Westermo OS Management Guide
Version 4.24.1-0
Chapter 37
SSL VPN
This chapter describes the WeOS SSL VPN support. The WeOS SSL VPN is based
1
on OpenVPN
, and WeOS units can act both as SSL VPN server and client. With
the WeOS unit configured as an SSL VPN server gateway with layer-3 VPN in-
terface, it is typically used in HOST-NET VPN scenarios where various SSL VPN
(OpenVPN) clients can connect to the WeOS unit. The unit can also be used both
as VPN server and client gateway in a NET-NET VPN scenario, using layer-2 VPN
interfaces.
As of WeOS v4.24.1, bridged LAN VPNs (i.e., bridging a layer-2 SSL VPN interface
with regular Ethernet ports on a VLAN) is not supported. Such support is planned,
but not yet implemented.
37.1 Overview of SSL VPN Management Features
Table 37.1
summarises the SSL VPN features available in WeOS. These features
are further explored in the following sections.
37.1.1 Introduction to SSL VPN
In an SSL VPN we have a VPN Server Gateway (Alice) providing secure access to
a protected network (e.g., a central office network) to one or more VPN Clients
(Bob) connecting over an insecure network such as the Internet. Bob could be
1
http://openvpn.net
OpenVPN home page,
(March 2014).
© 2018 Westermo Teleindustri AB
948