I’ve been using a TP-Link Archer AX3000 router to power my home network for a couple of years now. I’ve been extremely pleased with the device, and it’s honestly exceeded all of my (admittedly low) expectations as far as consumer networking gear goes. That being said, once I got everything configured shortly after procuring the device, I rarely think about it or need to tweak anything about my network other than adding the occasional DHCP reservation for something. Recently, though, I needed to revisit it to see if it offered any VPN settings.
My problem is that I needed an IoT device, which obviously has no ability to run a VPN client, to sit behind a VPN so that I could egress its traffic to the Internet from a different location. Since the device can’t run a VPN client, my only option is to put it behind something else connected to a VPN. In a perfect world, I really wanted to have just this IoT device piping traffic through the VPN rather than everything on my network, but that was something I could work around if needed.
Luckily for me, the AX3000 offers both VPN server and VPN client capabilities. In this case, I just needed the VPN client, which I was able to access by going to Advanced > VPN Client.
Note: These steps are all after connecting to the local web interface on the device; I can’t speak to whether or not any of this exists within the mobile app you can use to manage anything because I don’t use it.
I clicked the Add button to add a new VPN configuration and saw that I could simply upload one. Since I already have a Proton subscription, Proton VPN is what I intended to use. I opened a new browser tab and went to my account settings. From there I could click on WireGuard under the VPN settings. I selected the server I wanted to use and several other settings. This generated a nice VPN configuration for me to download:
With my config in hand, I went back to the UI for my router and uploaded it. This added a new VPN setting for me that could be toggled on and off at will. Even better, there’s a section below the VPN settings where I can select which clients of the router will have their traffic flow through the VPN, which is exactly what I wanted. I was able to snag a few devices with which this would be useful and place them under the VPN. The only painful part is when devices identify themselves as something super generic like “linux”. It may take a little detective work to ensure that the correct device is being selected.
With everything in place, I just had to toggle the VPN on and run a quick test, which successfully showed that my desired device was egressing traffic through the VPN.
One response
[…] like contacts and calendar that are basically a requirement. Then they started offering up VPN service and, most recently, a password […]