Table of Contents
Advertisement
Virtual Private Networks (VPN)
Additional OpenVPN information
For more information on OpenVPN, see these resources:
Bridging vs. routing
OpenVPN/Routing
Configure an OpenVPN server
Required configuration items
Enable the OpenVPN server.
n
The OpenVPN server is enabled by default.
The mode used by the OpenVPN server, either routing (TUN), or bridging (TAP).
n
The firewall zone to be used by the OpenVPN server.
n
The IP network and subnet mask of the OpenVPN server.
n
The server's Certificate authority (CA) certificate, and public, private and Diffie-Hellman (DH)
n
keys.
An OpenVPN authentication group and an OpenVPN user.
n
Determine the method of certificate management:
n
Certificates managed by the server.
l
Certificates created externally and added to the server.
l
If certificates are managed created and added to the server, determine the level of
n
authentication:
Certificate authentication only.
l
Username and password authentication only.
l
Certificate and username and password authentication.
l
If username and password authentication is used, you must create an OpenVPN authentication
group and user. See
Certificates and keys:
n
The CA certificate (usually in a ca.crt file).
l
The Public key (for example, server.crt)
l
The Private key (for example, server.key).
l
The Diffie Hellman key (usually in dh2048.pem).
l
Active recovery configuration. See
n
about OpenVPN active recovery.
Additional configuration items
The route metric for the OpenVPN server.
n
The range of IP addresses that the OpenVPN server will provide to clients.
n
The TCP/UDP port to use. By default, the TX54 device uses port 1194.
n
Access control list configuration to restrict access to the OpenVPN server through the firewall.
n
Additional OpenVPN parameters.
n
TX54 User Guide
Configure an OpenVPN Authentication Group and User
Configure active recovery for OpenVPN
OpenVPN
for instructions.
for information
333
Advertisement
Table of Contents
