Use OpenVPN with NordVPN server as client on B One router limiting individual LAN ethernet ports &/or WiFi 6 connections

Everything Else
1

Hello,

Is it possible to use OpenVPN with NordVPN server as client on B One router limiting individual LAN ethernet ports &/or WiFi 6 connections that use the OpenVPN client tunnel to NordVPN’s OpenVPN server?

I apologize if I’ve missed this in the Peplink Community. I did many searches here, and on the Internet. The problem may be that the B One router is a fairly new release.

I just received the B One today. I’ve got it up and running. I’m asking because I like to use higher security accessing financial and medical websites. However my new streaming service does not allow the use of a VPN with their service. In the past I would daisy chain routers with the VPN router being in position 2 changing the IP address of router 2. However after researching the B One I thought that I’d purchase, and explore the possibilities.

Thanks for your help!

Regards,

GoldWing

2

have you looked at using speedfusion connect instead of openvpn for that traffic?

3

No I haven’t.

I’m new to Peplink, and the B One Router. I’ve used NordVPN service for years on multiple devices (i.e. PC’s, Smartphones, & routers). Was just trying to figure out if my prior practices are doable with the B One. I’ve learned with the B One that DoH is the preferred DNS query encription method over my prior practice of using DoT which is NOT necessarily a bad thing. I’ve only had it a day. New interface with what appears to be a LOT of options after you drill down into the interface which is my first impression that is GOOD. I just have to LEARN about the interface. The WAN options are the main reason WHY I purchased the B One. I found a link on NordVPN’s website pertaining to different Peplink router which may still apply. I’ll give it a try, and post my results.

NordVPN FAQ page on Peplink router with NordVPN OpenVPN:

https://support.nordvpn.com/hc/en-us/articles/20375659316497-Peplink-Pepwave-setup-with-NordVPN

Regards,

GoldWing

4

Here is what worked for me from the beginning.

01 Purchase OpenVPN License from Peplink Product Code “LIC-OPN-WAN”, & may have to register License Key per email after received which includes helpful support links.

02 Download latest firmware from Peplink Support page for B One Router.

03 Install latest firmware into B One Router.

04 Do a Factory Reset with paper clip into hole in front of router for approximately 10 seconds until status light off.

05 Login with Browser using URL of “https://192.168.50.1

06 Click “Advance”, then Click “Accept the Risk and Continue”

07 Username = “admin” and Password = “admin”

08 Update Password for Admin per login procedure (i.e. no choice), & you will have to re-login again using new password

09 Go to Dashboard and change URL per Why is my new B One broadcasting on Bluetooth as "Peplink API Service"? - #17 by C_Metz.

10 Update Admin User Name via System > Admin Security > Admin User Name

11 Disable InControl via System > Incontrol > Controller

12 Change Security Policy to WPA3 – Personal via AP > Wireless SSID > PEPLINK_F3AE > Security Settings > Security Policy

13 Change Web Administration Settings (on External AP) for Admin Username & Admin Password via AP > Settings > Web Administration Settings (on External AP)

14 Disable Web Administration Settings (on External AP) for Admin Username & Admin Password via AP > Settings > Web Administration Settings (on External AP)

15 Update SSID named and Password via AP > Wireless SSID > PEPLINK_F3AE > SSID and Shared Key

16 Change Time Zone for AP to UTC-6 Central Time (US & Canada) via AP > Settings > AP Time Settings ( on External AP)

17 Change System Time to Central (US & Canada) via System > Time > Time Zone

18 Enable DNS over HTTPS using Quad9 via Network > WAN > DNS over HTTPS

19 List All Clients accessing the LAN via Status > Client List

20 Add Clients to DHCP Reservations via Status > Client List > Click “ Add to DHCP Reservation button” on far right of table

21 Review DHCP Reservations via Network > Network Settings > Untagged LAN

22 Import NordVPN OVPN file using UDP protocol via Network > WAN > OpenVPN WAN 1 > OVPN Profile > Choose a file from NordVPN’s website which you should find with a simple search

23 Enter Login Credential via Network > WAN > OpenVPN WAN 1 > Login Credential (Optional)

24 Click “Save and Apply” on bottom right of browser screen

Outbound Policies Required for each PC/Device:

25 Setup Outbound Policy by adding a rule for the individual PCs or printer when both “WAN 1” and “OpenVPN WAN 1” are both in the “Priority 1” Status via Dashboard > General with all Outbound Policy’s Algorithm set to “Enforced” clicking “Save” and “Apply Changes” after entering the new Outbound Policy per instructions below noting that the PC Network IP may change if using a different Dock or Hub.

25A Delete “HTTPS_Persistence” default policy because ALL Devices/PCs are enforced to use either WAN 1 or OpenVPN WAN 1 via Advanced > Outbound Policy > Red X

25B Setup Outbound Policy for Canon Printer to use VPN connection with higher security connection via Advanced > Outbound Policy > Add Rule setting Algorithm > Enforced and Enforced Connection > WAN: OpenVPN WAN 1 and Source > IP Network > Printer Network’ s IP 192.168.50.xx > Mask 255.255.255. 255 /32 and Destination > Any afterward Save and Apply so the Canon Printer IP is 192.168.50.149 when updating the printer’s firmware over the internet with a VPN

25C Setup Outbound Policy for HP-P7-1534 Dell Tower to use VPN connection with higher security connection via Advanced > Outbound Policy > Add Rule setting Algorithm > Enforced and Enforced Connection > WAN: OpenVPN WAN 1 and Source > IP Network > HP-P7-1534’s IP 192.168.50.xx > Mask 255.255.255. 255 /32 and Destination > Any afterward Save and Apply

25D Setup Outbound Policy for XPS_DellDock to use VPN connection with higher security connection via Advanced > Outbound Policy > Add Rule setting Algorithm > Enforced and Enforced Connection > WAN: OpenVPN WAN 1 and Source > IP Network > XPS_DellDock’ s IP 192.168.50.xx > Mask 255.255.255. 255 /32 and Destination > Any afterward Save and Apply

25E Setup Outbound Policy for Spectre13_XPS_CaldigitHub to use VPN connection with higher security connection via Advanced > Outbound Policy > Add Rule setting Algorithm > Enforced and Enforced Connection > WAN: OpenVPN WAN 1 and Source > IP Network > Spectre13_XPS_CaldigitHub’ s IP 192.168.50.xx > Mask 255.255.255. 255 /32 and Destination > Any afterward Save and Apply

25F Setup Outbound Policy for Inspiron Laptop to NOT use VPN connection due to only use for streaming service to home entertainment center via Advanced > Outbound Policy > Add Rule setting Algorithm > Enforced and Enforced Connection > WAN: WAN 1 and Source > IP Network > Inspiron s IP 192.168.50.xx > Mask 255.255.255. 255 /32 and Destination > Any afterward Save and Apply

Apparently the community forum does not accept hyperlinks for new users. So sorry if I’ve messed up reformatting my outline without hyperlinks so the community forum would accept.

Regards,

Goldwing

5

The above setup splits the WAN 1 connection bewtween PCs/Devices using NordVPN’s OpenVPN tunnel on the B One router, and those PCs/Devices connected directly to the WAN 1.

For new users of the Peplink routers AND the B One Router hopefully the Dashboard image will help.

Dashboard
Dashboard1920×1200 156 KB

Thanks to Support for helping me out. Now I can do with 1 router (i.e. B One) which in the past took 2 routers daisy chained together.

Regards,
GoldWing

6

Since I’m a new user apparently can upload only 1 image at a time.

Here is an imag of the Outbound Policy which may help.

OutboundPolicy
OutboundPolicy1920×1200 148 KB

Regards,
GoldWing