Download
Enterprise
Pricing
Help
Privacy
Terms

Your FydeOS device can connect to a private network, like the network at your work or school, using a Virtual Private Network (VPN) connection.

Note: If you're using your FydeOS device at work or school and have problems setting up your VPN, for more help.

#L2TP/IPsec VPN support

FydeOS has built-in support for VPNs that use L2TP over IPsec. The IPsec layer will either use a pre-shared key (PSK) or user certificates to set up the secure tunnel. The L2TP layer requires a username and password.

  1. At the bottom right, select the time.
  2. Select Settings img.
  3. In the “Network” section, select Add connection.
  4. Next to OpenVPN / L2TP, select Add img.
  5. In the box that appears, fill in the info. If you're using your FydeOS device with an organization, you might need to get this information from your administrator.
    • Server hostname: This can either be the IP address or the full server hostname.
    • Service name: This can be anything you want to name this connection. For example: "Work VPN."
    • Provider type: Select L2TP/IPsec + Pre-shared key or L2TP/IPsec + User certificate.
    • Username, Password: Your L2TP/PPP credentials. Each VPN user should have their own unique username and password.
    • Group name: The client's IPsec identity field, which some VPN servers use to set up the Tunnel Group or User Realm. If you’re unsure, leave this field empty.
    • Pre-shared key: Used for PSK connections only. This key isn't your personal password, but a passphrase or key used in the IPsec configuration. In a typical set-up, everyone who connects to the same VPN server will use the same PSK.
    • Server CA certificate: Used for user certificate connections only. Select your installed certificate authority certificate from the list. The server's certificate will be checked to ensure that it was signed by the correct certificate authority (CA). If you are having trouble with your server certificate, you can select "Don’t check" to skip CA validation; however, this skips an important security measure.
    • User certificate: Used for user certificate connections only. Select your installed user VPN certificate from the list. If you don't have any certificates installed, you'll see an error message. To install a certificate, see the instructions below.
  6. Select Connect.

#OpenVPN support

FydeOS has basic support for OpenVPN servers. OpenVPN connections can use username/password authentication, client certificate authentication, or a combination of both.

  1. At the bottom right, select the time.
  2. Select Settings img .
  3. In the “Network” section, select Add connection.
  4. Next to OpenVPN / L2TP, select Add img.
  5. In the box that appears, fill in the info. If you're using your FydeOS device with an organization, you might need to get this information from your administrator.
    • Server hostname: This can either be the IP address or the full server hostname.
    • Service name: This can be anything you want to name this connection. For example: "Work VPN."
    • Provider type: Select OpenVPN.
    • Username and password: Your VPN credentials. This can be left blank if your server only uses client certificate authentication.
    • OTP: If you have an OTP card or VPN token that generates one-time passwords, get a password and enter it here. In most cases, you'll leave it blank.
    • Server CA certificate: Select your installed certificate authority certificate from the list. The server's certificate will be checked to ensure that it was signed by the correct certificate authority (CA). If you are having trouble with your server certificate, you can select "Don’t check" to skip CA validation; however, this skips an important security measure.
    • User certificate: If your VPN server requires client certificate authentication, select your installed user VPN certificate from the list. To install a certificate, see the instructions below.
  6. Select Connect.

#Android VPN apps

FydeOS can install Android VPN apps.

To create a new connection or to connect to a VPN provided by an Android app:

#Step 1: Configure the VPN app to your FydeOS

  1. At the bottom right, select the time.
  2. Select Settings img.
  3. In the “Network” section, select Add connection.
  4. Next to a connection, select Add [app name]... .
  5. Follow the onscreen instructions.

#Step 2: Keep your VPN connection on

Some VPNs can always stay connected unless your VPN connection stops.

  1. Make sure you configured a VPN app to FydeOS.
  2. At the bottom right, select the time.
  3. Select Settings img.
  4. On the left panel, select Apps.
  5. Select Manage Android preferences.
  6. In the window that appears, select Network & internet.
  7. Select VPN. Your VPN app should now be listed.
  8. To the right of your app, select Settings img.
  9. Turn on Always-on VPN. If your Always-on VPN connection stops, you get a notification that stays on until you reconnect. To clear the notification, turn off that specific Always-on VPN.

Tip: If your VPN connection stops and you don’t want to connect directly to the internet, turn on Block connections without VPN.

#Install certificates

You might need certificates to connect to a VPN, WPA2 Enterprise network, like EAP-TLS, or a website that requires mutual TLS authentication. If so, your administrator might ask you to visit a special website while connected directly to your organization's network, or download and install the certificates directly yourself.

You'll need:

  • A server certificate that's for everyone at your organization
  • A user certificate that is specific to you

Install your server certificate

  1. Download your server certificate, according to the steps your administrator gives you.
  2. Open a new tab in Chromium.
  3. In the address bar, enter chrome://settings/certificates
  4. Select the Authorities tab.
  5. Select Import and choose the X.509 certificate file, which is usually a file with a .pem, .der, .crt, or .p7b extension.
  6. In the box that appears, fill out the info. None of these settings need to be turned on, so we recommend that you leave these unchecked.
  7. The certificate will open and install itself on your FydeOS.

Install your user certificate

  1. Download your user certificate, according to the steps your administrator gives you. Your certificate filename should end with .pfx or .p12.
  2. Open a new tab in Chromium.
  3. In the address bar, enter chrome://settings/certificates
  4. Select Your certificates.
  5. Select Import and Bind.
  6. In the box that opens, select the certificate file and select Open.
  7. When prompted, enter the password for your certificate. If you don't know the password, contact your network administrator. If you don't have a password, select OK.
  8. The certificate will open and install itself on your FydeOS.

FydeOS only support RSA client certificates for authenticating to VPNs or EAP wireless networks. ECC client certificates aren’t supported.

FydeOS is made possible by gentle souls with real ❤️