VPN Client Types

Server Agent: Netclient

On-Demand User Access: Netmaker Desktop / Mobile

Always-On Static Config: WireGuard Client

The Netclient is meant to run on Linux and Windows servers that act as managed endpoints in the VPN. Servers added via the Netclient appear as Nodes in your dashboard, and can be configured as gateways to route endpoint traffic, such as Remote Access Gateways, Egress Gateway, and Relays. The netclient is an active, headless agent that runs in the background on devices, by default creating a peer-to-peer network with other netclients.

The Netmaker Desktop and Mobile Apps are provided to users so they can log into the VPN from their devices (workstation, phone). Your server can be set up with either basic auth or any OIDC-compliant auth provider like Google or Azure AD, so users can log in with their credentials. After logging in, users have on-demand access to the VPN, selecting which networks they will connect to. This is how Netmaker provides remote access to users.

Static WireGuard VPN config files can be generated and customized on Remote Access Gateways within Netmaker. These files can be run on any device which supports WireGuard, and are typically used to integrate non-native devices such as routers and IoT devices. For access to and from sites, additional IP ranges can be added to these config files. These files can also be used to configure “always on” VPNs on user devices, managed by administrators.