Review peer definition

Christopher Dakin

After you have completed the initial Setup Wizard in the UI, you are presented with a login screen.

Log in as your admin account that was created during the Setup Wizard.

LogonBox VPN should now guide you through getting an initial VPN configuration working, which is presented as a popup on every login until you untick the option for Show this help screen again.

If you need to get these hints back after dismissing them, navigate to the Dashboard page and click Help me to get started.

The last area of configuration to review is the Peer definition and is Optional as there is a Default configuration that should work for most users.


Review peer definition

Now we need to look at the Peer Definitions for the clients, these will create the client configuration files for your users.

Click the Peer Definitions link to go directly to the VPN->Peers menu.

There is a Default peer definition already configured, which may be used by all users. If so, then no further configuration is required.


However you can create your own peer definitions by clicking Create.


Taking a look at the configuration options for a peer definition, we would first give the definition a Name.

In the Peers tab, you can Enable or Disable this definition.

For the Type, there are several options.

ONE_TIME - This configuration can be used for a single connection only before it becomes invalid.

PERMANENT - This configuration can always be used and will last forever.

TIMED - This configuration is valid for a set period of time before it disables itself.

TRACK - This configuration will remain valid until the user's password changes.



On the second tab, Routing there are two options at the top that allow clients access to certain subnets.

Allow Realm Subnet Access will allow clients to route to other VPN clients.

Allow Server Subnet Access will allow clients to access the subnet that the VPN server is on.

For example if you want your client to connect to your main network but not see each other, you would have Allow Realm Subnet Access set to OFF and Allow Server Subnet Access set to ON.

On this tab, you can choose to add in extra DNS servers for the clients to use. This can be left blank if you want to use the system DNS option below this.

Finally, Use system DNS will pass the server's DNS server configuration to your clients.


In the Routing tab, the first two options allow your clients to access the Realm Subnet (this is the first subnet from the global pool that gets assigned to the wg0 interface. It is not usually very useful to access this), as well as the Server Subnet (the local network's subnet, i.e the internal IP of your VPN and other servers on your network).

Next you can either define what DNS servers to publish to your clients, or you can just use the Use system DNS to have this done automatically.


In the Client tab you can add in any extra IP addresses or subnets in CIDR notation (i.e that you want to allow your clients to access.

If left blank, then only the Subnets from the Routing tab will be published.


In the Advanced tab there is a single setting for Keep Alive, which determines how often a ping will be sent through the connection which can be useful to keep firewalls etc open.

If you wish to disable this, set the value to 0.


The final tab is for Assignment.

Here you can add in indivudual users, or groups of users (as configured in the Users & Permissions pages) who will be granted access to this configuration.

LogonBox VPN also has containers called Roles, which you can create yourself in Users & Permissions->Roles and can contain any number of users and groups.

There are a couple of default role types available, one of which is called Everyone

Therefore if you wish to grant permissions for this peer definition to all users, simply add the Everyone role. Start typing Everyone, then select it when it appears below the text box to add it to the list.

Click Create to create your new Peer Definition.


You now have a basic LogonBox VPN configuration set up and can start installing and configuring your first client.