configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS
for key exchange. It is capable of traversing network address translators (NATs) and firewalls. It
was written by James Yonan and is published under the GNU General Public License (GPL).
OpenVPNand allows peers to authenticate to each other using a pre‐shared secret key,
certificates, or username/password. When used in a multiclient‐server configuration, it allows the
server to release an authentication certificate for every client, using signature and Certificate
authority. It uses the OpenSSL encryption library extensively, as well as the SSLv3/TLSv1 protocol,
and contains many security and control features.
OpenVPN Server
To create your OpenVPN Server, navigate to web menu Network Settings‐>VPN Server. Check the
radio button of OpenVPN to configure your OpenVPN server.
Enable: Tick to enable OpenVPN server.
Stealth:Certaindeep packet inspection firewalls might not allow OpenVPNtraffic, stealth SSL
tunneling can disguise your OpenVPN traffic under the HTTPS traffic which is often seen as
HTTPS traffic by the DPI.
Certificate:Certificate is one of the client authentication methodsavailableinOpenVPN.
Port:OpenVPN service port, the default is 1194.
Stealth Port:Stealth service port, the default is 443.
Protocol:You can choose eitherUDP or TCP. Stealth requires TCP only so if you havestealth
enabled then this option is not configurable and the Server will use TCP by default.
Device Node:TUN or TAP; A TAP device is a virtual Ethernet adapter, while a TUN device is a
virtual point‐to‐point IP link.
Cipher:Cipher (or cypher) is an algorithm for performing encryption or decryption.
Compress
Lzo:LZO is an efficient data compression library which is suitable for data
de‐compression in real‐time.
TLS‐Server: TLS is an excellent choice for authentication and key exchange mechanism of
OpenVPN.