Table of Contents
Advertisement
Chapter 4
simultaneous Stunnel connections, irrespective of the configured 'Max Clients' parameter
value. By default, this list is empty. If you have added a new IP pool range, it will only
become effective after the next restart of Stunnel.
Figure 4-13 Stunnel IP Pool Section of the Stunnel Configuration Page
4.1.6
Downloading, Creating, and Adding a Certificate
Stunnel uses a self-signed certificate to establish connections on TCP port 443 and allow
VPN remote access for VoIP phones. The Certificate Store contains certificates for use with
SSL/TLS. All certificates are kept in the Certificate list and can be downloaded from here.
The system supports Verisign or Go-Daddy signed certificates.
To access the Certificate Store, select Stunnel Certificate Store from the Configuration
Menu.
VPN Concentrator Installation and Configuration Guide
Note:
Remove addresses from the DHCP server or servers on the LAN that will
be used by the VPN Concentrator' s address pool. The IP address pool
must be part of the VPN LAN subnet, and must not overlap with the
pool used by the DHCP server on the same subnet
Note:
Certificates can and generally do have FQDN's associated to the
certificate for reverse DNS resolution. Configuring a FQDN for the
system on your DNS server will typically be a DNS A record to resolve
the WAN IP of the system to a DNS A record e.g. stunnel.example.com.
When generating the CSR using this example the common name will be
stunnel.example.com.
Configuring the VPN Concentrator
41
Hide quick links:
Advertisement
Table of Contents
