VPN客户端是用于在用户和VPN服务器之间建立安全连接的终端设备或软件。
什么是 VPN?
VPN(虚拟专用网络)利用隧道技术帮助您远程、安全且私密地访问互联网资源。当您使用互联网时,VPN 会加密您的个人信息并向公众隐藏您的 IP 地址。对于 VPN 用户来说,这就像计算机直接相互连接一样。
常见网络拓扑:

这里我们以WR2100作为演示。
步骤 1:打开网络浏览器并转到http://cudy.net或http://192.168.10.1 。
详细信息请参阅如何登录Cudy路由器的Web界面?
第 2 步:点击常规设置-> VPN并启用VPN 。

默认规则:允许所有设备或禁止所有设备使用 VPN。
要指定设备,请单击系统状态->设备-> VPN来启用或禁用它。

站点到站点:允许两个站点中的设备相互通信。
VPN 政策:
禁用:无需其他设置。
VPN 终止开关:当 VPN 连接丢失时关闭互联网连接。
域:指定哪些域通过 VPN,哪些不通过
远程子网:指定哪些子网通过 VPN,哪些不通过
步骤3:在协议列表中,选择您需要的协议,然后输入您的VPN提供商提供的VPN信息。
• PPTP VPN
输入 VPN 服务器地址(例如,113.92.73.163)以及 VPN 提供商提供的 VPN 用户名和密码。

• L2TP VPN
输入 VPN 服务器地址(例如 113.92.73.163)、VPN 用户名和密码以及 VPN 提供商提供的预共享密钥。
如果您的 VPN 提供商还为您提供了与帐户绑定的隧道 IP,您可以启用使用自定义隧道 IP选项。

• OpenVPN
单击浏览器导入您的 VPN 提供商提供的配置文件。


• WireGuard VPN
单击浏览器导入您的 VPN 提供商提供的配置文件。

接口和对等点将自动从您的 VPN 提供商的CONF 文件同步。

• ZeroTier 从属
输入 ZeroTier Master 提供的ZeroTier 网络 ID和网关。网关可以在 VPN 状态部分找到。


186 条评论
Dear TEN, Would you please record a screen video to show me how do you set on the router and how to reproduce this issue. Then send it to my email box. samcudy.com
I will check and try to find a solution.
Adding to the urgency of my and others’ reports below, on firmware 2.4.7 I have found the “VPN kill switch” to fail contrary to its name and purpose, leaking local IP after WireGuard drops, which as you know may put users in serious jeopardy.
@Dear TEN,
We will follow it, please wait patiently.
“WireGuard VPN with kill switch does NOT (re)connect automatically indeed (i.e. stays red) on current firmware https://www.cudy.com/cdn/shop/files/WR3000E-R53-2.4.7-20250528-182254-sysupgrade.zip in WISP mode after reboot(s) or when host WiFi comes up (again).
Cf. Evian’s requests currently at the bottom of https://www.cudy.com/de-de/blogs/faq/wie-stelle-ich-den-vpn-client-ein-um-auf-einen-remote-vpn-server-zugreifen?page=5#Comments-589223624948
From the web interface which most clients should not (have to) access, VPN can be made connect (turn green) by manual iterations through toggling it off, saving, waiting, then toggling VPN on again, saving again (steps possibly required repeatedly), or comes on again (then) automatically after running Diagnostics:
This behavior suggests there may be a timing issue of VPN initially failing e.g. because WISP (or generally WAN) isn’t fully up yet for a WireGuard tunnel to establish, then staying disconnected because it may not be retrying (frequently enough, or at all).
If auto-connect can’t be made more reliable, dedicated buttons to (re)connect VPN and show details of its log and status would at least help admins recover.
As a defense against leakage, of course enabling “VPN kill switch” often isn’t optional.”
WireGuard VPN with kill switch does NOT (re)connect automatically indeed (i.e. stays red) on current firmware https://www.cudy.com/cdn/shop/files/WR3000E-R53-2.4.7-20250528-182254-sysupgrade.zip in WISP mode after reboot(s) or when host WiFi comes up (again).
Cf. Evian’s requests currently at the bottom of https://www.cudy.com/de-de/blogs/faq/wie-stelle-ich-den-vpn-client-ein-um-auf-einen-remote-vpn-server-zugreifen?page=5#Comments-589223624948
From the web interface which most clients should not (have to) access, VPN can be made connect (turn green) by manual iterations through toggling it off, saving, waiting, then toggling VPN on again, saving again (steps possibly required repeatedly), or comes on again (then) automatically after running Diagnostics:
This behavior suggests there may be a timing issue of VPN initially failing e.g. because WISP (or generally WAN) isn’t fully up yet for a WireGuard tunnel to establish, then staying disconnected because it may not be retrying (frequently enough, or at all).
If auto-connect can’t be made more reliable, dedicated buttons to (re)connect VPN and show details of its log and status would at least help admins recover.
As a defense against leakage, of course enabling “VPN kill switch” often isn’t optional.
@Dear Khisamov,
Our technical support has contacted you via email. Please check.
“Hello,
We are using Cudy M3000 routers with firmware version 2.4.8 and have encountered the following issues:
No Option for Bulk Subnet Entry:
There is currently no way to add multiple subnets in bulk — each one has to be entered manually. This becomes very inefficient when dealing with a large number of subnets.
Is there any method to simplify this process (e.g. import from file, support for subnet ranges, etc.)? Are there any plans to introduce such functionality in future firmware updates?
Unable to Delete Subnet – Duplicate Error:
When attempting to delete a previously added subnet, we receive an error stating that duplicates exist, even though the subnet was added only once.
This prevents us from removing or modifying the entry. Could you advise on how to resolve this issue, and whether it is expected to be fixed in an upcoming release?
Looking forward to your assistance.”