Openvpn - Baicells EG3015M-M30-HP Configuration Manual

IKE Encryption des, 3des, aes128, aes192, or aes256
IKE DH Group modp768, modp1024, modp1536, modp2048, or modp4096
IKE md5, sha1, sha256, sha384, or sha512
Authentication
ESP Encryption des, 3des, aes128, aes192, or aes256
ESP DH Group none, modp768, modp1024, modp1536, modp2048, or modp4096
ESP md5, sha1, sha256, sha384, or sha512
Authentication
Left Identifier 1-28 characters
Right Identifier 1-28 characters
KeyLife 120-604800 seconds
IKELifeTime 120-604800 seconds
RekeyMargin 120-604800 seconds
Dpdaction none, clear, hold, or restart
Dpddelay 1-300 seconds
Keyingtries 0 means forever

3.5.2 OpenVPN

OpenVPN is an open-source, Virtual Private Network (VPN) encryption protocol. As well as
being extremely secure, OpenVPN is highly customizable and can be implemented in a
number of different ways. For that reason, using this VPN method requires significant
networking experience to implement. The range of options includes remote access,
site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions. The remote
access solutions support robust capabilities such as load balancing, failover, and more
granular access controls, e.g., articles, examples, security overview, and non-English
languages.
OpenVPN implements OSI Layer 2 or 3 secure network extension using the industry
standard SSL/TLS protocol. It supports flexible client authentication methods based on
certificates, smart cards, and/or two-factor authentication, and allows user or
group-specific access control policies using firewall rules applied to the VPN interface.
Setting up OpenVPN involves configuring server and client settings. Refer to Figure 3-37,
Figure 3-38 (server), and Figure 3-39 (client) configuration fields.