Client-Side Access To Openvpn Access Server - Brocade Communications Systems 5600 Reference Manual

Openvpn

Hide thumbs Also See for 5600:

Configuration manual (187 pages)

Reference manual (96 pages)

Quick start manual (48 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

page of 124

/ 124
Contents
Table of Contents
Bookmarks

Table of Contents

Client-Side access to OpenVPN access server

FIGURE 2 Remote access operation

One major difference between site-to-site mode and client-server mode is that in client-server mode,

all the VPN tunnels on the server side terminate at a single tunnel interface. A single termination point

eliminates the need to set up separate tunnel interface IP addresses for each VPN tunnel. This single

termination point is more convenient and operationally simpler for a remote access setup.

Another difference is that in client-server mode, the server-side OpenVPN process dynamically

allocates all tunnel IP addresses from a configured subnet (192.168.200.0/24 in the example) instead

of using fixed tunnel IP addresses for tunnel endpoints. Thus, when the OpenVPN process starts on

the server, it creates the tunnel interface and assigns it an IP address from the subnet to the interface

(for example, 192.168.200.1). Then, when a client establishes a VPN tunnel with the server, the

server-side OpenVPN process also allocates the client an IP address from the same subnet (for

example, 192.168.200.4) and the tunnel interface on the client adopts this address.

Client-Side access to OpenVPN access server

OpenVPN Access Server is a server that authenticates remote client access requests (either locally or

through an authentication server) and provides OpenVPN tunnel configuration information to the

requesting client. It also provides OpenVPN client software if the client requires it, although this is not

required for Brocade vRouter clients. The configuration information allows the client to then establish

an OpenVPN tunnel and an OpenVPN server with minimal configuration on the client side.

The sequence of events is as follows:

1. An administrator configures OpenVPN Access Server for Brocade vRouter client access and,

potentially, configures a separate authentication server and OpenVPN server. The client requires

only configuration information from the server. It does not require client software.

NOTE

It is possible for OpenVPN Access Server to act as the access server, authentication server, and

OpenVPN server.

Brocade 5600 vRouter OpenVPN Reference Guide

53-1003719-03

Table of Contents

Client-Side Access To Openvpn Access Server - Brocade Communications Systems 5600 Reference Manual

Client-Side access to OpenVPN access server

Related Manuals for Brocade Communications Systems 5600

Related Content for Brocade Communications Systems 5600

Table of Contents