPN network step 11

Configure OpenVPN network on NETGEAR BR500 from firmware

Now it is time to explain how to create a network with OpenVPN directly from the router firmware through access through our web browser. Using this method we will not have the possibility to configure users or credentials and we will also need to activate the router's DNS service so that the OpenVPN client can resolve the external IP address. Let's start at the beginning.

We must keep in mind that to access the VPN that we create with this method, we will have to be located outside the local network, since it only allows remote access. We also won't need to open router ports.

To access the firmware of the router, the easiest thing will be to open the Windows file explorer and go to the network section. There the router icon will appear so that, after double clicking, we can access its interface. If it is the first access, we will have as user " admin " and as password " password ".

We go to the advanced firmware configuration section to directly access the “ Dynamic DNS ” section. Here we will need to activate the top option to use dynamic DNS.

If we do not have when DDNS NETGEAR, we will have to choose for example the No-IP service to create an account and a profile to create a domain. It will be as simple as creating a user account to place a name on the public IP address that the web detects.

We must bear in mind that, by default, the domain extension must be " .mynetgear.com ”, substituting for what we want.

Next, we put username, password and hostname in the firmware form and click on " Apply ". After this, we can already access the " Open VPN " section.

The work is simple, we will only have to click on " open the VPN service " and click on " Apply ". The other parameters we will not need to change them.

Configure VPN client

The next thing will be to click on the operating system that interests us from the list that we have, Windows, MacOSX, iPhone or Android. A complete guide will appear on what we have to do in order to correctly configure our OpenVPN client.

We will click on the client download link, and then on the " For Windows " button to download the configuration.

Once we have downloaded the client and installed it, as indicated in this small guide, we will have to modify the name of the network adapter that has been installed to access the VPN. To do this, press the key combination " Windows + R " and write in the Run the following command tool and then press Enter.

ncpa.cpl

Right-click on the adapter named " TAP-Windows Adapter V9 " and click on " Rename ". Next, we put the name " NETGEAR-VPN ".

Network OpenVPN NETGEAR BR500 Android step 07

Network OpenVPN NETGEAR BR500 Android step 08

Now we open the other compressed file that we downloaded from the firmware. This contains the client configuration, so we will take all the files inside it and paste them in the following path:

C: \ Windows \ Program Files \ OpenVPN \ config

If, out of curiosity, we open the file "client" we will see all the configuration of access to the VPN network, such as domain, name of the network adapter, port, etc.

Network OpenVPN NETGEAR BR500 Android step 09

Network OpenVPN NETGEAR BR500 Android step 10

Finally, we open the main program OpenVPN GUI to carry out the connection process. If all goes well, we will already be within the VPN network.

Conclusion on creating a VPN with NETGEAR BR500

As we have seen, there are two ways to create a VPN network with our NETGEAR BR500 router. Although it is true that through Insight, it is much safer to connect than with OpenVPN, since we will be able to manage the credentials of the users we want them to enter and the encryption will be variable.

The encryption method is strongest in Insight, and the most intuitive process to follow. For this reason, we strongly recommend that we use this method instead of the previous one. NETGEAR has undoubtedly done a good job of integrating with your cloud to provide us with interesting configuration options like these, without the need to open ports or access the firmware of the router.

The possibility of doing the same procedure with the application on a Smartphone closes the circle. Any user with minimal VPN knowledge will be able to create their own with just a few clicks. Of course, before you will have to perform the Insight Cloud activation procedure and enter the router in it, a process that is even more complex than creating the VPN.

We hope that this tutorial has been interesting for those users who want to know the whole process of creating this type of network. If you have had any problem or want to leave your opinion about these NETGEAR solutions, write us in the comments.