Teltonika RUT240 User Manual page 83

4g router

Hide thumbs Also See for RUT240:

User manual (152 pages)

Installation manual (19 pages)

Manual (16 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

page of 150

/ 150
Contents
Table of Contents
Bookmarks

Table of Contents

You cao set custom settiogs here accordiog to your VPN oeeds. Below is summary of parameters available to set:

Field name

Eoabled

TUN/TAP

Protocol

Port

LZO

Eocryptoo

Autheotcatoo

TLS cipher

Remote host/IP

address

10.

Resolve Retry

11.

Keep alive

12.

Remote oetwork

IP address

13.

Remote oetwork

IP oetmask

14.

Max routes

15.

HMAC

autheotcatoo

algorithm

16.

Additooal

HMAC

autheotcatoo

17.

Certfcate

authority

Explanaton

Switches coofguratoo oo aod off. This must be selected to make coofguratoo actve.

Selects virtual VPN ioterface type. TUN is most ofeo used io typical IP-level VPN coooectoosn

howevern TAP is required to some Etheroet bridgiog coofguratoos.

Defoes a traosport protocol used by coooectoo. You cao choose here betweeo TCP aod UDP.

Defoes TCP or UDP port oumber (make suren that this port allowed by frewall).

This settiog eoables LZO compressioo. With LZO compressioon your VPN coooectoo will

geoerate less oetwork traafc; howevern this meaos higher router CPU loads. Use it carefully

with high rate traafc or low CPU resources.

Selects Packet eocryptoo algorithm.

Sets autheotcatoo moden used to secure data sessioos. Two possibilites you have here:

"Statc key" meaosn that OpeoVPN clieot aod server will use the same secret keyn which must

be uploaded to the router usiog "Statc pre-shared key" optoo. "TLS" autheotcatoo mode

uses X.509 type certfcates. Depeodiog oo your selected OpeoVPN mode (clieot or server)

you have to upload these certfcates to the router:

For clieot: Certfcate Authority (CA)n Clieot certfcaten Clieot key.

For server: Certfcate Authority (CA)n Server certfcaten Server key aod Diafe-Hellmao (DH)

certfcate used to key exchaoge through uosafe data oetworks.

All meotoo certfcates cao be geoerated usiog OpeoVPN or Opeo SSL utlites oo aoy type

host machioe. Certfcate geoeratoo aod theory is out of scope of this user maoual.

Packet eocryptoo algorithm (cipher)

IP address of OpeoVPN server (applicable ooly for clieot coofguratoo).

Sets tme io secoods to try resolviog server hostoame periodically io case of frst resolve

failure before geoeratog service exceptoo.

Defoes two tme iotervals: ooe is used to periodically seod ICMP request to OpeoVPN servern

aod aoother ooe defoes a tme wiodown which is used to restart OpeoVPN servicen if oo ICPM

request is received duriog the wiodow tme slice. Example Keep Alive "10 60"

IP address of remote oetworkn ao actual LAN oetwork behiod aoother VPN eodpoiot.

Suboet mask of remote oetworkn ao actual LAN oetwork behiod aoother VPN eodpoiot.

Allow a maximum oumber of routes to be pulled from ao OpeoVPN server

Sets HMAC autheotcatoo algorithm

Add ao additooal layer of HMAC autheotcatoo oo top of the TLS cootrol chaooel to protect

agaiost DoS atacks

Certfcate authority is ao eotty that issues digital certfcates. A digital certfcate certfes the

owoership of a public key by the oamed subject of the certfcate.

Table of Contents

Teltonika RUT240 User Manual page 83

Related Manuals for Teltonika RUT240

Related Products for Teltonika RUT240

Table of Contents