Table of Contents
Advertisement
Virtual Private Networks (VPN)
Command line
1. Log into the IX20 command line as a user with full Admin access rights.
Depending on your device configuration, you may be presented with an Access selection
menu. Type admin to access the Admin CLI.
2. At the command line, type config to enter configuration mode:
> config
(config)>
3. At the config prompt, type:
(config)> add vpn openvpn server name
(config vpn openvpn server name)>
where name is the name of the OpenVPN server.
The OpenVPN server is enabled by default. To disable the server, type:
(config vpn openvpn server name)> enable false
(config vpn openvpn server name)>
4. Set the mode used by the OpenVPN server:
(config vpn openvpn server name)> device_type value
(config vpn openvpn server name)>
where value is one of:
TUN (OpenVPN managed)—Also known as routing mode. Each OpenVPN client is
n
assigned a different IP subnet from the OpenVPN server and other OpenVPN clients.
OpenVPN clients use Network Address Translation (NAT) to route traffic from devices
connected on its LAN interfaces to the OpenVPN server.
TAP - OpenVPN managed—Also know as bridging mode. A more advanced
n
implementation of OpenVPN. The IX20 device creates an OpenVPN interface and uses
standard interface configuration (for example, a standard DHCP server configuration).
TAP - Device only—An alternate form of OpenVPN bridging mode, in which the device,
n
rather than OpenVPN, controls the interface configuration. If this method is is, the
OpenVPN server must be included as a device in either an interface or a bridge.
See
OpenVPN
5. If tap or tun are set for device_type:
a. Set the IP address and subnet mask of the OpenVPN server.
(config vpn openvpn server name)> address ip_address/netmask
(config vpn openvpn server name)>
IX20 User Guide
for information about OpenVPN modes. The default is tun.
OpenVPN
342
Advertisement
Table of Contents
