Teltonika RUT240 User Manual page 83

4g router

Hide thumbs Also See for RUT240:

User manual (152 pages)

Installation manual (19 pages)

Manual (16 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

page of 150

/ 150
Contents
Table of Contents
Bookmarks

Table of Contents

You can set custom settings here according to your VPN needs. Below is summary of parameters available to set:

Field name

Enabled

TUN/TAP

Protocol

Port

LZO

Encryption

Authentication

TLS cipher

Remote host/IP

address

10.

Resolve Retry

11.

Keep alive

12.

Remote network

IP address

13.

Remote network

IP netmask

14.

Max routes

15.

HMAC

authentication

algorithm

16.

Additional

HMAC

authentication

17.

Certificate

authority

18.

Client certificate

Explanation

Switches configuration on and off. This must be selected to make configuration active.

Selects virtual VPN interface type. TUN is most often used in typical IP-level VPN connections,

however, TAP is required to some Ethernet bridging configurations.

Defines a transport protocol used by connection. You can choose here between TCP and UDP.

Defines TCP or UDP port number (make sure, that this port allowed by firewall).

This setting enables LZO compression. With LZO compression, your VPN connection will

generate less network traffic; however, this means higher router CPU loads. Use it carefully

with high rate traffic or low CPU resources.

Selects Packet encryption algorithm.

Sets authentication mode, used to secure data sessions. Two possibilities you have here:

"Static key" means, that OpenVPN client and server will use the same secret key, which must

be uploaded to the router using "Static pre-shared key" option. "TLS" authentication mode

uses X.509 type certificates. Depending on your selected OpenVPN mode (client or server)

you have to upload these certificates to the router:

For client: Certificate Authority (CA), Client certificate, Client key.

For server: Certificate Authority (CA), Server certificate, Server key and Diffie-Hellman (DH)

certificate used to key exchange through unsafe data networks.

All mention certificates can be generated using OpenVPN or Open SSL utilities on any type

host machine. Certificate generation and theory is out of scope of this user manual.

Packet encryption algorithm (cipher)

IP address of OpenVPN server (applicable only for client configuration).

Sets time in seconds to try resolving server hostname periodically in case of first resolve

failure before generating service exception.

Defines two time intervals: one is used to periodically send ICMP request to OpenVPN server,

and another one defines a time window, which is used to restart OpenVPN service, if no ICPM

request is received during the window time slice. Example Keep Alive "10 60"

IP address of remote network, an actual LAN network behind another VPN endpoint.

Subnet mask of remote network, an actual LAN network behind another VPN endpoint.

Allow a maximum number of routes to be pulled from an OpenVPN server

Sets HMAC authentication algorithm

Add an additional layer of HMAC authentication on top of the TLS control channel to protect

against DoS attacks

Certificate authority is an entity that issues digital certificates. A digital certificate certifies the

ownership of a public key by the named subject of the certificate.

Client certificate is a type of digital certificate that is used by client systems to make

authenticated requests to a remote server. Client certificates play a key role in many mutual

Table of Contents

Teltonika RUT240 User Manual page 83

Related Manuals for Teltonika RUT240

Related Products for Teltonika RUT240

Table of Contents