Dial VPN with mOTP authentication using Windows Smart VPN Client

This document introduces how to use built-in OTP generator on Smart VPN client and establish a VPN connection to a Vigor Router (VPN server) with Mobile One-Time password (mOTP)

This document introduces how to use built-in OTP generator on Smart VPN client and establish a VPN connection to a Vigor Router (VPN server) with Mobile One-Time password (mOTP). While using mOTP, only the client who knows the PIN code, and has the token device with the right secret and time-synchronized with the VPN server, will be able to calculate the correct password for VPN authentication. Smart VPN Client provides built-in OTP generator, so it can hold the secret and generate a one-time password. It allows the VPN client to dial VPN by mOTP without having an extra token device.   

Generate a Secret on Smart VPN Client

1. Open Smart VPN client and add a new Profile, select Mobile One-Time as Authentication then click mOTP Settings.

2. Select SmartVPN Build-in OTP Generator, and click Generate. It will automatically generate a 32 hexadecimal number as secret. Copy these numbers for VPN settings on the VPN server.

VPN Server Setup

4. Create a remote dial-in user profile with the generated secret. Go to VPN and Remote Access>> Remote Dial-in User, click on an index number to add/edit a profile,

  1. Enable this account
  2. Enter Username
  3. Enable Mobile One-Time Password
  4. Enter 4 to 7 decimal numbers for PIN Code
  5. Enter the numbers copied from Step 3 in Secret.
  6. Select Allowed Dial-in Type
  7. Click OK to save
a screenshot of DrayOS Remote Dial-In User profile

5. Go to VPN and Remote Access >> Remote Access Control to make sure the VPN service is enabled.

a screenshot of DrayOS Remote Access Control Setup

6. The generation of mOTP based on the current time. Please go to System Maintenance >> Time and Date to make sure the time settings on VPN server synchronizes with VPN clients.

a screenshot of DrayOS Time and Date Settings

VPN Client Connecting

1. On VPN clients, click Connect to activate the profile.

2. Enter the PIN code.

3. You can check the Staus that are connected.

4. From VPN Server, VPN and Remote Access >> Connection Management, Administrator may check the VPN clients that are connected.

a screenshot of DrayOS VPN connection management

Generate a Secret on Smart VPN Client

1. Open Smart VPN client and add a new Profile, select Mobile One-Time as Authentication then click mOTP Settings.

2. Select SmartVPN Build-in OTP Generator, and click Generate. It will automatically generate a 32 hexadecimal number as secret. Copy these numbers for VPN settings on the VPN server.

VPN Server Setup

On the router, go to User Management>>User Profile, and add a new profile. 

  1. Enable this profile.
  2. Click mOTP Management, enable Use motp.
  3. Enter 4 to 7 decimal numbers for PIN Code.
  4. Enter the numbers copied from SmartVPN in Secret.
  5. Select the VPN type you want to use.
  6. Click APPLY to save

VPN Client Connecting

1. On VPN clients, click Connect to activate the profile.

2. Enter the PIN code.

3. You can check the Staus that are connected.

Published On: 2016-05-24 

Was this helpful?