VPN Configuration

Configure ports, virtual subnets, routing policy, and DNS for your VPN gateway.

Basic Settings

Navigate to Admin Console → VPN Settings to configure the core parameters:

Routing Modes

Full Tunnel

All traffic is routed through the VPN tunnel. Best for high-security environments:

Routing mode: Full Tunnel
Pushed route:  0.0.0.0/0

Split Tunnel (Recommended)

Only corporate traffic goes through the VPN. Internet traffic connects directly, preserving bandwidth and speed:

Routing mode: Split Tunnel
Pushed routes:
  - 192.168.0.0/16   # Office LAN
  - 10.0.0.0/8       # Data center
  - 172.16.0.0/12    # Cloud VPCs

DNS Configuration

Push internal DNS servers to clients so they can resolve internal hostnames:

DNS servers (pushed to clients):
  Primary:   192.168.1.53   # Internal DNS
  Secondary: 8.8.8.8        # Fallback to Google

DNS search domains:
  - corp.example.com
  - internal.example.com

Client Connection Steps

1. Download and install the Remok client (or use AnyConnect)
2. Enter the server address or Enterprise Code
3. Log in with your username and password
4. Complete MFA if configured
5. The client automatically connects and applies the routing policy

Troubleshooting

Connection Timeout

• Check that the VPN port (default 443) is open in the server firewall
• Verify the client can reach the server IP or domain
• Try switching between TCP and UDP transport protocols

Connected But Cannot Reach Internal Resources

• Verify the routing configuration includes the target subnet
• Check that IP forwarding is enabled: sysctl net.ipv4.ip_forward
• Ensure the internal firewall allows traffic from the VPN subnet (10.8.0.0/24)

DNS Not Resolving Internal Hostnames

• Confirm the DNS server IP is correct in VPN Settings
• Verify the DNS server is reachable from the gateway's network
• Check that split-DNS search domains are correctly configured