IPSec VPN server (Virtual IP)

In Keenetic routers, it is possible to connect to the IPsec Virtual IP server using Xauth PSK authentication to access home network resources. IPsec connection provides absolutely secure access to the home network from a smartphone or tablet: Android and iOS have convenient built-in clients for this type of VPN.

NOTE: Important! A Keenetic device that hosts the IPsec VPN server must be connected to the Internet with a global (public) IP address, and if using the KeenDNS domain name, it must be configured in the Direct Access mode. If any of these conditions are not met, it will not be possible to connect to such a server from the Internet.

To set up the server, it is necessary to install the system component 'L2TP/IPsec VPN server' system component. You can do it on the 'General system settings' page in the 'Updates and component options' section by clicking on the 'Component options'.


Then go to the 'Applications' page. Here you will see the 'IPsec VPN server' panel. Click the 'IPsec VPN server' link.


In the 'IPsec VPN server (Virtual IP)' window that appears, specify the security key in the 'Shared IPsec key' field. This security key will need to be used on the client when configuring the VPN connection.

NOTE: Important! The L2TP/IPsec VPN server also uses this key.


The 'NAT for clients' option is enabled in the server settings by default. This setting is used to allow VPN server clients to access the Internet.

The total number of possible simultaneous connections is limited by the IP address pool size. Like the initial IP address, this setting should not be changed unnecessarily.

NOTE: Important! The IP subnet you specify must not match or intersect with the IP addresses of other interfaces of the Keenetic router, as this may result in an IP address conflict.

In the 'Users' section, select the accounts you want to allow access to the VPN server. Here you can also add a new user by specifying a username and password.

After configuring the server, put the switch in the 'Enabled' state.


By clicking on the 'Connection statistics' link you can see the connection status and additional information about active sessions.


When setting up the connection to the VPN server on Android devices, choose the type of VPN connection 'IPsec Xauth PSK', and on iOS devices - 'IPsec'.


Have more questions? Submit a request



Please sign in to leave a comment.